FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by Kati (administrator) on KATI-PC on 01-07-2014 22:03:45
Running from C:\Users\Kati\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2014
Ran by Kati at 2014-07-01 22:07:09
Running from C:\Users\Kati\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.1.0.3 - Swiss Academic Software)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Druckerdeinstallation für EPSON BX305 Series (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation)
EPSON BX305 Series Handbuch (HKLM-x32\...\EPSON BX305 Series Manual) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.68 - NCH Software)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxy Security (HKLM-x32\...\Foxy Security) (Version: - )
Free YouTube to MP3 Converter version 3.12.4.622 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.4.622 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{8D92969D-A6A3-44C8-9D63-D377E94F44B5}) (Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.114.09020 (HKLM-x32\...\{49D9CE9D-C8B7-B941-90E1-608044A0FC8D}) (Version: 2.0.114.09020 - Sony)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0032 - Pegatron Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.6.201404170858 - Sony Mobile Communications AB)
Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.43 - NCH Software)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-06-2014 08:27:31 Windows Update
27-06-2014 16:09:40 Windows Update
27-06-2014 16:13:31 Windows-Sicherung
29-06-2014 17:00:39 Windows-Sicherung
01-07-2014 18:50:46 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-11-27 19:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {034DE29C-F314-4EF6-AA30-F41EA690459A} - System32\Tasks\{2F89727A-459E-4B4D-930C-BBE1BB2B89DA} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {0E6756EC-AB9F-457D-9E13-8B7E0DE552CE} - System32\Tasks\{C8B02F6F-26AA-4C1E-9F11-A74638E25655} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {1DDFF83B-A000-44B2-BABD-F93C569357AB} - System32\Tasks\SDMsgUpdate (TE) => C:\Program Files (x86)\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {6909DD31-57AE-41BD-AC1D-5BB68BD52DF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-20] (Google Inc.)
Task: {7D992CC4-E9F7-45EE-BD1C-A7BAF9709211} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2548312011-2494454960-3164520827-1001Core => C:\Users\Kati\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-20] (Facebook Inc.)
Task: {90ECD563-BF9E-4787-A09A-067D6B852D30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11] (Adobe Systems Incorporated)
Task: {9315BE9E-067E-4E6D-8342-9AF58AA3CB58} - System32\Tasks\{1213522D-9C14-4C2F-92C8-B7642739D3F0} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {9419C930-531A-487B-AA2A-99024DC7722F} - System32\Tasks\{F45986F9-5137-4AEB-8D01-99429AFE06F1} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {A1B1F5E3-6EF9-401F-AD53-236250C780B5} - System32\Tasks\{AF42A676-BE29-4A78-8F78-1D534D9F6083} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {A6DCC19F-03AF-4EBF-8580-2B05A6868616} - System32\Tasks\{A7A76573-64B0-4C4E-8E1E-14D4EF6C8DFA} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {B9F43966-B617-4C1A-B8A5-3E2F75F89F93} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2548312011-2494454960-3164520827-1001UA => C:\Users\Kati\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-20] (Facebook Inc.)
Task: {C121E428-A976-49B6-86CA-98384607FBAA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E6701FA2-AD4F-4801-B4FD-906F04400206} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-20] (Google Inc.)
