Hallöchen,
hier ist nun Schritt 2:
MBAM Logdatei: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.08.2014
Suchlauf-Zeit: 14:26:51
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.01.01
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer:
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 292850
Verstrichene Zeit: 23 Min, 55 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 1
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [7ee7447dea9146f055dfffebed1543bd],
Registrierungswerte: 1
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_88, In Quarantäne, [adb8e1e0d8a32610e2ee9d48d9297789],
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 1
PUP.Optional.Softonic.A, C:\Users\Sabrina Mum Tami\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf, In Quarantäne, [95d0f1d01a6146f0a8074e65ea18e51b],
Dateien: 3
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [85e07a47b8c3b77f2868ca733dc36a96],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [2a3b9f228bf00f27bd2a900e45bf768a],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI7D74.tmp, In Quarantäne, [76ef70511b604ee8c3743af4ba46dc24],
Physische Sektoren: 0
(No malicious items detected)
(end) und nun Schritt drei:
FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by **** (administrator) on **** on 01-08-2014 15:00:26
Running from C:\Users\****\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Sabrina Mum Tami\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {263c4989-67fc-11e2-bf2f-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {4502d96c-475c-11e2-bee1-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {4502d990-475c-11e2-bee1-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {46807440-43c7-11e2-bed2-001e101f9420} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {6c6f5314-448b-11e2-bedb-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {6c6f5358-448b-11e2-bedb-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {90739d7b-46d8-11e2-bee0-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {a1e33736-4390-11e2-bed0-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {bf7b2a71-3d2c-11e2-beb7-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {bf7b2a99-3d2c-11e2-beb7-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {bf7b2ac5-3d2c-11e2-beb7-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {c9a2c5be-43c9-11e2-bed3-806e6f6e6963} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {e94fb487-422a-11e2-bece-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {eb21b911-3e0d-11e2-bebc-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {eb21b946-3e0d-11e2-bebc-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-988491291-3693754129-3637727364-1001\...\MountPoints2: {eb21b96b-3e0d-11e2-bebc-844bf5339709} - "E:\.\Setup.exe" AUTORUN=1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Erinnerungen für Microsoft Works-Kalender.lnk
ShortcutTarget: Erinnerungen für Microsoft Works-Kalender.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe (Microsoft® Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.0.lnk
ShortcutTarget: PHOTOfunSTUDIO 6.0.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {81968A3C-C8C0-45D1-BFD4-D6DB6F96682E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {81968A3C-C8C0-45D1-BFD4-D6DB6F96682E} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-07-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-07-09]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-06-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-06-17] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-25] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2012-12-03] (Huawei Technologies Co., Ltd.) [File not signed]
S3 ew_hwusbdev; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [117248 2012-12-03] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [121600 2012-12-03] (Huawei Technologies Co., Ltd.) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-05-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [616544 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-06-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-05-05] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-05-05] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [64608 2013-05-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [22528 2012-09-10] (Apple Inc.) [File not signed]
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-25] (Dritek System Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-01 14:55 - 2014-08-01 14:59 - 00001860 _____ () C:\Users\****\Desktop\mbam.txt
2014-08-01 14:26 - 2014-08-01 14:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 14:26 - 2014-08-01 14:26 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-01 14:26 - 2014-08-01 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-01 14:25 - 2014-08-01 14:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-01 14:25 - 2014-08-01 14:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 14:25 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 14:25 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 14:25 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 14:24 - 2014-08-01 14:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\****\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-01 14:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-01 14:14 - 2014-08-01 14:15 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:12 - 2014-08-01 14:12 - 01361309 _____ () C:\Users\****\Desktop\adwcleaner_3.302.exe
