Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=066b027e9cf9784a8538df02d82fe2d7
# engine=14509
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-23 06:34:52
# local_time=2013-07-23 08:34:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 85 91 472762 151271164 0 0
# compatibility_mode=5893 16776574 100 94 10761288 34067403 0 0
# compatibility_mode=9217 16776894 75 4 3933325 3933325 0 0
# scanned=190227
# found=0
# cleaned=0
# scan_time=2981
Code:
Results of screen317's Security Check version 0.99.70
x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Windows Defender
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
CheckPoint ZoneAlarm vsmon.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2013
Ran by Gesa (administrator) on 23-07-2013 08:44:01
Running from C:\Users\Gesa\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe
(Dropbox, Inc.) C:\Users\Gesa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [ISW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [1127592 2012-11-22] (Check Point Software Technologies)
HKCU\...\Run: [Driver Mender] - C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe [4036976 2013-07-16] (PC Drivers Headquarters)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [ZoneAlarm] - "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
Startup: C:\Users\Gesa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Gesa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {458F81A2-AB83-49E5-AB35-209537637518} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {458F81A2-AB83-49E5-AB35-209537637518} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {458F81A2-AB83-49E5-AB35-209537637518} URL =
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default\searchplugins\leo-eng-deu-v20.xml
FF Extension: No Name - C:\Users\Gesa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: zonealarm.com - C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: LEO Suche - C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}
FF Extension: No Name - C:\Users\Gesa\AppData\Roaming\Mozilla\Firefox\Profiles\wz30lo2y.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-17] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-17] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-23 07:42 - 2013-07-23 07:42 - 02347384 _____ (ESET) C:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
2013-07-23 07:41 - 2013-07-23 07:41 - 00891062 _____ C:\Users\Gesa\Desktop\SecurityCheck.exe
2013-07-23 01:36 - 2013-07-23 01:36 - 00003892 _____ C:\Users\Gesa\Desktop\JRT.txt
2013-07-23 01:32 - 2013-07-23 01:32 - 00000000 ____D C:\windows\ERUNT
2013-07-23 01:25 - 2013-07-23 01:26 - 00003975 _____ C:\AdwCleaner[S1].txt
2013-07-23 01:23 - 2013-07-23 01:23 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Gesa\Desktop\JRT.exe
2013-07-23 01:22 - 2013-07-23 01:22 - 00666633 _____ C:\Users\Gesa\Desktop\adwcleaner.exe
2013-07-22 18:45 - 2013-07-22 19:54 - 00000000 ____D C:\ComboFix
2013-07-22 18:45 - 2013-07-22 18:45 - 00000659 _____ C:\Users\Gesa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ComboFix.lnk
2013-07-22 05:38 - 2013-07-22 05:44 - 00000000 ____D C:\windows\erdnt
2013-07-22 05:38 - 2013-07-22 05:38 - 00000000 ____D C:\Qoobox
2013-07-22 05:38 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2013-07-22 05:38 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2013-07-22 05:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-07-22 05:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-07-22 05:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-07-22 05:38 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2013-07-22 05:38 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2013-07-22 05:38 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2013-07-22 05:38 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2013-07-22 05:33 - 2013-07-22 05:33 - 05091940 ____R (Swearware) C:\Users\Gesa\Desktop\ComboFix.exe
2013-07-22 04:03 - 2013-07-22 20:04 - 00030627 _____ C:\Users\Gesa\Desktop\Addition.txt
2013-07-22 04:02 - 2013-07-22 04:02 - 00000000 ____D C:\FRST
2013-07-22 04:01 - 2013-07-22 04:01 - 01779363 _____ (Farbar) C:\Users\Gesa\Desktop\FRST64.exe
2013-07-22 03:45 - 2013-07-22 03:45 - 00377856 _____ C:\Users\Gesa\Desktop\gmer_2.1.19163.exe
2013-07-22 03:35 - 2013-07-22 03:35 - 00602112 _____ (OldTimer Tools) C:\Users\Gesa\Desktop\OTL.exe
2013-07-22 03:34 - 2013-07-22 03:34 - 00000470 _____ C:\Users\Gesa\Desktop\defogger_disable.log
2013-07-22 03:34 - 2013-07-22 03:34 - 00000000 _____ C:\Users\Gesa\defogger_reenable
2013-07-22 03:33 - 2013-07-22 03:33 - 00050477 _____ C:\Users\Gesa\Desktop\Defogger.exe
2013-07-21 19:26 - 2013-07-21 19:26 - 00000000 ____D C:\Users\Gesa\Documents\CyberLink