Task: {EB68740B-AD6D-4AEB-84BD-22535DC745B1} - System32\Tasks\{1E1D7AC9-1B64-4443-B674-9C49CA794A03} => D:\DRIVERS\09 Hotkey\Hotkey_V1.00.0032\setup.exe [2007-04-05] (Macrovision Corporation)
Task: {ED7DCDD3-8E7C-43D6-AC25-91AF9B1E5A46} - System32\Tasks\SDMsgUpdate (Local) => C:\Program Files (x86)\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2548312011-2494454960-3164520827-1001Core.job => C:\Users\Kati\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2548312011-2494454960-3164520827-1001UA.job => C:\Users\Kati\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SDMsgUpdate (Local).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
Task: C:\Windows\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
==================== Loaded Modules (whitelisted) =============
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-12-28 22:48 - 2010-10-06 18:46 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2013-09-25 00:35 - 2014-05-15 15:17 - 00598072 _____ () C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-27 18:04 - 2014-06-27 18:04 - 00043008 _____ () c:\users\kati\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt_l44w.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Kati\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-13 17:27 - 2014-02-13 17:27 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-07-18 18:18 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-11-10 23:07 - 2014-05-15 15:17 - 36966968 _____ () C:\Users\Kati\AppData\Roaming\Spotify\Data\libcef.dll
2013-09-25 00:35 - 2014-05-15 15:17 - 00886840 _____ () C:\Users\Kati\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-25 00:35 - 2014-05-15 15:17 - 00108600 _____ () C:\Users\Kati\AppData\Roaming\Spotify\Data\libegl.dll
2014-06-11 21:43 - 2014-06-11 21:43 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2014-06-21 10:34 - 2014-06-21 10:34 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^Users^Kati^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Kati^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dolby Advanced Audio v2 => "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
MSCONFIG\startupreg: EPSON BX305 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE /FU "C:\Users\Kati\AppData\Local\Temp\E_SAA52.tmp" /EF "HKCU"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Kati\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IntelPAN => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
MSCONFIG\startupreg: MedionReminder => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
MSCONFIG\startupreg: MsgTranAgt => "C:\Program Files (x86)\PHotkey\MsgTranAgt.exe"
MSCONFIG\startupreg: MsgTranAgt64 => "C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe"
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: PHotkey => "C:\Program Files (x86)\PHotkey\PHotkey.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Kati\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/01/2014 10:02:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/29/2014 07:04:44 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (06/27/2014 08:34:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 06:18:26 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (06/27/2014 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 06:03:42 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (06/22/2014 01:53:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/22/2014 00:53:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 00:53:03 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (06/21/2014 11:53:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (06/27/2014 06:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASLDR Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/22/2014 00:53:54 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/22/2014 00:52:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASLDR Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/22/2014 00:48:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet:
%%1115
Error: (06/22/2014 00:48:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/21/2014 10:19:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASLDR Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/14/2014 05:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASLDR Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/14/2014 05:54:27 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
