| YackVander | 07.02.2014 08:10 |
danke dir! Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:02 on 06/02/2014 (Wolf)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-02-2014
Ran by ***** (administrator) on *****-PC on 06-02-2014 22:08:09
Running from C:\Users\*****\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sophos Limited) C:\Program Files\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7719456 2009-08-24] (Realtek Semiconductor)
HKLM\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files\Sophos\AutoUpdate\almon.exe [929272 2013-11-13] (Sophos Limited)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2267090253-4006930157-440547460-1000\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2267090253-4006930157-440547460-1000\...\MountPoints2: {e753da95-0dc7-11e0-aaba-0013779f5544} - G:\RunGame.exe
AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2013-11-13] (Sophos Limited)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2613550
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x31DD733B010CCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - (No Name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No File
URLSearchHook: HKCU - (No Name) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 137.248.1.5 137.248.21.22 137.248.1.8
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\user.js
FF Homepage: hxxp://www.tagessschau.de
FF Keyword.URL: hxxp://www.google.com/search?q=
FF NetworkProxy: "ftp", "77.175.84.246"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "77.175.84.246"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "77.175.84.246"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @cambridgesoft.com/Chem3D,version=11.0 - C:\Program Files\CambridgeSoft\ChemOffice2008\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF Plugin: @cambridgesoft.com/ChemDraw,version=11.0 - C:\Program Files\CambridgeSoft\ChemOffice2008\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.91 - C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\searchplugins\*****ramalpha.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\Extensions\nostmp [2011-04-19]
FF Extension: Grooveshark Unlocker - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2013-12-04]
FF Extension: Stealthy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\Extensions\stealthyextension@gmail.com.xpi [2012-07-20]
FF Extension: NoScript - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-24]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Always on Top - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vo6705k9.default\Extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi [2011-05-27]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-09-25]
========================== Services (Whitelisted) =================
S4 bfs; C:\Bruker\Diskless\WinApp\bfsd.exe [111104 2008-11-28] ()
S4 bootparam; C:\Bruker\Diskless\WinApp\rpc.bootparamd.exe [24064 2004-03-04] ()
S4 Bruker Dhcp Server; C:\Bruker\Diskless\tftpboot\dhcpd.exe [530944 2009-10-30] ()
S4 Bruker FLEXlm License Server; C:\flexlm\Bruker\srvany.exe [13312 1996-08-30] ()
S4 Bruker tftpd32; C:\Bruker\Diskless\tftpboot\tftpd.exe [138752 2009-10-30] ()
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S4 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SAVAdminService; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [290296 2013-11-13] (Sophos Limited)
R2 SAVService; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [206328 2013-11-13] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [237048 2013-11-13] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2013-10-09] (Sophos Limited)