2014-08-01 12:45 - 2014-08-01 12:46 - 00037741 _____ () C:\Users\****\Desktop\Addition.txt
2014-08-01 12:43 - 2014-08-01 15:00 - 00020350 _____ () C:\Users\****\Desktop\FRST.txt
2014-08-01 12:42 - 2014-08-01 15:00 - 00000000 ____D () C:\FRST
2014-08-01 12:40 - 2014-08-01 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-01 12:40 - 2014-08-01 12:41 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-01 12:38 - 2014-08-01 12:38 - 01444352 _____ () C:\Users\****\Desktop\7z922-x64.msi
2014-08-01 12:22 - 2014-08-01 12:22 - 01580420 _____ () C:\Users\****\Desktop\FRST64.zip
2014-08-01 11:59 - 2014-08-01 11:59 - 02094080 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-08-01 11:19 - 2014-08-01 11:19 - 01083476 _____ () C:\Users\****\Desktop\FRST.com
2014-08-01 11:12 - 2014-08-01 11:15 - 00002186 _____ () C:\Users\****\Desktop\Rkill.txt
2014-08-01 11:11 - 2014-08-01 11:11 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\****\Desktop\rkill.com
2014-08-01 11:05 - 2014-08-01 11:07 - 00001240 _____ () C:\Users\****\Desktop\FixExec.txt
2014-08-01 11:04 - 2014-08-01 11:04 - 00883616 _____ (Bleeping Computer, LLC) C:\Users\****\Desktop\FixExec.com
2014-07-31 17:58 - 2014-07-31 17:58 - 00000000 ____D () C:\Windows\pss
2014-07-31 17:28 - 2014-07-31 17:29 - 17279700 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (6).exe
2014-07-31 17:27 - 2014-07-31 17:29 - 17260816 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (5).exe
2014-07-30 20:04 - 2014-07-31 17:29 - 17288956 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (4).exe
2014-07-30 11:11 - 2014-07-30 11:11 - 17221636 _____ () C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-07-29 16:46 - 2014-07-29 16:46 - 17230324 _____ () C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-15 10:20 - 2014-07-15 10:21 - 00420288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-12 13:48 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 13:47 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 13:47 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 13:32 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 11:24 - 2014-07-10 11:27 - 17209996 _____ (Malwarebytes Corporation ) C:\Users\Sabrina Mum Tami\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-09 18:46 - 2014-08-01 00:49 - 00002330 _____ () C:\Users\****\Desktop\Sicherer Zahlungsverkehr.lnk
2014-07-09 18:46 - 2014-07-09 18:46 - 00001325 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-07-09 18:46 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 18:45 - 2014-07-09 18:45 - 00001124 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-07-09 18:45 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 18:45 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-07-09 18:44 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 18:44 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 18:44 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 18:44 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 18:44 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 18:44 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 18:44 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 18:44 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 18:44 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 18:44 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 18:44 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 18:44 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 18:44 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 18:44 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 18:44 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 18:44 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 18:44 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 18:44 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 18:44 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 18:44 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 18:42 - 2014-08-01 14:58 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-09 18:42 - 2014-07-09 18:42 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-09 18:42 - 2013-06-08 20:18 - 00616544 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-09 18:42 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-09 17:54 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 17:54 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 17:54 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 17:54 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 17:30 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 17:27 - 2014-07-09 17:27 - 00003364 _____ () C:\Windows\System32\Tasks\{D0F9DC7E-8E00-45C9-A792-528F83A68E0A}