Error: (06/14/2014 05:53:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASLDR Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/13/2014 04:22:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASLDR Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (07/01/2014 10:02:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kati\Downloads\esetsmartinstaller_enu.exe
Error: (06/29/2014 07:04:44 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (06/27/2014 08:34:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (06/27/2014 06:18:26 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (06/27/2014 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 06:03:42 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (06/22/2014 01:53:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (06/22/2014 00:53:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 00:53:03 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (06/21/2014 11:53:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
CodeIntegrity Errors:
===================================
Date: 2013-11-27 18:30:17.824
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-27 18:30:17.777
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 56%
Total physical RAM: 4007.12 MB
Available physical RAM: 1724.07 MB
Total Pagefile: 8012.42 MB
Available Pagefile: 4993.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:324.89 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:0.02 GB) NTFS
Drive e: (EPSON) (CDROM) (Total:0.22 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B2ED04DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
--- --- ---
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Spotify Ltd) C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGJE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Kati\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Kati\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2548312011-2494454960-3164520827-1001\...\Run: [Spotify Web Helper] => C:\Users\Kati\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-2548312011-2494454960-3164520827-1001\...\Run: [EPSON BX305 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Kati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kati\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9A119BA29CEBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Kati\AppData\Roaming\Mozilla\Firefox\Profiles\g2jmug2y.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 - C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Kati\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Kati\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Foxy Security - C:\Users\Kati\AppData\Roaming\Mozilla\Firefox\Profiles\g2jmug2y.default\Extensions\sys@foxysecurity.com [2014-04-28]
FF Extension: DownloadHelper - C:\Users\Kati\AppData\Roaming\Mozilla\Firefox\Profiles\g2jmug2y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-31]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-09-11]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Extension: (DVDVideoSoft) - C:\Users\Kati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\Kati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Citavi Picker) - C:\Users\Kati\AppData\Local\Google\Chrome\User Data\Default\Extensions\piehhloihgjjiomhieeddiidpekaajio [2013-12-24]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-29]
CHR HKLM-x32\...\Chrome\Extension: [piehhloihgjjiomhieeddiidpekaajio] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Chrome\ChromePicker.crx [2013-09-11]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-10-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-01 11:23 - 2014-07-01 11:24 - 00000000 ____D () C:\Users\Kati\AppData\Local\{7673B479-BF7B-4939-A23C-ACFDA9B2EECE}
2014-06-30 23:23 - 2014-06-30 23:23 - 00000000 ____D () C:\Users\Kati\AppData\Local\{4B38BE01-25D8-4DD2-AE58-0C749CC5022C}
2014-06-30 11:22 - 2014-06-30 11:22 - 00000000 ____D () C:\Users\Kati\AppData\Local\{EE6D561B-354B-4EA3-8117-EDECA720EA7B}
2014-06-29 23:22 - 2014-06-29 23:22 - 00000000 ____D () C:\Users\Kati\AppData\Local\{56C3D378-2715-4EF1-802E-A3DE0F479FC5}