R2 swi_service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3109880 2013-11-13] (Sophos Limited)
S2 swi_update; C:\ProgramData\Sophos\Web Intelligence\swi_update.exe [1471992 2013-11-13] (Sophos Limited)
S4 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [557968 2013-06-19] (Cisco Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92112 2013-06-19] (Cisco Systems, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [108480 2010-07-22] (SlySoft, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-12-28] ()
R3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2010-01-01] (Elaborate Bytes AG)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-12-28] ()
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [132424 2013-11-13] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [33696 2013-10-09] (Sophos Limited)
R1 SKMScan; C:\Windows\System32\DRIVERS\skmscan.sys [33096 2013-11-13] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [22536 2013-10-09] (Sophos Plc)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-03-28] (Duplex Secure Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43120 2013-06-19] (Cisco Systems, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 StarOpen; No ImagePath
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSBXP.SYS [48384 2012-03-15] (SEIKO EPSON CORPORATION)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 22:08 - 2014-02-06 22:08 - 00015922 _____ () C:\Users\*****\Desktop\FRST.txt
2014-02-06 22:07 - 2014-02-06 22:08 - 00000000 ____D () C:\FRST
2014-02-06 22:06 - 2014-02-06 22:06 - 01136640 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2014-02-06 22:01 - 2014-02-06 22:02 - 00000630 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-02-06 22:01 - 2014-02-06 22:02 - 00000020 _____ () C:\Users\*****\defogger_reenable
2014-02-06 21:59 - 2014-02-06 22:01 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-02-05 21:56 - 2014-02-06 09:34 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-02-01 17:36 - 2014-02-01 17:36 - 00000000 _____ () C:\Users\*****\Desktop\Neue Bitmap.bmp
2014-01-27 01:04 - 2014-01-27 01:04 - 00143276 ____H () C:\Windows\system32\mlfcache.dat
2014-01-22 10:20 - 2014-01-22 10:21 - 00000000 ____D () C:\Users\*****\Desktop\knf bilder pumpe
2014-01-18 19:37 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 19:37 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 19:37 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 19:37 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 19:37 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 19:37 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 19:37 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 19:37 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 19:37 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-16 10:29 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-16 10:28 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-16 10:28 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-16 10:28 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-16 10:27 - 2014-01-16 10:28 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 09:11 - 2014-01-15 09:11 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ChemAxon
==================== One Month Modified Files and Folders =======
2014-02-06 22:08 - 2014-02-06 22:08 - 00015922 _____ () C:\Users\*****\Desktop\FRST.txt
2014-02-06 22:08 - 2014-02-06 22:07 - 00000000 ____D () C:\FRST