2014-07-09 17:23 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 17:23 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 17:23 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 17:23 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 17:23 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 17:23 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 17:23 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 17:23 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 17:23 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 17:23 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 17:23 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-09 16:47 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:47 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 16:28 - 2014-07-09 16:28 - 17227000 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 19:05 - 2014-07-05 19:05 - 00003274 _____ () C:\Windows\System32\Tasks\nudbip
2014-07-05 19:05 - 2014-07-05 19:05 - 00000268 _____ () C:\Users\****\AppData\Local\nudbip.bat
2014-07-05 19:05 - 2014-07-05 19:04 - 00591320 _____ (ClickMeIn Limited) C:\Users\****\AppData\Local\nsu8B42.tmp
2014-07-05 19:04 - 2014-08-01 14:15 - 00001100 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-05 19:03 - 2014-07-05 19:03 - 00003272 _____ () C:\Windows\System32\Tasks\hijkl
2014-07-05 19:03 - 2014-07-05 19:03 - 00000000 ____D () C:\Users\****\AppData\Local\com
2014-07-05 19:02 - 2014-07-05 19:02 - 00003276 _____ () C:\Windows\System32\Tasks\utcbaov
2014-07-05 18:58 - 2014-07-05 18:58 - 00003272 _____ () C:\Windows\System32\Tasks\prtve
2014-07-05 18:57 - 2014-07-05 19:05 - 00000000 ____D () C:\Users\****\AppData\Local\parent_07051657
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-01 15:00 - 2014-08-01 12:43 - 00020350 _____ () C:\Users\****\Desktop\FRST.txt
2014-08-01 15:00 - 2014-08-01 12:42 - 00000000 ____D () C:\FRST
2014-08-01 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-01 14:59 - 2014-08-01 14:55 - 00001860 _____ () C:\Users\****\Desktop\mbam.txt
2014-08-01 14:58 - 2014-07-09 18:42 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-01 14:57 - 2012-08-26 08:30 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-08-01 14:57 - 2012-08-26 08:30 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-08-01 14:57 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 14:56 - 2013-01-07 07:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 14:53 - 2014-08-01 14:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 14:53 - 2013-05-30 20:18 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 14:52 - 2012-08-03 09:35 - 00104678 _____ () C:\Windows\PFRO.log
2014-08-01 14:52 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 14:51 - 2014-05-18 16:17 - 00000000 ____D () C:\temp
2014-08-01 14:26 - 2014-08-01 14:26 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-01 14:26 - 2014-08-01 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-01 14:26 - 2014-08-01 14:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-01 14:25 - 2014-08-01 14:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 14:24 - 2014-08-01 14:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\****\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-01 14:17 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-08-01 14:15 - 2014-08-01 14:14 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:15 - 2014-07-05 19:04 - 00001100 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-01 14:12 - 2014-08-01 14:12 - 01361309 _____ () C:\Users\****\Desktop\adwcleaner_3.302.exe
2014-08-01 14:03 - 2013-05-30 20:19 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 12:52 - 2012-11-07 21:13 - 01559989 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 12:46 - 2014-08-01 12:45 - 00037741 _____ () C:\Users\****\Desktop\Addition.txt
2014-08-01 12:41 - 2014-08-01 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-01 12:41 - 2014-08-01 12:40 - 00000000 ____D () C:\Program Files\7-Zip
2014-08-01 12:38 - 2014-08-01 12:38 - 01444352 _____ () C:\Users\****\Desktop\7z922-x64.msi
2014-08-01 12:22 - 2014-08-01 12:22 - 01580420 _____ () C:\Users\****\Desktop\FRST64.zip
2014-08-01 12:22 - 2012-11-07 23:37 - 00000000 ____D () C:\Users\****\AppData\Local\CrashDumps
2014-08-01 11:59 - 2014-08-01 11:59 - 02094080 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2014-08-01 11:19 - 2014-08-01 11:19 - 01083476 _____ () C:\Users\****\Desktop\FRST.com
2014-08-01 11:15 - 2014-08-01 11:12 - 00002186 _____ () C:\Users\****\Desktop\Rkill.txt
2014-08-01 11:11 - 2014-08-01 11:11 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\****\Desktop\rkill.com
2014-08-01 11:07 - 2014-08-01 11:05 - 00001240 _____ () C:\Users\****\Desktop\FixExec.txt
2014-08-01 11:04 - 2014-08-01 11:04 - 00883616 _____ (Bleeping Computer, LLC) C:\Users\****\Desktop\FixExec.com
2014-08-01 00:49 - 2014-07-09 18:46 - 00002330 _____ () C:\Users\****\Desktop\Sicherer Zahlungsverkehr.lnk
2014-07-31 23:47 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-31 17:58 - 2014-07-31 17:58 - 00000000 ____D () C:\Windows\pss
2014-07-31 17:29 - 2014-07-31 17:28 - 17279700 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (6).exe
2014-07-31 17:29 - 2014-07-31 17:27 - 17260816 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (5).exe
2014-07-31 17:29 - 2014-07-30 20:04 - 17288956 _____ (Malwarebytes Corporation ) C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (4).exe
2014-07-30 20:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-30 16:04 - 2013-06-10 14:34 - 00000000 ____D () C:\ProgramData\Skype
2014-07-30 15:46 - 2013-12-21 20:31 - 00124928 ___SH () C:\Users\****\Downloads\Thumbs.db