2013-07-17 21:13 - 2013-07-22 06:20 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-17 21:13 - 2013-07-17 21:13 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-17 21:13 - 2013-07-17 21:13 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-17 21:13 - 2013-07-17 21:13 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-17 21:12 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\windows\avastSS.scr
2013-07-17 21:02 - 2013-07-17 21:02 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\Zip Opener Packages
2013-07-17 21:00 - 2013-07-17 21:00 - 00793536 _____ C:\Users\Gesa\Downloads\ZipOpenerSetup.exe
2013-07-17 20:50 - 2013-07-17 20:50 - 00004294 _____ C:\windows\System32\Tasks\Driver Mender-RTMScan
2013-07-17 20:50 - 2013-07-17 20:50 - 00003758 _____ C:\windows\System32\Tasks\Driver Mender-RTMUpdater
2013-07-17 20:50 - 2013-07-17 20:50 - 00003748 _____ C:\windows\System32\Tasks\Driver Mender-RTMRules
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\Users\Gesa\Downloads\Driver Mender
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\Users\Gesa\AppData\Local\PC_Drivers_Headquarters
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\ProgramData\UAB
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\ProgramData\Driver Mender
2013-07-17 20:32 - 2013-07-17 20:32 - 00000000 ____D C:\Program Files (x86)\Driver Mender
2013-07-17 20:28 - 2013-07-17 20:29 - 02060320 _____ (Driver Mender) C:\Users\Gesa\Downloads\DriverMender.exe
2013-07-17 20:11 - 2013-07-17 20:11 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\InstallShield
2013-07-17 20:11 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\EpPicPrt.dll
2013-07-17 20:11 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\EPPicMgr.dll
2013-07-17 20:11 - 2006-10-31 00:10 - 00000097 _____ C:\windows\SysWOW64\PICSDK.ini
2013-07-17 20:11 - 2006-10-20 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICSDK2.dll
2013-07-17 20:11 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICEntry.dll
2013-07-17 20:11 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICSDK.dll
2013-07-17 20:11 - 2005-06-01 00:20 - 00111932 _____ C:\windows\SysWOW64\EPPICPrinterDB.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00031053 _____ C:\windows\SysWOW64\EPPICPattern131.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00027417 _____ C:\windows\SysWOW64\EPPICPattern121.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00026154 _____ C:\windows\SysWOW64\EPPICPattern1.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00024903 _____ C:\windows\SysWOW64\EPPICPattern3.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00021390 _____ C:\windows\SysWOW64\EPPICPattern5.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00020148 _____ C:\windows\SysWOW64\EPPICPattern2.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00013732 _____ C:\windows\SysWOW64\EPPICLocal_EN.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00011811 _____ C:\windows\SysWOW64\EPPICPattern4.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00006442 _____ C:\windows\SysWOW64\EPPICLocal_IT.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006347 _____ C:\windows\SysWOW64\EPPICLocal_PT.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006347 _____ C:\windows\SysWOW64\EPPICLocal_BP.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006335 _____ C:\windows\SysWOW64\EPPICLocal_GE.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006195 _____ C:\windows\SysWOW64\EPPICLocal_FR.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006195 _____ C:\windows\SysWOW64\EPPICLocal_CF.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006122 _____ C:\windows\SysWOW64\EPPICLocal_DU.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00006103 _____ C:\windows\SysWOW64\EPPICLocal_ES.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00005817 _____ C:\windows\SysWOW64\EPPICLocal_KO.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00005436 _____ C:\windows\SysWOW64\EPPICLocal_SC.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00004943 _____ C:\windows\SysWOW64\EPPICPattern6.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00002889 _____ C:\windows\SysWOW64\EPPICLocal_RU.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00002426 _____ C:\windows\SysWOW64\EPPICLocal_TC.cfg
2013-07-17 20:11 - 2004-03-03 06:10 - 00001146 _____ C:\windows\SysWOW64\EPPICPresetData_DU.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001139 _____ C:\windows\SysWOW64\EPPICPresetData_PT.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001139 _____ C:\windows\SysWOW64\EPPICPresetData_BP.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001136 _____ C:\windows\SysWOW64\EPPICPresetData_ES.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001129 _____ C:\windows\SysWOW64\EPPICPresetData_FR.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001129 _____ C:\windows\SysWOW64\EPPICPresetData_CF.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001120 _____ C:\windows\SysWOW64\EPPICPresetData_IT.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001107 _____ C:\windows\SysWOW64\EPPICPresetData_GE.dat