2014-02-06 22:08 - 2010-03-05 23:07 - 01209579 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 22:06 - 2014-02-06 22:06 - 01136640 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2014-02-06 22:04 - 2012-10-03 13:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-06 22:04 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 22:04 - 2009-07-14 05:39 - 00255281 _____ () C:\Windows\setupact.log
2014-02-06 22:02 - 2014-02-06 22:01 - 00000630 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-02-06 22:02 - 2014-02-06 22:01 - 00000020 _____ () C:\Users\*****\defogger_reenable
2014-02-06 22:02 - 2013-11-05 23:40 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-02-06 22:01 - 2014-02-06 21:59 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-02-06 22:01 - 2010-03-05 23:14 - 00000000 ____D () C:\Users\*****
2014-02-06 19:50 - 2010-03-08 15:09 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-02-06 09:34 - 2014-02-05 21:56 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-02-06 09:31 - 2009-07-14 05:34 - 00016384 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 09:31 - 2009-07-14 05:34 - 00016384 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 11:42 - 2010-03-05 23:15 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 00:24 - 2010-03-06 13:05 - 00000000 ____D () C:\Users\*****\AppData\Roaming\.purple
2014-02-01 17:36 - 2014-02-01 17:36 - 00000000 _____ () C:\Users\*****\Desktop\Neue Bitmap.bmp
2014-02-01 03:00 - 2010-11-05 09:34 - 00000392 _____ () C:\Windows\Tasks\At1.job
2014-01-27 01:04 - 2014-01-27 01:04 - 00143276 ____H () C:\Windows\system32\mlfcache.dat
2014-01-26 11:12 - 2010-03-06 14:11 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-01-26 11:04 - 2012-04-04 12:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-26 11:04 - 2011-05-15 21:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-22 10:21 - 2014-01-22 10:20 - 00000000 ____D () C:\Users\*****\Desktop\knf bilder pumpe
2014-01-18 19:46 - 2009-07-14 05:33 - 00419608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-18 19:42 - 2013-07-13 12:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-18 19:38 - 2010-03-06 00:13 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 17:32 - 2012-12-22 21:08 - 00000695 _____ () C:\Users\*****\AppData\Roaming\burnaware.ini
2014-01-16 10:29 - 2013-10-24 11:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-16 10:28 - 2014-01-16 10:27 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-16 10:28 - 2013-03-04 23:43 - 00000000 ____D () C:\Program Files\Java
2014-01-15 09:11 - 2014-01-15 09:11 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ChemAxon
2014-01-10 08:37 - 2012-09-30 19:14 - 00007600 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2014-01-09 22:24 - 2010-11-27 14:41 - 00000000 ___RD () C:\Users\*****\Desktop\My Dropbox
2014-01-09 22:24 - 2010-11-27 14:37 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\20110620050100175jniverify.dll
C:\Users\*****\AppData\Local\Temp\20110620050144283jniverify.dll
C:\Users\*****\AppData\Local\Temp\20120221112511971jniverify.dll
C:\Users\*****\AppData\Local\Temp\AskSLib.dll
C:\Users\*****\AppData\Local\Temp\AutoRun.exe
C:\Users\*****\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\*****\AppData\Local\Temp\eauninstall.exe
C:\Users\*****\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\*****\AppData\Local\Temp\ffdshow_beta6_rev2527_20081219.exe
C:\Users\*****\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\*****\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\*****\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\*****\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\NFS UNDERGROUND_uninst.exe
C:\Users\*****\AppData\Local\Temp\PCW.EXE