2014-07-30 11:11 - 2014-07-30 11:11 - 17221636 _____ () C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-07-29 17:04 - 2012-11-07 21:20 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-988491291-3693754129-3637727364-1001
2014-07-29 16:46 - 2014-07-29 16:46 - 17230324 _____ () C:\Users\****\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-29 16:25 - 2012-11-07 22:10 - 00000000 ____D () C:\Users\****\Desktop\Eigene Bilder
2014-07-29 15:29 - 2014-06-15 12:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 15:29 - 2013-01-06 15:55 - 00000000 ____D () C:\Users\****\AppData\Roaming\Mozilla
2014-07-27 00:15 - 2013-06-10 14:34 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2014-07-26 20:49 - 2012-11-07 19:29 - 00000000 ____D () C:\Users\****\AppData\Roaming\ForumVerlag
2014-07-15 10:21 - 2014-07-15 10:20 - 00420288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 03:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-14 03:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 16:47 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 12:51 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-10 11:27 - 2014-07-10 11:24 - 17209996 _____ (Malwarebytes Corporation ) C:\Users\Sabrina Mum Tami\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-10 11:27 - 2012-11-07 22:10 - 00000000 ____D () C:\Users\****\Desktop\****
2014-07-10 09:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 09:16 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 21:56 - 2013-01-07 07:56 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 19:15 - 2014-01-06 19:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 19:11 - 2013-01-06 10:17 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 18:46 - 2014-07-09 18:46 - 00001325 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-07-09 18:45 - 2014-07-09 18:45 - 00001124 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-07-09 18:42 - 2014-07-09 18:42 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-09 18:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-09 17:27 - 2014-07-09 17:27 - 00003364 _____ () C:\Windows\System32\Tasks\{D0F9DC7E-8E00-45C9-A792-528F83A68E0A}
2014-07-09 16:28 - 2014-07-09 16:28 - 17227000 _____ (Malwarebytes Corporation ) C:\Users\Sabrina Mum Tami\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-09 16:00 - 2013-01-05 21:58 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-07-09 16:00 - 2013-01-05 21:57 - 00000000 ____D () C:\Program Files\McAfee
2014-07-09 16:00 - 2012-08-03 09:46 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-09 15:56 - 2014-01-04 19:32 - 00000000 ____D () C:\Users\****\Documents\McAfee-Tresore
2014-07-09 15:00 - 2012-07-26 09:21 - 00045464 _____ () C:\Windows\setupact.log
2014-07-07 09:19 - 2012-11-07 21:28 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-06 20:58 - 2012-11-07 21:49 - 00000000 ____D () C:\Users\****\Desktop\Eigene Dateien
2014-07-06 20:58 - 2012-08-03 09:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-06 16:24 - 2013-07-20 13:05 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-05 19:05 - 2014-07-05 19:05 - 00003274 _____ () C:\Windows\System32\Tasks\nudbip
2014-07-05 19:05 - 2014-07-05 19:05 - 00000268 _____ () C:\Users\****\AppData\Local\nudbip.bat
2014-07-05 19:05 - 2014-07-05 18:57 - 00000000 ____D () C:\Users\****\AppData\Local\parent_07051657
2014-07-05 19:04 - 2014-07-05 19:05 - 00591320 _____ (ClickMeIn Limited) C:\Users\****\AppData\Local\nsu8B42.tmp
2014-07-05 19:03 - 2014-07-05 19:03 - 00003272 _____ () C:\Windows\System32\Tasks\hijkl
2014-07-05 19:03 - 2014-07-05 19:03 - 00000000 ____D () C:\Users\****\AppData\Local\com
2014-07-05 19:02 - 2014-07-05 19:02 - 00003276 _____ () C:\Windows\System32\Tasks\utcbaov
2014-07-05 18:58 - 2014-07-05 18:58 - 00003272 _____ () C:\Windows\System32\Tasks\prtve
2014-07-04 14:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.5840.dll
Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-31 11:07
==================== End Of Log ============================ --- --- ---
Addition txt.: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by **** at 2014-08-01 15:02:59
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
"Professionelle Entwicklungsberichte Nov 2011" (HKLM-x32\...\{58F076B2-160B-47F5-96FF-93AD12BF5A91}) (Version: - )
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
bhv Vokabeltrainer 3.0 (HKLM-x32\...\{3A1AF860-2EB4-40EB-9827-17575880D3CE}) (Version: 3.00.0000 - bhv)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
Fotosizer 1.36 (HKLM-x32\...\Fotosizer) (Version: 1.36 - Fotosizer.com)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Word 2002 (HKLM-x32\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Works 2000 (HKLM-x32\...\{56364334-9530-11D2-BFFC-00C04FA329AA}) (Version: 1.0.0.0000 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3102 - Acer)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PHOTOfunSTUDIO 6.0 (HKLM-x32\...\{B62A8A6F-5E48-4336-BF13-1632D5921872}) (Version: 6.00.135 - Panasonic Corporation)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-07-2014 14:46:10 Windows Update
23-07-2014 12:34:35 Geplanter Prüfpunkt
27-07-2014 09:36:49 Removed Java 7 Update 45
30-07-2014 14:03:01 Removed Skype™ 6.16
01-08-2014 10:39:36 Installed 7-Zip 9.22 (x64 edition)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {17E4CA9F-25FD-494E-BB74-B84A209FCA12} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2328AFA5-2034-4E50-8C03-434797C3A303} - System32\Tasks\prtve => C:\Users\Sabrina Mum Tami\AppData\Local\prtve.bat