2013-07-17 20:11 - 2004-03-03 06:10 - 00001104 _____ C:\windows\SysWOW64\EPPICPresetData_EN.dat
2013-07-17 20:10 - 2013-07-17 20:10 - 02597888 _____ C:\Users\Gesa\Downloads\epson320037eu.exe
2013-07-17 19:57 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-07-17 19:57 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-07-17 19:57 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-07-17 19:56 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-07-17 19:56 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-07-17 19:56 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-07-17 19:56 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-07-17 19:56 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-07-17 19:56 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-07-17 19:56 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-07-17 19:56 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-07-17 19:56 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-07-17 19:56 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 19:56 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-07-17 19:56 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-07-17 19:56 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 19:56 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-07-17 19:56 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-07-17 19:56 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-07-17 19:56 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-17 19:56 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-07-17 19:56 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-07-17 19:56 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-07-17 19:56 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-07-17 19:56 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-07-17 19:56 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-07-17 19:56 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-07-17 19:56 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-07-17 19:56 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-07-17 19:56 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-07-17 19:56 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-07-17 19:56 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-07-17 19:56 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-07-17 19:56 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-07-17 19:56 - 2013-05-20 02:08 - 00386642 _____ C:\windows\system32\ApnDatabase.xml
2013-07-17 10:19 - 2013-07-17 10:19 - 00356616 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 20:57 - 2013-06-28 00:04 - 00693112 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 20:57 - 2013-06-28 00:04 - 00078200 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-16 20:52 - 2013-07-16 20:52 - 00286400 _____ C:\windows\Minidump\071613-40875-01.dmp
2013-07-15 16:12 - 2013-07-15 16:12 - 00000000 ____D C:\Users\Gesa\Documents\Ausbildung Personzentrierte Beratung
2013-07-14 09:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-14 09:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-14 09:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-14 09:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-14 09:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-14 09:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-14 09:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-14 09:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-14 09:35 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-14 09:35 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-14 09:35 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-14 09:35 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-14 09:35 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-14 09:35 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-14 09:35 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-14 09:35 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-14 09:35 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-14 09:35 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-14 09:35 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-14 09:35 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-14 09:35 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-14 09:35 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-14 09:35 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-14 09:35 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-03 11:40 - 2013-07-03 11:42 - 00000000 ____D C:\Users\Gesa\Documents\Freiwilligen Kolleg 2014