2014-06-29 11:21 - 2014-06-29 11:21 - 00000000 ____D () C:\Users\Kati\AppData\Local\{A46032F2-D280-4A37-9C2B-4276B83F532F}
2014-06-27 18:38 - 2014-06-27 18:38 - 00000000 ____D () C:\Users\Kati\AppData\Local\{7381E220-46A9-48D5-86F0-2E54DE54C45A}
2014-06-22 15:42 - 2014-06-22 15:42 - 00000000 ____D () C:\Users\Kati\AppData\Local\{47ADDAD7-710E-4232-86B1-2FEA36191C54}
2014-06-21 22:24 - 2014-06-21 22:24 - 00000000 ____D () C:\Users\Kati\AppData\Local\{5F9F217F-FBC7-4D9F-9929-CFD099AEBA41}
2014-06-21 10:34 - 2014-06-21 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 10:23 - 2014-06-21 10:23 - 00000000 ____D () C:\Users\Kati\AppData\Local\{B6080E75-836A-4656-9C28-2599E8C9A97D}
2014-06-16 14:56 - 2014-06-16 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-16 14:56 - 2014-06-16 14:56 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 14:55 - 2014-06-16 14:56 - 00000000 ____D () C:\Users\Kati\AppData\Local\{1EC0E6B7-9F99-4C23-8832-2961ACD20169}
2014-06-15 12:25 - 2014-06-15 12:25 - 00000000 ____D () C:\Users\Kati\AppData\Local\{FF3342C1-0F76-4ECA-9E8F-B5202C3E5B40}
2014-06-14 17:28 - 2014-06-14 17:28 - 00000000 ____D () C:\Users\Kati\AppData\Local\{11A2E372-1315-4B9A-99EF-444DEA7431AD}
2014-06-13 17:30 - 2014-06-13 17:30 - 00000000 ____D () C:\Users\Kati\AppData\Local\{1C7F07F8-8ED6-4DBC-BB57-E38E36F68A31}
2014-06-13 16:32 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 16:32 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 16:32 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 16:32 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 16:32 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 16:32 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 16:32 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 16:32 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 16:32 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 16:32 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 16:32 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 16:32 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 16:32 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 16:32 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 16:32 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 16:32 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 16:32 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 16:32 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 16:32 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 16:32 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 16:32 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 16:32 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 16:32 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 16:32 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 16:32 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 16:32 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 16:32 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 16:32 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 16:32 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 16:32 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 16:32 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 16:32 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 16:32 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 16:32 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 16:32 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 16:32 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 16:32 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 16:32 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 16:32 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 16:32 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 16:32 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 16:32 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 16:32 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 16:32 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 16:32 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 16:32 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 16:32 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 16:32 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 16:32 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 16:32 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 