C:\Users\*****\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\tbZone.dll
C:\Users\*****\AppData\Local\Temp\Uninstall.exe
C:\Users\*****\AppData\Local\Temp\utildel.exe
C:\Users\*****\AppData\Local\Temp\vcredist_x86-vc90.exe
C:\Users\*****\AppData\Local\Temp\zauninst.exe
C:\Users\*****\AppData\Local\Temp\~tmp1371164681410.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 11:05
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-02-2014
Ran by ***** at 2014-02-06 22:09:15
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
FW: ZoneAlarm Firewall (Enabled) {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
==================== Installed Programs ======================
7-Zip 4.65 (Version: - ) <==== ATTENTION
Adobe Download Manager (Version: 1.6.2.91 - NOS Microsystems Ltd.) <==== ATTENTION
Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Shockwave Player 11.6 (Version: 11.6.3.633 - Adobe Systems, Inc.) <==== ATTENTION
Anleitung für Epson Connect (Version: - ) <==== ATTENTION
AnyDVD (Version: 6.6.8.0 - SlySoft) <==== ATTENTION
Apple Application Support (Version: 2.3.6 - Apple Inc.) <==== ATTENTION
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.) <==== ATTENTION
Apple Software Update (Version: 2.1.3.127 - Apple Inc.) <==== ATTENTION
Atheros Client Installation Program (Version: 1.0.1.0805 - Atheros) <==== ATTENTION
Bonjour (Version: 3.0.0.10 - Apple Inc.) <==== ATTENTION
Bruker Diskless 3.0.20091030 (Version: - ) <==== ATTENTION
Bruker FLEXlm 9.5.0.p1 (Version: - ) <==== ATTENTION
Bruker IconNMR 4.5.b.8 (Version: - ) <==== ATTENTION
Bruker NMR-GLP 7.2 (Version: - ) <==== ATTENTION
Bruker NMR-GUIDE 4.2 (Version: - ) <==== ATTENTION
Bruker NMR-Sim 5.2.b (Version: - ) <==== ATTENTION
Bruker TopSpin 3.0.b.7 (Version: - ) <==== ATTENTION
BurnAware Free 6.6 (Version: - Burnaware) <==== ATTENTION
CambridgeSoft Activation Client (Version: 11.0 - CambridgeSoft Corporation) <==== ATTENTION
CambridgeSoft ChemOffice Ultra 2008 (Version: 11.0 - CambridgeSoft Corporation) <==== ATTENTION
CambridgeSoft ChemOffice Ultra 2008 (Version: 11.0 - CambridgeSoft Corporation) Hidden <==== ATTENTION
CambridgeSoft ChemScript 11.0 (Version: 11.0 - CambridgeSoft Corporation) <==== ATTENTION
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04059 - Cisco Systems, Inc.) <==== ATTENTION
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04059 - Cisco Systems, Inc.) Hidden <==== ATTENTION
CorelDRAW Graphics Suite X3 (Version: 13.0 - Corel Corporation) <==== ATTENTION
DE (Version: 13.0 - Corel Corporation) Hidden <==== ATTENTION
Diamond 3 (Version: 3.2.5 - Crystal Impact GbR, Bonn, Germany) <==== ATTENTION
DivX-Setup (Version: 1.0.1.5 - DivX, Inc. ) <==== ATTENTION
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.) <==== ATTENTION
Easy Display Manager (Version: 3.0 - Samsung Electronics Co., Ltd.) <==== ATTENTION
EAX Unified (Version: - ) <==== ATTENTION
Epson Benutzerhandbuch WF-3520 Series (Version: - ) <==== ATTENTION
Epson Event Manager (Version: 3.01.0005 - Seiko Epson Corporation) <==== ATTENTION
Epson FAX Utility (Version: 1.30.00 - SEIKO EPSON CORPORATION) <==== ATTENTION
Epson Netzwerkhandbuch WF-3520 Series (Version: - ) <==== ATTENTION
Epson PC-FAX Driver (Version: - ) <==== ATTENTION
EPSON Printer Finder (Version: 1.0.0 - SEIKO EPSON CORPORATION) <==== ATTENTION
EPSON Scan (Version: - Seiko Epson Corporation) <==== ATTENTION
EPSON WF-3520 Series Printer Uninstall (Version: - SEIKO EPSON Corporation) <==== ATTENTION
EPSON-Drucker-Software (Version: - ) <==== ATTENTION
EpsonNet Config V4 (Version: 4.0.0 - SEIKO EPSON CORPORATION) <==== ATTENTION