2013-07-03 09:05 - 2013-07-03 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-07-23 08:42 - 2012-11-02 05:45 - 00000360 _____ C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2013-07-23 08:35 - 2013-01-07 10:42 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3140881342-1294397179-3039362648-1001
2013-07-23 08:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2013-07-23 07:59 - 2013-03-15 16:01 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-23 07:51 - 2012-11-02 04:20 - 01613944 _____ C:\windows\WindowsUpdate.log
2013-07-23 07:42 - 2013-07-23 07:42 - 02347384 _____ (ESET) C:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
2013-07-23 07:41 - 2013-07-23 07:41 - 00891062 _____ C:\Users\Gesa\Desktop\SecurityCheck.exe
2013-07-23 07:34 - 2012-11-02 20:24 - 00754172 _____ C:\windows\system32\perfh007.dat
2013-07-23 07:34 - 2012-11-02 20:24 - 00156362 _____ C:\windows\system32\perfc007.dat
2013-07-23 07:34 - 2012-07-26 09:28 - 01748838 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-23 07:33 - 2012-11-02 05:35 - 00000000 ____D C:\ProgramData\WinClon
2013-07-23 07:32 - 2013-01-10 23:17 - 00000000 ___RD C:\Users\Gesa\Dropbox
2013-07-23 07:32 - 2013-01-10 23:13 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\Dropbox
2013-07-23 07:31 - 2013-01-07 10:35 - 00000000 ____D C:\Users\Gesa\AppData\Local\CrashDumps
2013-07-23 07:31 - 2012-11-02 05:25 - 00000868 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-07-23 02:29 - 2013-01-13 11:36 - 00000000 ____D C:\Users\Gesa\Documents\Citavi 3
2013-07-23 01:36 - 2013-07-23 01:36 - 00003892 _____ C:\Users\Gesa\Desktop\JRT.txt
2013-07-23 01:32 - 2013-07-23 01:32 - 00000000 ____D C:\windows\ERUNT
2013-07-23 01:28 - 2013-01-07 13:09 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\CheckPoint
2013-07-23 01:27 - 2012-08-05 23:07 - 00729648 _____ C:\windows\PFRO.log
2013-07-23 01:27 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-23 01:26 - 2013-07-23 01:25 - 00003975 _____ C:\AdwCleaner[S1].txt
2013-07-23 01:23 - 2013-07-23 01:23 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Gesa\Desktop\JRT.exe
2013-07-23 01:22 - 2013-07-23 01:22 - 00666633 _____ C:\Users\Gesa\Desktop\adwcleaner.exe
2013-07-22 20:04 - 2013-07-22 04:03 - 00030627 _____ C:\Users\Gesa\Desktop\Addition.txt
2013-07-22 19:54 - 2013-07-22 18:45 - 00000000 ____D C:\ComboFix
2013-07-22 19:02 - 2012-07-26 07:26 - 00000215 _____ C:\windows\system.ini
2013-07-22 18:45 - 2013-07-22 18:45 - 00000659 _____ C:\Users\Gesa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ComboFix.lnk
2013-07-22 16:46 - 2012-11-02 05:25 - 00000870 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-07-22 16:26 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-07-22 06:20 - 2013-07-17 21:13 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-22 05:44 - 2013-07-22 05:38 - 00000000 ____D C:\windows\erdnt
2013-07-22 05:38 - 2013-07-22 05:38 - 00000000 ____D C:\Qoobox
2013-07-22 05:33 - 2013-07-22 05:33 - 05091940 ____R (Swearware) C:\Users\Gesa\Desktop\ComboFix.exe
2013-07-22 04:02 - 2013-07-22 04:02 - 00000000 ____D C:\FRST
2013-07-22 04:01 - 2013-07-22 04:01 - 01779363 _____ (Farbar) C:\Users\Gesa\Desktop\FRST64.exe
2013-07-22 03:45 - 2013-07-22 03:45 - 00377856 _____ C:\Users\Gesa\Desktop\gmer_2.1.19163.exe
2013-07-22 03:35 - 2013-07-22 03:35 - 00602112 _____ (OldTimer Tools) C:\Users\Gesa\Desktop\OTL.exe
2013-07-22 03:34 - 2013-07-22 03:34 - 00000470 _____ C:\Users\Gesa\Desktop\defogger_disable.log
2013-07-22 03:34 - 2013-07-22 03:34 - 00000000 _____ C:\Users\Gesa\defogger_reenable
2013-07-22 03:34 - 2013-01-07 10:33 - 00000000 ____D C:\Users\Gesa
2013-07-22 03:33 - 2013-07-22 03:33 - 00050477 _____ C:\Users\Gesa\Desktop\Defogger.exe
2013-07-21 21:16 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-07-21 20:42 - 2013-01-15 10:37 - 00000000 ____D C:\Users\Gesa\Documents\aktuelles
2013-07-21 19:26 - 2013-07-21 19:26 - 00000000 ____D C:\Users\Gesa\Documents\CyberLink
2013-07-21 19:26 - 2013-03-13 14:23 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\CyberLink
2013-07-20 10:25 - 2013-02-09 11:25 - 00000000 ____D C:\Users\Gesa\Documents\MaZ
2013-07-19 10:13 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\NDF
2013-07-18 16:54 - 2013-01-07 18:50 - 00000000 ____D C:\Users\Gesa\Documents\Studium
2013-07-17 21:13 - 2013-07-17 21:13 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-17 21:13 - 2013-07-17 21:13 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-17 21:13 - 2013-07-17 21:13 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-17 21:13 - 2013-04-17 20:49 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-17 21:13 - 2013-01-07 12:59 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-17 21:13 - 2013-01-07 12:59 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-17 21:13 - 2013-01-07 12:59 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-07-17 21:02 - 2013-07-17 21:02 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\Zip Opener Packages