16:32 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 16:32 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 16:32 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 16:32 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-13 16:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 16:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 16:32 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 16:32 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 16:32 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 16:32 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 16:32 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 16:32 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 16:32 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 16:32 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 16:32 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 16:32 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 16:31 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 16:31 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 21:44 - 2014-06-11 21:44 - 00000000 ____D () C:\Users\Kati\AppData\Local\Adobe
2014-06-11 21:43 - 2014-06-16 14:56 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 21:43 - 2014-06-16 14:56 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-11 18:05 - 2014-06-11 18:05 - 00000000 ____D () C:\Users\Kati\AppData\Local\{C24FE40B-FA32-4CB4-8460-16CCADDCEF8E}
2014-06-10 13:59 - 2014-06-10 14:06 - 1266917474 _____ () C:\Users\Kati\Downloads\hochzeitklein.mov
2014-06-10 13:54 - 2014-06-10 13:54 - 00000000 ____D () C:\Users\Kati\AppData\Local\{EC8AD7E7-F6C7-4B1F-B62A-06408E22995B}
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Users\Kati\AppData\Local\{C0E316AA-0A31-4260-A642-7F343E9DF13B}
2014-06-08 23:59 - 2014-06-08 23:59 - 00000000 ____D () C:\Users\Kati\AppData\Local\{672A8CD8-2972-4C42-8099-E620674E591F}
2014-06-08 12:02 - 2014-06-08 12:02 - 01095388 _____ (pendrivelinux.com) C:\Users\Kati\Downloads\Universal-USB-Installer-1.9.5.3.exe
2014-06-08 11:29 - 2014-06-08 11:29 - 00000000 ____D () C:\Users\Kati\AppData\Local\{6661B710-B39B-4ABD-B549-46E175E643AB}
2014-06-06 16:19 - 2014-06-06 16:20 - 00000000 ____D () C:\Users\Kati\AppData\Local\{DAEB7BD2-4A06-47C2-B95F-103EE8417584}
2014-06-05 21:38 - 2014-06-05 22:15 - 00002082 _____ () C:\Users\Kati\Downloads\FSS.txt
2014-06-05 21:37 - 2014-06-05 21:37 - 00410112 _____ (Farbar) C:\Users\Kati\Downloads\FSS.exe
2014-06-05 15:14 - 2014-06-05 15:14 - 00000000 ____D () C:\Users\Kati\AppData\Local\{CC353BDE-0280-4531-95DD-714FC7A08EA7}
2014-06-04 18:31 - 2014-06-04 18:31 - 00053213 _____ () C:\VEW.txt
2014-06-04 18:28 - 2014-06-04 18:28 - 00061440 _____ ( ) C:\Users\Kati\Desktop\VEW.exe
2014-06-04 13:18 - 2014-06-04 13:19 - 00000000 ____D () C:\Users\Kati\AppData\Local\{5B9F1A1C-4AEE-4076-BF68-06172FB30423}
2014-06-03 15:12 - 2014-06-03 15:13 - 00000000 ____D () C:\Users\Kati\AppData\Local\{2A66C048-BD9D-4BED-8699-35ADCF521BEF}
2014-06-03 03:12 - 2014-06-03 03:12 - 00000000 ____D () C:\Users\Kati\AppData\Local\{B2E04958-3888-4F64-8417-C39AC6008AA2}
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Kati\AppData\Local\{A2181A0D-51B7-49DC-97B9-34829FFC9BDE}
2014-06-02 03:11 - 2014-06-02 03:12 - 00000000 ____D () C:\Users\Kati\AppData\Local\{CA6EBB6F-FF2C-464B-AFA8-B78BF507B378}
2014-06-01 19:16 - 2014-06-01 19:16 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-01 19:16 - 2014-06-01 19:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-01 19:16 - 2014-06-01 19:16 - 00000000 ____D () C:\Users\Kati\AppData\Local\Skype
2014-06-01 19:16 - 2014-06-01 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-01 15:10 - 2014-06-01 15:11 - 00000000 ____D () C:\Users\Kati\AppData\Local\{1A2725A8-DDD5-47DD-8F17-BDBF5CD0B568}
==================== One Month Modified Files and Folders =======
2014-07-01 22:03 - 2014-05-26 22:49 - 00000000 ____D () C:\Users\Kati\Downloads\FRST-OlderVersion
2014-07-01 22:03 - 2013-11-29 01:51 - 00014390 _____ () C:\Users\Kati\Downloads\FRST.txt
2014-07-01 22:03 - 2013-11-26 14:29 - 00000000 ____D () C:\FRST
2014-07-01 22:03 - 2013-11-26 14:23 - 02083328 _____ (Farbar) C:\Users\Kati\Downloads\FRST64.exe
2014-07-01 21:59 - 2012-09-23 18:09 - 00000000 ____D () C:\Users\Kati\AppData\Roaming\Skype