EpsonNet Print (Version: 2.5.00 - SEIKO EPSON CORPORATION) <==== ATTENTION
Extended Asian Language font pack for Adobe Reader XI (Version: 11.0.0 - Adobe Systems Incorporated) <==== ATTENTION
FontNav (Version: 5.0 - Corel Corporation) Hidden <==== ATTENTION
GooReader (Version: 3.2 - GooReader) <==== ATTENTION
GPL Ghostscript 9.00 (Version: - ) <==== ATTENTION
GTK+ Runtime 2.14.7 rev a (nur entfernen) (Version: - ) <==== ATTENTION
ImageJ 1.44p (Version: - NIH) <==== ATTENTION
Inkscape 0.48.0 (Version: 0.48.0 - ) <==== ATTENTION
iTunes (Version: 11.1.3.8 - Apple Inc.) <==== ATTENTION
Java 7 Update 51 (Version: 7.0.510 - Oracle) <==== ATTENTION
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden <==== ATTENTION
K-Lite Mega Codec Pack 7.1.0 (Version: 7.1.0 - ) <==== ATTENTION
Mendeley Desktop 1.8 (Version: 1.8 - Mendeley Ltd.) <==== ATTENTION
MestReC 4.9.9 (Version: - MestReC) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014 - Microsoft Corporation) <==== ATTENTION
Microsoft Silverlight (Version: 4.1.10329.0 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) <==== ATTENTION
MozBackup 1.4.10 (Version: - Pavel Cvrcek) <==== ATTENTION
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla) <==== ATTENTION
Mozilla Maintenance Service (Version: 24.3.0 - Mozilla) <==== ATTENTION
Mozilla Thunderbird 24.3.0 (x86 de) (Version: 24.3.0 - Mozilla) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation) <==== ATTENTION
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) <==== ATTENTION
NVIDIA GAME System Software 2.8.1 (Version: 2.8.1 - NVIDIA Corporation) <==== ATTENTION
NVIDIA Grafiktreiber 327.02 (Version: 327.02 - NVIDIA Corporation) <==== ATTENTION
NVIDIA Install Application (Version: 2.1002.141.953 - NVIDIA Corporation) Hidden <==== ATTENTION
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden <==== ATTENTION
NVIDIA Update 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) <==== ATTENTION
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden <==== ATTENTION
Origin8 (Version: 8.00.000 - OriginLab) Hidden <==== ATTENTION
OriginPro 8 (Version: 8.00.000 - OriginLab Corporation) <==== ATTENTION
PDF Architect (Version: 1.1.83.9982 - pdfforge GmbH) <==== ATTENTION
PDFCreator (Version: 1.7.1 - pdfforge) <==== ATTENTION
Pidgin (Version: 2.10.7 - ) <==== ATTENTION
POV-Ray for Windows v3.6.1 (Version: 3.6 - Persistence of Vision Raytracer Pty. Ltd.) <==== ATTENTION
PyMOL (Version: - ) <==== ATTENTION
Python 2.5 (Version: 2.5.150 - Martin v. Löwis) <==== ATTENTION
Python 2.5 pywin32-210 (Version: - ) <==== ATTENTION
QuickTime (Version: 7.73.80.64 - Apple Inc.) <==== ATTENTION
Realtek High Definition Audio Driver (Version: 6.0.1.5923 - Realtek Semiconductor Corp.) <==== ATTENTION
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0 - Microsoft) <==== ATTENTION
Skype™ 6.10 (Version: 6.10.104 - Skype Technologies S.A.) <==== ATTENTION
Software Updater (Version: 4.1.7 - SEIKO EPSON CORPORATION) <==== ATTENTION
Sophos Anti-Virus (Version: 10.3.1 - Sophos Limited) <==== ATTENTION
Sophos AutoUpdate (Version: 2.9.0.344 - Sophos Limited) <==== ATTENTION
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB) <==== ATTENTION
Spybot - Search & Destroy (Version: 1.6.2 - Safer Networking Limited) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden <==== ATTENTION
Synaptics Pointing Device Driver (Version: 13.2.4.12 - Synaptics Incorporated) <==== ATTENTION
Uninstall 1.0.0.1 (Version: - ) <==== ATTENTION
Update Manager (Version: 4.60 - Corel Corporation) Hidden <==== ATTENTION