2013-07-17 21:00 - 2013-07-17 21:00 - 00793536 _____ C:\Users\Gesa\Downloads\ZipOpenerSetup.exe
2013-07-17 20:50 - 2013-07-17 20:50 - 00004294 _____ C:\windows\System32\Tasks\Driver Mender-RTMScan
2013-07-17 20:50 - 2013-07-17 20:50 - 00003758 _____ C:\windows\System32\Tasks\Driver Mender-RTMUpdater
2013-07-17 20:50 - 2013-07-17 20:50 - 00003748 _____ C:\windows\System32\Tasks\Driver Mender-RTMRules
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\Users\Gesa\Downloads\Driver Mender
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\Users\Gesa\AppData\Local\PC_Drivers_Headquarters
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\ProgramData\UAB
2013-07-17 20:50 - 2013-07-17 20:50 - 00000000 ____D C:\ProgramData\Driver Mender
2013-07-17 20:32 - 2013-07-17 20:32 - 00000000 ____D C:\Program Files (x86)\Driver Mender
2013-07-17 20:29 - 2013-07-17 20:28 - 02060320 _____ (Driver Mender) C:\Users\Gesa\Downloads\DriverMender.exe
2013-07-17 20:18 - 2013-04-16 14:01 - 00002003 _____ C:\Users\Gesa\Desktop\ESC64 Softwarehandbuch.lnk
2013-07-17 20:16 - 2012-11-02 04:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-17 20:15 - 2013-04-16 13:58 - 00002003 _____ C:\Users\Gesa\Desktop\ESC64 Referenzhandbuch.lnk
2013-07-17 20:11 - 2013-07-17 20:11 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\InstallShield
2013-07-17 20:10 - 2013-07-17 20:10 - 02597888 _____ C:\Users\Gesa\Downloads\epson320037eu.exe
2013-07-17 10:59 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2013-07-17 10:19 - 2013-07-17 10:19 - 00356616 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-16 20:55 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\oobe
2013-07-16 20:54 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ToastData
2013-07-16 20:54 - 2012-07-26 10:12 - 00000000 ____D C:\windows\WinStore
2013-07-16 20:54 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-16 20:54 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-16 20:54 - 2012-07-26 07:38 - 00000000 ____D C:\windows\SysWOW64\Dism
2013-07-16 20:53 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\Dism
2013-07-16 20:52 - 2013-07-16 20:52 - 00286400 _____ C:\windows\Minidump\071613-40875-01.dmp
2013-07-16 20:52 - 2013-02-27 19:46 - 00000000 ____D C:\windows\Minidump
2013-07-16 20:52 - 2013-01-08 13:43 - 00417564 _____ C:\windows\system32\Drivers\vsconfig.xml
2013-07-16 20:51 - 2013-05-16 19:07 - 603696102 _____ C:\windows\MEMORY.DMP
2013-07-16 20:51 - 2013-01-07 11:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-16 14:58 - 2013-01-07 17:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-16 14:56 - 2013-01-07 21:27 - 78185248 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-07-16 11:39 - 2013-01-07 11:18 - 00000000 ____D C:\Users\Gesa\AppData\Local\Adobe
2013-07-16 11:20 - 2013-03-15 16:01 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 16:12 - 2013-07-15 16:12 - 00000000 ____D C:\Users\Gesa\Documents\Ausbildung Personzentrierte Beratung
2013-07-03 11:42 - 2013-07-03 11:40 - 00000000 ____D C:\Users\Gesa\Documents\Freiwilligen Kolleg 2014
2013-07-03 09:05 - 2013-07-03 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 00:04 - 2013-07-16 20:57 - 00693112 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-07-16 20:57 - 00078200 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-24 22:56 - 2013-01-13 11:36 - 00000000 ____D C:\Users\Gesa\AppData\Roaming\Swiss Academic Software
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-07-17 19:56] - [2013-06-01 13:34] - 2391280 ____A (Microsoft Corporation) 0E8E6463F81C80AFBED533E0F1F8895D
C:\Windows\SysWOW64\explorer.exe
[2013-07-17 19:56] - [2013-06-01 12:24] - 2106176 ____A (Microsoft Corporation) EAFE46B0292D2BD2467835E2ACF717CC
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-07-17 19:56] - [2013-06-01 13:26] - 0327936 ____A (Microsoft Corporation) 78A5BBA3819FFFC62FFEC3E2220D102D
LastRegBack: 2013-07-21 13:16
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2013
Ran by Gesa at 2013-07-23 08:44:29
Running from C:\Users\Gesa\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
Citavi (x32 Version: 3.4.0.2)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
dows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735)
Driver Mender (x32 Version: 8.1)
Dropbox (HKCU Version: 2.0.22)
Easy File Share (x32 Version: 1.3.4)
E-POP (x32 Version: 1.0.1)
EPSON PhotoQuicker3.4 (x32)
EPSON PRINT Image Framer Tool2.0 (x32)
ESC64 Referenzhandbuch (x32)
ESC64 Softwarehandbuch (x32)
Fotogalerie (x32 Version: 16.4.3503.0728)
Galerie de photos (x32 Version: 16.4.3503.0728)
Help Desk (Version: 1.0.6)
Intel AppUp(SM) center (x32 Version: 3.6.1.33070.11)