2014-07-01 21:38 - 2012-09-20 19:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 21:21 - 2012-11-10 23:07 - 00000000 ____D () C:\Users\Kati\AppData\Roaming\Spotify
2014-07-01 21:08 - 2012-09-20 21:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 20:51 - 2013-07-24 18:55 - 01814759 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 19:24 - 2012-09-20 22:19 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2548312011-2494454960-3164520827-1001UA.job
2014-07-01 16:38 - 2012-09-20 19:21 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 15:50 - 2009-07-14 06:51 - 02558998 _____ () C:\Windows\setupact.log
2014-07-01 13:39 - 2013-03-30 19:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-01 11:24 - 2014-07-01 11:23 - 00000000 ____D () C:\Users\Kati\AppData\Local\{7673B479-BF7B-4939-A23C-ACFDA9B2EECE}
2014-06-30 23:23 - 2014-06-30 23:23 - 00000000 ____D () C:\Users\Kati\AppData\Local\{4B38BE01-25D8-4DD2-AE58-0C749CC5022C}
2014-06-30 22:24 - 2012-09-20 22:19 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2548312011-2494454960-3164520827-1001Core.job
2014-06-30 18:56 - 2012-11-10 23:07 - 00000000 ____D () C:\Users\Kati\AppData\Local\Spotify
2014-06-30 11:22 - 2014-06-30 11:22 - 00000000 ____D () C:\Users\Kati\AppData\Local\{EE6D561B-354B-4EA3-8117-EDECA720EA7B}
2014-06-29 23:22 - 2014-06-29 23:22 - 00000000 ____D () C:\Users\Kati\AppData\Local\{56C3D378-2715-4EF1-802E-A3DE0F479FC5}
2014-06-29 11:21 - 2014-06-29 11:21 - 00000000 ____D () C:\Users\Kati\AppData\Local\{A46032F2-D280-4A37-9C2B-4276B83F532F}
2014-06-28 13:45 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-28 13:45 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-28 13:39 - 2014-01-27 22:53 - 00000478 _____ () C:\Windows\Tasks\SDMsgUpdate (Local).job
2014-06-28 13:39 - 2014-01-27 22:53 - 00000470 _____ () C:\Windows\Tasks\SDMsgUpdate (TE).job
2014-06-27 18:38 - 2014-06-27 18:38 - 00000000 ____D () C:\Users\Kati\AppData\Local\{7381E220-46A9-48D5-86F0-2E54DE54C45A}
2014-06-27 18:09 - 2011-05-16 16:04 - 00699794 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 18:09 - 2011-05-16 16:04 - 00149644 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 18:09 - 2009-07-14 07:13 - 01620836 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 18:04 - 2014-01-08 01:12 - 00000000 ____D () C:\Users\Kati\AppData\Roaming\DropboxMaster
2014-06-27 18:04 - 2014-01-08 01:02 - 00000000 ___RD () C:\Users\Kati\Dropbox
2014-06-27 18:04 - 2014-01-08 01:00 - 00000000 ____D () C:\Users\Kati\AppData\Roaming\Dropbox
2014-06-27 18:03 - 2014-05-17 18:20 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-06-27 18:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 15:42 - 2014-06-22 15:42 - 00000000 ____D () C:\Users\Kati\AppData\Local\{47ADDAD7-710E-4232-86B1-2FEA36191C54}
2014-06-22 12:52 - 2014-01-29 16:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 22:24 - 2014-06-21 22:24 - 00000000 ____D () C:\Users\Kati\AppData\Local\{5F9F217F-FBC7-4D9F-9929-CFD099AEBA41}
2014-06-21 16:33 - 2012-09-20 19:21 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 16:33 - 2012-09-20 19:21 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 10:34 - 2014-06-21 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 10:23 - 2014-06-21 10:23 - 00000000 ____D () C:\Users\Kati\AppData\Local\{B6080E75-836A-4656-9C28-2599E8C9A97D}
2014-06-16 14:56 - 2014-06-16 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-16 14:56 - 2014-06-16 14:56 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 14:56 - 2014-06-16 14:55 - 00000000 ____D () C:\Users\Kati\AppData\Local\{1EC0E6B7-9F99-4C23-8832-2961ACD20169}
2014-06-16 14:56 - 2014-06-11 21:43 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-16 14:56 - 2014-06-11 21:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 12:25 - 2014-06-15 12:25 - 00000000 ____D () C:\Users\Kati\AppData\Local\{FF3342C1-0F76-4ECA-9E8F-B5202C3E5B40}
2014-06-14 18:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 17:50 - 2012-09-21 13:58 - 00000000 ____D () C:\Users\Kati\AppData\Roaming\SoftGrid Client
2014-06-14 17:35 - 2013-07-29 22:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 17:33 - 2013-07-25 12:48 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 17:30 - 2014-05-07 19:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-14 17:28 - 2014-06-14 17:28 - 00000000 ____D () C:\Users\Kati\AppData\Local\{11A2E372-1315-4B9A-99EF-444DEA7431AD}