VBA (Version: 6.2 - Corel Corporation) Hidden <==== ATTENTION
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden <==== ATTENTION
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden <==== ATTENTION
VLC media player 2.0.1 (Version: 2.0.1 - VideoLAN) <==== ATTENTION
Winamp (Version: 5.581 - Nullsoft, Inc) <==== ATTENTION
WinRAR (Version: - ) <==== ATTENTION
ZoneAlarm LTD Toolbar (Version: - Check Point Software Technologies) <==== ATTENTION
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:04 - 2013-09-18 21:22 - 00460514 ____A C:\Windows\system32\Drivers\etc\hosts
149.236.99.1 ASP_ST2
149.236.99.99 spect
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {354DE6E4-7FE6-4586-9E72-5C44B0E24382} - System32\Tasks\{7111397C-1BE8-4BCE-8D08-2D46F152A07C} => C:\Downloads\pymol-1_1eval-bin-win32\pymol-1_1eval-bin-win32\SETUP.EXE
Task: {3BEA4AE7-AF76-4C4A-A3C2-90E10342D65C} - System32\Tasks\{0C0198CB-76A4-45A8-BF63-7FE602FFC463} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {3EC3E7DA-8496-4301-AA4B-F657216F4156} - System32\Tasks\{0F0388D4-9856-4E80-839C-1166DDB128E2} => E:\AUTORUN.EXE
Task: {453C754C-639B-4BB9-A40E-56BF39C430A7} - System32\Tasks\{BAA3A79B-40EE-4E8B-A272-890BCA693253} => D:\Spiele\THPS 4 Demo\Start.exe
Task: {460D8DD7-E193-49A1-B187-53C99526B790} - System32\Tasks\{4CD310B5-95DA-4535-8B88-AF435493C018} => C:\Downloads\Monkeyisland\MONKEY.EXE
Task: {4EB234CF-6E4B-426C-98CC-EDD7E21B431A} - System32\Tasks\{F6E12B37-B0DD-4504-94B1-A8828D230EFD} => F:\SETUP.EXE
Task: {5374E261-27EF-4F68-963F-255564DDE434} - System32\Tasks\{DEA49738-7A95-427C-83E1-8560F3292840} => E:\AUTORUN.EXE
Task: {7051AFC4-AA3E-4308-8EE9-E96D8A65D5F3} - System32\Tasks\{29457E13-850E-4ABF-9F4F-EA9B092E2D83} => C:\Downloads\Half-Life_1.0.1.6_No_CD\hl1016e_nocd_loader.exe
Task: {8431FE0E-9BC3-4CE0-9742-64C64BEEDC9E} - System32\Tasks\{B214730A-3EA7-4521-9F4A-D75EF9737255} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {8D8921A2-1BA0-4BD3-AD39-96940215C2F5} - System32\Tasks\{175A5693-A086-4CB9-B19D-AA7CBD43253F} => E:\SETUP.EXE
Task: {92E25EBA-04BB-4D0B-AD9D-5560312A4E06} - System32\Tasks\{9EAE1C60-C6D4-496A-8E73-4C332A135A29} => C:\Downloads\pymol-1_1eval-bin-win32\pymol-1_1eval-bin-win32\SETUP.EXE
Task: {A06BA889-4719-463B-A278-AAE4863EFDAC} - System32\Tasks\{47102ACC-A4EF-46BA-98B5-931060476E19} => F:\SETUP.EXE
Task: {A2FEAC9D-6DC7-44CB-8BA1-024AFA3D6DF4} - System32\Tasks\At1 => C:\Bruker\TopSpin3.0.b.7\prog\bin\helevtransfer.cmd [2013-08-05] ()
Task: {AC0E1F83-A399-4B8D-B8FF-9E8E86D14726} - System32\Tasks\{7A5024B2-441B-4CE3-B81D-65C57309036A} => E:\SETUP.EXE
Task: {B899332C-5FD7-4D77-BEFD-7695939910E4} - System32\Tasks\{13EF55AE-4C94-4D88-87A1-A6C4D0FBD338} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {C4CF8062-47D1-4569-B131-74A29B1A0EEF} - System32\Tasks\{C1468C96-2B25-4BFB-9BDC-BEE4BCB95602} => D:\Spiele\Half-life\SETUP.EXE
Task: {C8C2392C-0B40-4937-AD33-1744F9C75E43} - System32\Tasks\{DF0E6404-16A3-4532-9BD7-8D5923F39EC7} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {D9115690-BCCB-4FFF-BC09-83CD019F4A85} - System32\Tasks\{A5FCA1E2-1647-4756-87C4-73A4955F4E45} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {E4591581-80A6-4A2A-B21C-19AD6AED0834} - System32\Tasks\{1C7C5EA5-F135-4201-8579-6B1C600218C2} => C:\Downloads\pymol-1_1eval-bin-win32\pymol-1_1eval-bin-win32\SETUP.EXE
Task: {E5F8ED80-50B9-47A1-B97A-216D1A74DF0A} - System32\Tasks\{80F9D663-0064-451D-8676-11D4CCAD72C7} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {EC2D19B8-8CC8-456A-8C37-45F7B86FEAF4} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-24] (Samsung Electronics Co., Ltd.)
Task: {F091FECB-E56B-4A39-9FAF-28882ADBCEFD} - System32\Tasks\{8400AB2E-CCE7-44FB-9B38-C1C65F3F43E0} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {F53D5B80-0E69-4025-B8BB-9FB3568F7F3F} - System32\Tasks\{98826237-D852-4C1B-9388-316159DD92ED} => C:\Users\*****\Desktop\Bsc Arbeit\Programme\PyMol\pymol-0_99rc6-bin-win32\SETUP.EXE
Task: {F5E07962-7A0D-4E21-B002-83A10E687DA5} - System32\Tasks\{8955F6B9-3337-4AC3-B346-1B34C77392DE} => F:\SETUP.EXE
Task: {F86AF7E5-7C27-43DD-90A9-96F5BD8BA8EC} - System32\Tasks\{91D85762-9CE6-472C-AC55-AE7DF12D98F4} => F:\SETUP.EXE
Task: C:\Windows\Tasks\At1.job => ?
==================== Loaded Modules (whitelisted) =============
2011-10-19 15:33 - 2006-08-12 11:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2013-12-20 10:53 - 2013-12-20 10:53 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-01-26 11:04 - 2014-01-26 11:04 - 16287624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2014 11:05:52 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/06/2014 11:01:53 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/06/2014 10:58:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/05/2014 11:26:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/05/2014 11:23:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/05/2014 11:19:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/03/2014 03:43:42 PM) (Source: CXNRegistryLib) (User: )
Description: Error number: {-2147467259(An unspecified failure has occurred.)}
Error source: {CRegistryHelper::GetLongValue}
Error Description: {Unable to retrieve integer value for the specified registry key! ()}
Error: (02/03/2014 03:43:42 PM) (Source: CXNRegistryLib) (User: )
Description: Error number: {-2147467259(An unspecified failure has occurred.)}
Error source: {CRegistryHelper::Open}
Error Description: {Open the specified registry key failed! (Unable to open the specified registry key!)}
Error: (02/03/2014 02:14:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/03/2014 02:11:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
System errors:
=============
Error: (02/06/2014 10:06:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079
Error: (02/06/2014 10:03:08 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (02/06/2014 07:14:56 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/06/2014 09:26:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079
Error: (02/05/2014 09:33:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079
Error: (02/05/2014 11:32:20 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/05/2014 09:33:41 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079
Error: (02/04/2014 08:56:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079
Error: (02/03/2014 03:47:22 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/03/2014 00:33:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079
Microsoft Office Sessions:
=========================
Error: (01/06/2014 11:37:43 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3614 seconds with 600 seconds of active time. This session ended with a crash.
Error: (12/28/2013 03:42:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 48862 seconds with 240 seconds of active time. This session ended with a crash.
Error: (06/20/2013 06:55:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37514 seconds with 120 seconds of active time. This session ended with a crash.
Error: (03/06/2012 06:40:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1778 seconds with 1320 seconds of active time. This session ended with a crash.
Error: (02/10/2011 08:34:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14987 seconds with 6420 seconds of active time. This session ended with a crash.
Error: (06/27/2010 00:43:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8558 seconds with 2760 seconds of active time. This session ended with a crash.
Error: (06/03/2010 03:55:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8366 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2012-10-03 14:26:05.373
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 13:38:19.952
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 12:43:48.786
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 12:09:05.742
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 10:46:04.678
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 10:16:21.008
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 09:57:59.576
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 09:50:53.765
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-03 00:14:26.595
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-02 23:20:38.965
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3066.61 MB
Available physical RAM: 1575.91 MB
Total Pagefile: 6129.45 MB
Available Pagefile: 4707.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:50 GB) (Free:4.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:248.09 GB) (Free:37.53 GB) NTFS
Drive w: (ag*****) (Network) (Total:3.91 GB) (Free:3.91 GB) NTFS
Drive x: (software) (Network) (Total:3.91 GB) (Free:3.91 GB) NTFS
Drive y: (*****) (Network) (Total:3.91 GB) (Free:3.91 GB) NTFS
Drive z: (NMR) (Network) (Total:458.44 GB) (Free:177.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: B6394A61)
Partition 1: (Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=248 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
Farbar Service Scanner 