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36354)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2857)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3503.0728)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
Norton Online Backup (x32 Version: 2.2.3.51)
Norton Online Backup ARA (x32 Version: 4.1.0.14)
Photo Common (x32 Version: 16.4.3503.0728)
Photo Gallery (x32 Version: 16.4.3503.0728)
PIF DESIGNER2.0 (x32)
Plants vs. Zombies (x32)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.210)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Raccolta foto (x32 Version: 16.4.3503.0728)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6702)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
Recovery (x32 Version: 6.0.7.2)
S Agent (Version: 1.0.8)
ScanToWeb (x32)
Settings (x32 Version: 2.0.0)
Support Center FAQ (x32 Version: 1.0.5)
SW Update (x32 Version: 2.0.24)
Synaptics Pointing Device Driver (Version: 16.2.14.2)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Zip Opener (HKCU)
User Guide (x32 Version: 1.3.00)
Windows Live (x32 Version: 16.4.3503.0728)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728)
Windows Live Essentials (x32 Version: 16.4.3503.0728)
Windows Live Installer (x32 Version: 16.4.3503.0728)
Windows Live Photo Common (x32 Version: 16.4.3503.0728)
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)
Windows Live SOXE (x32 Version: 16.4.3503.0728)
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)
Windows Live UX Platform (x32 Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)
Xerox PhotoCafe (x32 Version: 1.0.0.6162)
Zip Opener Packages (HKCU)
ZoneAlarm Firewall (x32 Version: 11.0.000.038)
ZoneAlarm Firewall (x32 Version: 11.0.000.504)
ZoneAlarm Free Firewall (x32 Version: 11.0.000.504)
ZoneAlarm Security (x32 Version: 11.0.000.038)
ZoneAlarm Security (x32 Version: 11.0.000.504)
ZoneAlarm Security Toolbar (x32 Version: 1.8.11.11)
==================== Restore Points =========================
03-07-2013 07:23:12 Geplanter Prüfpunkt
15-07-2013 16:04:56 Windows Update
17-07-2013 18:15:51 Installiert EPSON PhotoQuicker3.4
22-07-2013 03:38:40 ComboFix created restore point
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-07-22 05:44 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {00E9CC8F-ED61-468D-A268-0590EE9D2244} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {02CD7B3A-72EC-480C-8CEF-444DC74AA06D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {08765697-FB44-4358-B1EC-6410D53B8688} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {1547B376-BB00-4440-86CB-FC8D205C77BF} - System32\Tasks\MakeMarkerFile => %ProgramData%\MakeMarkerFile.exe No File
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1A763B0B-2631-4019-B4FC-1CDDBD5FDF24} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1ECAA72A-B1D1-4BF2-976F-2871B9E8E3A1} - System32\Tasks\Driver Mender-RTMUpdater => C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe [2013-07-16] (PC Drivers Headquarters)
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2B7BAC2D-F63E-48E7-AF09-7F166B12F5E1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {2E279641-85E2-4F9A-B343-CD164DB0C823} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {355EF836-4DF4-4408-8023-4896CC201ABE} - System32\Tasks\Driver Mender-RTMRules => C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe [2013-07-16] (PC Drivers Headquarters)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {42B61E09-9A27-4AD8-831C-77D33DA0EEC0} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {443DEA7B-CF89-4C8E-9565-9049FC929B7D} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {58701ECB-C626-4407-9F2C-BDAF527A7EAF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-16] (Adobe Systems Incorporated)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5FA1D43C-5CB6-4723-BFE8-140EF3BF62D4} - System32\Tasks\WLANStartup => %programfiles(x86)%\Samsung\Easy Settings\WLANStartup.exe No File
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {733C0B9A-6266-4C59-AF2F-5417044F979B} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-10-15] (SEC)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B7706679-00A3-4375-8B49-30E568417F13} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-04] (Samsung Electronics CO., LTD.)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C9F60583-8347-4E8B-84C4-DA2DF7648931} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D51F8F0B-0765-4A36-A805-C1FBF247EEDA} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)
Task: {DA2A3F30-F175-4466-8439-1CDB2234E145} - System32\Tasks\Driver Mender-RTMScan => C:\Program Files (x86)\Driver Mender\Driver Mender\DriverMender.exe [2013-07-16] (PC Drivers Headquarters)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DC66A630-F941-4EA6-9910-AEA49C5140A4} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3140881342-1294397179-3039362648-1001