2014-06-13 17:30 - 2014-06-13 17:30 - 00000000 ____D () C:\Users\Kati\AppData\Local\{1C7F07F8-8ED6-4DBC-BB57-E38E36F68A31}
2014-06-13 16:33 - 2012-09-20 19:21 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 22:11 - 2013-07-24 21:38 - 00066824 _____ () C:\Users\Kati\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-11 21:44 - 2014-06-11 21:44 - 00000000 ____D () C:\Users\Kati\AppData\Local\Adobe
2014-06-11 21:43 - 2013-12-16 21:08 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-11 21:43 - 2012-09-20 21:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-11 21:43 - 2011-07-18 19:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 18:05 - 2014-06-11 18:05 - 00000000 ____D () C:\Users\Kati\AppData\Local\{C24FE40B-FA32-4CB4-8460-16CCADDCEF8E}
2014-06-10 14:06 - 2014-06-10 13:59 - 1266917474 _____ () C:\Users\Kati\Downloads\hochzeitklein.mov
2014-06-10 13:54 - 2014-06-10 13:54 - 00000000 ____D () C:\Users\Kati\AppData\Local\{EC8AD7E7-F6C7-4B1F-B62A-06408E22995B}
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Users\Kati\AppData\Local\{C0E316AA-0A31-4260-A642-7F343E9DF13B}
2014-06-08 23:59 - 2014-06-08 23:59 - 00000000 ____D () C:\Users\Kati\AppData\Local\{672A8CD8-2972-4C42-8099-E620674E591F}
2014-06-08 12:02 - 2014-06-08 12:02 - 01095388 _____ (pendrivelinux.com) C:\Users\Kati\Downloads\Universal-USB-Installer-1.9.5.3.exe
2014-06-08 11:29 - 2014-06-08 11:29 - 00000000 ____D () C:\Users\Kati\AppData\Local\{6661B710-B39B-4ABD-B549-46E175E643AB}
2014-06-08 11:13 - 2014-06-13 16:31 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-13 16:31 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 16:20 - 2014-06-06 16:19 - 00000000 ____D () C:\Users\Kati\AppData\Local\{DAEB7BD2-4A06-47C2-B95F-103EE8417584}
2014-06-05 22:15 - 2014-06-05 21:38 - 00002082 _____ () C:\Users\Kati\Downloads\FSS.txt
2014-06-05 21:37 - 2014-06-05 21:37 - 00410112 _____ (Farbar) C:\Users\Kati\Downloads\FSS.exe
2014-06-05 15:14 - 2014-06-05 15:14 - 00000000 ____D () C:\Users\Kati\AppData\Local\{CC353BDE-0280-4531-95DD-714FC7A08EA7}
2014-06-04 18:31 - 2014-06-04 18:31 - 00053213 _____ () C:\VEW.txt
2014-06-04 18:28 - 2014-06-04 18:28 - 00061440 _____ ( ) C:\Users\Kati\Desktop\VEW.exe
2014-06-04 13:19 - 2014-06-04 13:18 - 00000000 ____D () C:\Users\Kati\AppData\Local\{5B9F1A1C-4AEE-4076-BF68-06172FB30423}
2014-06-03 18:01 - 2013-08-19 23:13 - 00000000 ____D () C:\Users\Kati\dwhelper
2014-06-03 15:13 - 2014-06-03 15:12 - 00000000 ____D () C:\Users\Kati\AppData\Local\{2A66C048-BD9D-4BED-8699-35ADCF521BEF}
2014-06-03 03:12 - 2014-06-03 03:12 - 00000000 ____D () C:\Users\Kati\AppData\Local\{B2E04958-3888-4F64-8417-C39AC6008AA2}
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Kati\AppData\Local\{A2181A0D-51B7-49DC-97B9-34829FFC9BDE}
2014-06-02 03:12 - 2014-06-02 03:11 - 00000000 ____D () C:\Users\Kati\AppData\Local\{CA6EBB6F-FF2C-464B-AFA8-B78BF507B378}
2014-06-01 19:16 - 2014-06-01 19:16 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-01 19:16 - 2014-06-01 19:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-01 19:16 - 2014-06-01 19:16 - 00000000 ____D () C:\Users\Kati\AppData\Local\Skype
2014-06-01 19:16 - 2014-06-01 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-01 19:16 - 2012-09-23 18:09 - 00000000 ____D () C:\ProgramData\Skype
2014-06-01 16:01 - 2014-05-30 14:50 - 00000000 ____D () C:\Users\Kati\Downloads\Hochzeit karte tina cf
2014-06-01 15:11 - 2014-06-01 15:10 - 00000000 ____D () C:\Users\Kati\AppData\Local\{1A2725A8-DDD5-47DD-8F17-BDBF5CD0B568}
Some content of TEMP:
====================
C:\Users\Kati\AppData\Local\Temp\avgnt.exe
C:\Users\Kati\AppData\Local\Temp\burnsetup.exe
C:\Users\Kati\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt_l44w.dll
C:\Users\Kati\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Kati\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Kati\AppData\Local\Temp\Quarantine.exe
C:\Users\Kati\AppData\Local\Temp\sjy8mvbh.dll
C:\Users\Kati\AppData\Local\Temp\vpsetup.exe
C:\Users\Kati\AppData\Local\Temp\_is6454.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 14:52
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 