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {301568F0-A1D0-4C2F-A0BB-38A509665088} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {340F80DD-8486-47DE-ADD3-A13E8A743E4D} - System32\Tasks\hijkl => C:\Users\Sabrina Mum Tami\AppData\Local\hijkl.bat
Task: {3E0421B6-C537-4EBA-BDDD-5264D4EB9B9C} - System32\Tasks\nudbip => C:\Users\Sabrina Mum Tami\AppData\Local\nudbip.bat [2014-07-05] ()
Task: {5031E43D-8433-478B-ADEF-ED7A3609D51E} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {62326D6D-B9EC-45F3-B4AA-DE599C576C87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.)
Task: {6A61A537-A9E4-47E1-B1F7-27D0320F8505} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {7C3C82A6-F5FF-49E6-84A8-3BCCD8C3CEFD} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {87435879-8822-4EA7-BEE4-0333BF295B58} - System32\Tasks\utcbaov => C:\Users\Sabrina Mum Tami\AppData\Local\utcbaov.bat
Task: {98CEFDC9-4187-453C-A3B4-C49FB9152592} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {9A3316D9-C152-4276-96B2-AE974CC1E5EB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {A38BD126-07B0-4F4F-B87F-091FF244C31D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DB52C38A-7BED-4C11-8C09-4DA13108FB1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F4AC4701-4A00-46EE-9E72-0AEA77C1B6F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.)
Task: {F83191E3-E913-4DC2-BE22-C614E7BF5FB0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-11-07 21:28 - 2009-02-10 18:01 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-05-26 12:54 - 2014-05-26 12:55 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-09 11:12 - 2012-08-08 17:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-25 22:47 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "PHOTOfunSTUDIO 6.0.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Erinnerungen für Microsoft Works-Kalender.lnk"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "AnyProtect Scanner"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/01/2014 01:05:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 01:05:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 01:05:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 01:04:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 01:04:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 01:04:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 00:22:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.17028, Zeitstempel: 0x53a20947
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x53645e25
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00023e60
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (08/01/2014 00:14:53 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 00:14:53 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (08/01/2014 00:14:53 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
System errors:
=============
Error: (08/01/2014 02:27:10 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: Mahakala)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-988491291-3693754129-3637727364-1001-0-ntuser.dat
Error: (08/01/2014 02:26:52 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: Mahakala)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-988491291-3693754129-3637727364-1001-0-ntuser.dat
Error: (08/01/2014 02:06:18 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (08/01/2014 01:58:27 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (08/01/2014 01:58:27 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 47.
Error: (08/01/2014 01:57:57 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (08/01/2014 01:57:15 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (08/01/2014 01:57:02 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (08/01/2014 01:56:43 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (08/01/2014 01:53:58 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Microsoft Office Sessions:
=========================
Error: (08/01/2014 01:05:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (08/01/2014 01:05:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (08/01/2014 01:05:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (08/01/2014 01:04:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (08/01/2014 01:04:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (08/01/2014 01:04:05 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (08/01/2014 00:22:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1702853a20947ntdll.dll6.2.9200.1691253645e25c000000500023e60e2c01cfad6cdc1eaabbC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dllb4534b92-1965-11e4-853f-b888e35995e8
Error: (08/01/2014 00:14:53 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (08/01/2014 00:14:53 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (08/01/2014 00:14:53 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 8005.27 MB
Available physical RAM: 6173.57 MB
Total Pagefile: 9221.27 MB
Available Pagefile: 7521.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:446.19 GB) (Free:368.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 659D2CAA)
Partition: GPT Partition Type.
==================== End Of Log ============================
LG |