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E61AE307-85AF-4CCC-A180-237EC470D930} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {E80DC7B9-5986-4D71-B86B-D213D14253E0} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-10-17] (Samsung Electronics CO., LTD.)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EB57B27B-3498-43DA-B6D8-226637F04B36} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F4ED0505-05D1-4B14-B6F3-5B464DFEE5C7} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2013 08:38:03 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:43:37 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:43:34 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:43:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:43:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:42:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:42:54 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/23/2013 07:31:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MakeMarkerFile.exe, Version: 1.0.0.2, Zeitstempel: 0x5021e5e8
Name des fehlerhaften Moduls: MakeMarkerFile.exe, Version: 1.0.0.2, Zeitstempel: 0x5021e5e8
Ausnahmecode: 0xc0000417
Fehleroffset: 0x000000000014d7cc
ID des fehlerhaften Prozesses: 0xe1c
Startzeit der fehlerhaften Anwendung: 0xMakeMarkerFile.exe0
Pfad der fehlerhaften Anwendung: MakeMarkerFile.exe1
Pfad des fehlerhaften Moduls: MakeMarkerFile.exe2
Berichtskennung: MakeMarkerFile.exe3
Vollständiger Name des fehlerhaften Pakets: MakeMarkerFile.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MakeMarkerFile.exe5
Error: (07/23/2013 02:30:25 AM) (Source: .NET Runtime) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
Server stack trace:
bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc)
bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe()
bei IAStorIcon.StorageIcon.Stop()
bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs)
bei System.Windows.Forms.Application.RaiseExit()
bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application.Run()
bei IAStorIcon.Program.Main()
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (07/23/2013 08:38:03 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/23/2013 07:43:37 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
Error: (07/23/2013 07:43:34 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
Error: (07/23/2013 07:43:28 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
Error: (07/23/2013 07:43:28 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
Error: (07/23/2013 07:42:59 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gesa\Desktop\esetsmartinstaller_enu.exe
Error: (07/23/2013 07:42:54 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gesa\Downloads\esetsmartinstaller_enu.exe
Error: (07/23/2013 07:31:38 AM) (Source: Application Error)(User: )
Description: MakeMarkerFile.exe1.0.0.25021e5e8MakeMarkerFile.exe1.0.0.25021e5e8c0000417000000000014d7cce1c01ce8765e3214eceC:\ProgramData\MakeMarkerFile.exeC:\ProgramData\MakeMarkerFile.exe253cc8dc-f359-11e2-bebc-2089840f95a4
Error: (07/23/2013 02:30:25 AM) (Source: .NET Runtime)(User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
Server stack trace:
bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc)
bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe()
bei IAStorIcon.StorageIcon.Stop()
bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs)
bei System.Windows.Forms.Application.RaiseExit()
bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
bei System.Windows.Forms.Application.Run()
bei IAStorIcon.Program.Main()
CodeIntegrity Errors:
===================================
Date: 2013-07-23 08:42:29.941
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-23 08:40:42.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-23 02:30:28.657
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-23 01:38:59.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-23 01:30:26.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-23 01:29:47.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-23 01:12:44.040
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-22 21:34:52.065
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-22 20:38:04.087
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-22 19:58:27.890
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 6035.54 MB
Available physical RAM: 3802.73 MB
Total Pagefile: 12179.54 MB
Available Pagefile: 9960.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:438.82 GB) (Free:380.56 GB) NTFS (Disk=0 Partition=4)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 6260AFE2)
Partition: GPT Partition Type
==================== End Of Log ============================
Nochmals danke. Erstaunlich, dass du bei den ganzen kryptischen Zahlen und Buchstaben überhaupt etwas erkennst.
:applaus: |
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
SecurityCheck und:
