| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Trojaner auf PC "http://onlinewebfind.com/ads-clicktrack..."Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.01.2014, 10:07
| #1 |
 |  Windows 7: Trojaner auf PC "http://onlinewebfind.com/ads-clicktrack..." Hallo an alle, ich habe ein weiteres Problem mit meinem PC. Auch hier hat sich wohl ein Trojaner eingeschlichen. Das zeigt zumindest Spybot an. Auch lässt sich nicht mehr ordentlich damit arbeiten. Ständig gehen einfach irgendwelche Seiten auf, z.B. hxxp://gip.driverdiv.net/sd/cpops-1.2.0.html?u=http%3A%2F%2Fgip.driverdiv.net%2Fsd%2Fapps%2Ffusionx%2F0.0.4.html%3Faff%3D1030-4000&p=PassShow und manche Links auf seriösen Seiten wie z.B. ebay können gar nicht mehr angeklickt werden. Hier alle Log-Daten: Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:37 on 09/01/2014 (Anna)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
SPTD -> Disabled
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-01-2014 01
Ran by Anna (administrator) on ANNA-PC on 09-01-2014 18:40:24
Running from C:\Users\Anna\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
( ) C:\Windows\System32\lxeecoms.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Team H2O) C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Creative Technology Ltd) C:\Windows\System32\CTHELPER.EXE
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hama GmbH & Co KG) C:\Program Files\Hama\Common\RaUI.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Dropbox, Inc.) C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [H2O] - C:\Program Files\Syncrosoft\POS\H2O\cledx.exe [385024 2005-10-22] (Team H2O)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [CTHelper] - C:\Windows\System32\CTHELPER.EXE [23040 2009-02-23] (Creative Technology Ltd)
HKLM\...\Run: [CTxfiHlp] - C:\Windows\System32\CTXFIHLP.EXE [23552 2009-02-23] (Creative Technology Ltd)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {cbe70fbc-da3e-11e2-8cba-b6cb38289f20} - L:\HTC_Sync_Manager_PC.exe
MountPoints2: {fa6f7bbb-5fef-11e2-8d00-8474b38bdcf8} - J:\setup.exe
AppInit_DLLs: C:\Program Files\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.)
Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC8BCF86EB6ABCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: CtxIEInterceptorBHO Class - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
BHO: PassShow - {2d661e5b-7d7a-417c-b5b5-6479017bb314} - C:\Program Files\PassShow\150.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\lwb3fzqz.default
FF NetworkProxy: "http", "94.228.200.61"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Citrix.com/npican - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Grooveshark Unblocker - C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\lwb3fzqz.default\Extensions\grooveshark-unblocker@4ley.addons.mozilla.org.xpi
FF Extension: Adblock Plus - C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\lwb3fzqz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKCU\...\Firefox\Extensions: [{57c20073-e24b-4b2a-aa91-70d1ad526cbf}] - C:\Program Files\PassShow\150.xpi
FF Extension: No Name - C:\Program Files\PassShow\150.xpi
FF Extension: No Name - C:\Program Files\PassShow\150.xpi
========================== Services (Whitelisted) =================
R2 lxee_device; C:\Windows\system32\lxeecoms.exe [598696 2010-04-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [185632 2009-12-10] (Ralink Technology, Corp.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [537592 2012-08-03] (Cisco Systems, Inc.)
==================== Drivers (Whitelisted) ====================
S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [87976 2012-08-03] (Cisco Systems, Inc.)
R3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O)
S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [98328 2009-02-23] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [98328 2009-02-23] (Creative Technology Ltd)
S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [528920 2009-02-23] (Creative Technology Ltd)
S3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [528920 2009-02-23] (Creative Technology Ltd)
S3 CTEAPSFX; C:\Windows\System32\drivers\CTEAPSFX.SYS [163352 2009-02-23] (Creative Technology Ltd)
S3 CTEAPSFX.SYS; C:\Windows\System32\drivers\CTEAPSFX.SYS [163352 2009-02-23] (Creative Technology Ltd)
S3 CTEDSPFX; C:\Windows\System32\drivers\CTEDSPFX.SYS [259096 2009-02-23] (Creative Technology Ltd)
S3 CTEDSPFX.SYS; C:\Windows\System32\drivers\CTEDSPFX.SYS [259096 2009-02-23] (Creative Technology Ltd)
S3 CTEDSPIO; C:\Windows\System32\drivers\CTEDSPIO.SYS [134168 2009-02-23] (Creative Technology Ltd)
S3 CTEDSPIO.SYS; C:\Windows\System32\drivers\CTEDSPIO.SYS [134168 2009-02-23] (Creative Technology Ltd)
S3 CTEDSPSY; C:\Windows\System32\drivers\CTEDSPSY.SYS [309784 2009-02-23] (Creative Technology Ltd)
S3 CTEDSPSY.SYS; C:\Windows\System32\drivers\CTEDSPSY.SYS [309784 2009-02-23] (Creative Technology Ltd)
S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [99352 2009-02-23] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [99352 2009-02-23] (Creative Technology Ltd)
S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [534040 2009-02-23] (Creative Technology Ltd)
S3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [534040 2009-02-23] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-16] (DT Soft Ltd)
R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [802840 2009-02-23] (Creative Technology Ltd)
S3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [163864 2009-02-23] (Creative Technology Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2013-01-16] (Duplex Secure Ltd.)
R0 TPkd; C:\Windows\System32\Drivers\TPkd.sys [61856 2002-05-22] (PACE Anti-Piracy, Inc.)
S2 Nsynas32; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-09 18:40 - 2014-01-09 18:40 - 00015378 _____ C:\Users\Anna\Desktop\FRST.txt
2014-01-09 18:40 - 2014-01-09 18:40 - 00000000 ____D C:\FRST
2014-01-09 18:39 - 2014-01-09 18:39 - 01065947 _____ (Farbar) C:\Users\Anna\Desktop\FRST.exe
2014-01-09 18:37 - 2014-01-09 18:37 - 00000572 _____ C:\Users\Anna\Desktop\defogger_disable.log
2014-01-09 18:37 - 2014-01-09 18:37 - 00000176 _____ C:\Users\Anna\defogger_reenable
2014-01-09 18:36 - 2014-01-09 18:36 - 00050477 _____ C:\Users\Anna\Desktop\Defogger.exe
2014-01-09 18:35 - 2014-01-09 18:35 - 00050477 _____ C:\Users\Anna\Downloads\Defogger.exe
2013-12-27 18:49 - 2013-12-27 18:50 - 22964496 _____ C:\Users\Anna\Downloads\FullTiltPokerEuSetup.exe
2013-12-27 18:03 - 2013-12-27 18:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-27 18:03 - 2013-12-27 18:03 - 00002125 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-27 18:03 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2013-12-27 18:02 - 2013-12-27 18:04 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-27 18:01 - 2013-12-27 18:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Anna\Downloads\spybot-2.2.25.exe
2013-12-27 17:22 - 2014-01-06 23:27 - 00000000 ____D C:\Users\Anna\Desktop\Martin
2013-12-27 17:06 - 2013-12-27 17:17 - 00000000 ____D C:\AdwCleaner
2013-12-27 17:05 - 2013-12-27 17:05 - 01233962 _____ C:\Users\Anna\Downloads\adwcleaner.exe
2013-12-23 15:51 - 2013-12-23 15:52 - 00000000 ____D C:\Users\Anna\Desktop\mama
2013-12-23 15:40 - 2013-12-27 17:31 - 00000000 ____D C:\Users\Anna\AppData\Roaming\MediaMonkey
2013-12-23 15:40 - 2013-12-23 15:40 - 00001007 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2013-12-23 15:40 - 2013-12-23 15:40 - 00000000 ____D C:\Users\Anna\AppData\Local\MediaMonkey
2013-12-23 15:40 - 2013-12-23 15:40 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-23 15:40 - 2013-12-23 15:40 - 00000000 ____D C:\Program Files\MediaMonkey
2013-12-23 15:39 - 2013-12-23 15:39 - 15069520 _____ (Ventis Media Inc. ) C:\Users\Anna\Downloads\MediaMonkey_4.0.7.1511.exe
2013-12-23 15:29 - 2013-12-23 15:29 - 00000000 ____D C:\Users\Anna\AppData\Local\Macroplant,_LLC
2013-12-23 15:29 - 2013-12-23 15:29 - 00000000 ____D C:\Program Files\Sharepod
2013-12-23 15:24 - 2013-12-23 15:24 - 05965680 _____ (Macroplant LLC ) C:\Users\Anna\Downloads\Sharepod_4_Setup_4010b.exe
2013-12-23 15:12 - 2013-12-23 15:12 - 00000000 ____D C:\Users\Anna\Desktop\Zumba
2013-12-23 14:42 - 2013-12-23 15:14 - 00000000 ____D C:\Users\Anna\Desktop\Eminem u Charts
2013-12-23 14:28 - 2013-12-23 15:18 - 00000000 ____D C:\Users\Anna\Desktop\iPod Musik
2013-12-23 14:27 - 2013-12-23 14:27 - 00001272 _____ C:\Users\Public\Desktop\SciLor's grooveshark™.com Downloader.lnk
2013-12-23 14:26 - 2014-01-09 14:16 - 00000340 _____ C:\Windows\Tasks\PassShow Update.job
2013-12-23 14:26 - 2014-01-06 23:15 - 00000000 ____D C:\Program Files\SciLor's grooveshark(tm).com Downloader
2013-12-23 14:26 - 2013-12-23 14:26 - 00000000 ____D C:\Program Files\PassShow
2013-12-23 14:25 - 2013-12-23 14:25 - 00923784 _____ (CNET Download.com) C:\Users\Anna\Downloads\cbsidlm-cbsi145-SciLors_Groovesharkcom_Downloader-ORG-75764950.exe
2013-12-23 14:06 - 2013-12-27 16:56 - 00000000 ____D C:\Users\Anna\AppData\Roaming\newnext.me
2013-12-23 14:06 - 2013-12-23 14:28 - 00000000 ____D C:\Users\Anna\AppData\Local\cache
2013-12-23 14:06 - 2013-12-23 14:27 - 00000000 ____D C:\Users\Anna\AppData\Local\genienext
2013-12-23 14:06 - 2013-12-23 14:12 - 00000332 _____ C:\Users\Anna\daemonprocess.txt
2013-12-23 14:06 - 2013-12-23 14:06 - 00000000 ____D C:\Users\Anna\.android
2013-12-23 13:43 - 2013-12-23 13:43 - 00689856 _____ C:\Users\Anna\Downloads\SciLors_Grooveshark(tm)_DownloaderSetup.exe
2013-12-21 19:24 - 2013-12-21 19:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 08:56 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 08:56 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 08:56 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 08:56 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 08:56 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 08:56 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 08:56 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 08:56 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 08:56 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 08:56 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 08:56 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 08:56 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 08:56 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 08:56 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 08:56 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 08:56 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 08:56 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 08:56 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 08:56 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 08:53 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 08:53 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 08:37 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 08:37 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 08:37 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 08:37 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 08:37 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 08:37 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 08:37 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 08:37 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 08:37 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 08:36 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 08:36 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
==================== One Month Modified Files and Folders =======
2014-01-09 18:40 - 2014-01-09 18:40 - 00015378 _____ C:\Users\Anna\Desktop\FRST.txt
2014-01-09 18:40 - 2014-01-09 18:40 - 00000000 ____D C:\FRST
2014-01-09 18:39 - 2014-01-09 18:39 - 01065947 _____ (Farbar) C:\Users\Anna\Desktop\FRST.exe
2014-01-09 18:37 - 2014-01-09 18:37 - 00000572 _____ C:\Users\Anna\Desktop\defogger_disable.log
2014-01-09 18:37 - 2014-01-09 18:37 - 00000176 _____ C:\Users\Anna\defogger_reenable
2014-01-09 18:37 - 2012-10-16 16:52 - 00000000 ____D C:\Users\Anna
2014-01-09 18:36 - 2014-01-09 18:36 - 00050477 _____ C:\Users\Anna\Desktop\Defogger.exe
2014-01-09 18:35 - 2014-01-09 18:35 - 00050477 _____ C:\Users\Anna\Downloads\Defogger.exe
2014-01-09 18:25 - 2012-10-16 16:48 - 01461373 _____ C:\Windows\WindowsUpdate.log
2014-01-09 18:06 - 2013-06-04 07:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 17:55 - 2012-10-21 11:56 - 00000000 ____D C:\ProgramData\Lx_cats
2014-01-09 17:07 - 2012-10-16 16:58 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 14:16 - 2013-12-23 14:26 - 00000340 _____ C:\Windows\Tasks\PassShow Update.job
2014-01-09 13:08 - 2009-07-14 05:34 - 00014624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-09 13:08 - 2009-07-14 05:34 - 00014624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-09 13:02 - 2013-06-12 21:30 - 00000000 ___RD C:\Users\Anna\Dropbox
2014-01-09 13:02 - 2013-06-12 21:20 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-09 13:02 - 2013-06-12 21:18 - 00000000 ____D C:\Users\Anna\AppData\Roaming\Dropbox
2014-01-09 13:01 - 2012-10-21 11:35 - 00057150 _____ C:\ProgramData\lxeescan.log
2014-01-09 13:00 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-09 13:00 - 2009-07-14 05:39 - 00074919 _____ C:\Windows\setupact.log
2014-01-06 23:27 - 2013-12-27 17:22 - 00000000 ____D C:\Users\Anna\Desktop\Martin
2014-01-06 23:15 - 2013-12-23 14:26 - 00000000 ____D C:\Program Files\SciLor's grooveshark(tm).com Downloader
2013-12-31 11:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-31 11:15 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-27 18:50 - 2013-12-27 18:49 - 22964496 _____ C:\Users\Anna\Downloads\FullTiltPokerEuSetup.exe
2013-12-27 18:35 - 2013-12-27 18:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-27 18:04 - 2013-12-27 18:02 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-27 18:03 - 2013-12-27 18:03 - 00002125 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-27 18:01 - 2013-12-27 18:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Anna\Downloads\spybot-2.2.25.exe
2013-12-27 17:49 - 2009-07-14 09:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-27 17:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-27 17:31 - 2013-12-23 15:40 - 00000000 ____D C:\Users\Anna\AppData\Roaming\MediaMonkey
2013-12-27 17:17 - 2013-12-27 17:06 - 00000000 ____D C:\AdwCleaner
2013-12-27 17:05 - 2013-12-27 17:05 - 01233962 _____ C:\Users\Anna\Downloads\adwcleaner.exe
2013-12-27 16:56 - 2013-12-23 14:06 - 00000000 ____D C:\Users\Anna\AppData\Roaming\newnext.me
2013-12-27 16:55 - 2012-10-16 22:54 - 00013110 _____ C:\Windows\PFRO.log
2013-12-23 15:52 - 2013-12-23 15:51 - 00000000 ____D C:\Users\Anna\Desktop\mama
2013-12-23 15:40 - 2013-12-23 15:40 - 00001007 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2013-12-23 15:40 - 2013-12-23 15:40 - 00000000 ____D C:\Users\Anna\AppData\Local\MediaMonkey
2013-12-23 15:40 - 2013-12-23 15:40 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-23 15:40 - 2013-12-23 15:40 - 00000000 ____D C:\Program Files\MediaMonkey
2013-12-23 15:39 - 2013-12-23 15:39 - 15069520 _____ (Ventis Media Inc. ) C:\Users\Anna\Downloads\MediaMonkey_4.0.7.1511.exe
2013-12-23 15:29 - 2013-12-23 15:29 - 00000000 ____D C:\Users\Anna\AppData\Local\Macroplant,_LLC
2013-12-23 15:29 - 2013-12-23 15:29 - 00000000 ____D C:\Program Files\Sharepod
2013-12-23 15:24 - 2013-12-23 15:24 - 05965680 _____ (Macroplant LLC ) C:\Users\Anna\Downloads\Sharepod_4_Setup_4010b.exe
2013-12-23 15:18 - 2013-12-23 14:28 - 00000000 ____D C:\Users\Anna\Desktop\iPod Musik
2013-12-23 15:14 - 2013-12-23 14:42 - 00000000 ____D C:\Users\Anna\Desktop\Eminem u Charts
2013-12-23 15:12 - 2013-12-23 15:12 - 00000000 ____D C:\Users\Anna\Desktop\Zumba
2013-12-23 14:28 - 2013-12-23 14:06 - 00000000 ____D C:\Users\Anna\AppData\Local\cache
2013-12-23 14:27 - 2013-12-23 14:27 - 00001272 _____ C:\Users\Public\Desktop\SciLor's grooveshark™.com Downloader.lnk
2013-12-23 14:27 - 2013-12-23 14:06 - 00000000 ____D C:\Users\Anna\AppData\Local\genienext
2013-12-23 14:26 - 2013-12-23 14:26 - 00000000 ____D C:\Program Files\PassShow
2013-12-23 14:25 - 2013-12-23 14:25 - 00923784 _____ (CNET Download.com) C:\Users\Anna\Downloads\cbsidlm-cbsi145-SciLors_Groovesharkcom_Downloader-ORG-75764950.exe
2013-12-23 14:12 - 2013-12-23 14:06 - 00000332 _____ C:\Users\Anna\daemonprocess.txt
2013-12-23 14:10 - 2013-04-30 11:53 - 00001427 _____ C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-23 14:06 - 2013-12-23 14:06 - 00000000 ____D C:\Users\Anna\.android
2013-12-23 13:47 - 2013-03-24 17:39 - 00000000 ____D C:\Users\Anna\AppData\Local\Google
2013-12-23 13:43 - 2013-12-23 13:43 - 00689856 _____ C:\Users\Anna\Downloads\SciLors_Grooveshark(tm)_DownloaderSetup.exe
2013-12-23 12:21 - 2012-10-16 16:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-21 19:25 - 2013-12-21 19:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-17 08:17 - 2013-11-08 16:35 - 00000000 ____D C:\Users\Anna\Desktop\Musik_Management
2013-12-12 17:06 - 2013-01-30 14:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-12 17:06 - 2013-01-30 14:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-12 15:08 - 2009-07-14 05:33 - 00411608 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 08:56 - 2013-01-16 16:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 08:55 - 2013-08-14 08:43 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 08:54 - 2012-10-16 18:16 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 14:31 - 2013-12-09 22:52 - 00000000 ____D C:\Users\Anna\Desktop\Erste Bilder
Some content of TEMP:
====================
C:\Users\Anna\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-31 11:39
==================== End Of Log ============================
FRST-AdditionFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-01-2014 01
Ran by Anna at 2014-01-09 18:41:26
Running from C:\Users\Anna\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (Version: 2.10 - Michael Tippach)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (Version: 4.5.2.4291 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Authentication Manager (Version: 2.0.0.41479 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
Citrix Receiver (USB) (Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
Citrix Receiver (Version: 13.1.200.22 - Citrix Systems, Inc.)
Citrix Receiver Inside (Version: 3.2.0.5844 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
DAEMON Tools Lite (Version: 4.46.1.0327 - DT Soft Ltd)
Das Postleitzahlen-Diagramm 3.8 (Version: - Klaus Wessiepe, Softwareentwicklung und Vertrieb)
Dropbox (Version: 2.4.11 - Dropbox, Inc.)
E-MU Audio Drivers (Version: - )
E-MU PatchMix DSP (Version: - )
Falk Navi-Manager (Version: 1.2.172 - Falk Marcopolo Interactive GmbH)
Falk Navi-Manager (Version: 1.2.172 - Falk Marcopolo Interactive GmbH) Hidden
Free DWG Viewer 7.2 (Version: 7.2.0.51 - IGC)
Hama Wireless LAN Adapter (Version: 10.1.0 - Hama)
iCloud (Version: 3.0.2.163 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (Version: - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Lexmark (Version: 1.0.0.0 - )
MediaMonkey 4.0 (Version: 4.0 - Ventis Media Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (Version: 6.2.3 - )
Online Plug-in (Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
Parker WinMatch (Version: - )
PassShow (Version: - PassShow Software)
Picasa 3 (Version: 3.9 - Google, Inc.)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Reason 5.0 (Version: 5.0 - Propellerhead Software AB)
SciLor's grooveshark™.com Downloader 0.4.12 (Version: 0.4.12 - SciLor)
Self-Service Plug-in (Version: 3.2.0.24226 - Citrix Systems, Inc.) Hidden
Sharepod 4.0.1.0 (Version: - Macroplant LLC)
Spybot - Search & Destroy (Version: 2.2.25 - Safer-Networking Ltd.)
Steinberg Cubase SX 3 (Version: - Steinberg Media Technologies GmbH)
Steinberg Cubase SX v3.1.1.944 (Version: - )
SyncroSoft Emu (Remove only) (Version: - )
Syncrosofts Lizenz Kontrolle (Version: - Syncrosoft Hard- Und Software GmbH)
syngo fastView (Version: VX57H31 - Siemens MedSW)
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Waves Complete V9r5 (Version: 9.1.1 - Waves)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
08-12-2013 11:19:21 Windows Update
10-12-2013 22:05:58 Windows Update
12-12-2013 07:53:00 Windows Update
16-12-2013 05:53:07 Windows Update
19-12-2013 14:59:43 Windows Update
23-12-2013 13:03:27 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
23-12-2013 15:10:08 Windows Update
27-12-2013 16:06:50 Windows Update
27-12-2013 16:42:17 Windows Modules Installer
27-12-2013 16:47:53 Windows Modules Installer
27-12-2013 22:27:02 Windows Update
31-12-2013 10:19:52 Windows Update
03-01-2014 17:14:33 Windows Update
07-01-2014 16:38:27 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {38ED887B-36D0-49C7-8FE3-7AEB0242673F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {4940BA50-92D9-4F7F-B5B5-8AC123730954} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {73E26DB9-4899-4660-B37B-51278BD16B65} - System32\Tasks\PassShow Update => C:\Program Files\PassShow\PsUP.exe [2013-12-23] ()
Task: {C699C246-8B37-4EC9-85DE-DEE5C3CF15B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12] (Adobe Systems Incorporated)
Task: {F45101F3-98E1-43C5-BB13-E6454162E4C3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PassShow Update.job => C:\Program Files\PassShow\PsUP.exe
==================== Loaded Modules (whitelisted) =============
2012-06-18 16:24 - 2012-06-18 16:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2012-08-03 20:53 - 2012-08-03 20:53 - 00062968 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-27 18:02 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-27 18:02 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-01-16 16:43 - 2009-12-10 12:16 - 00918816 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Anna\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-21 19:24 - 2013-12-21 19:24 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2009-05-18 12:29 - 2009-05-18 12:29 - 00819200 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeeptpc.dll
2009-11-04 12:14 - 2009-11-04 12:14 - 00165376 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeedrui.dll
2009-06-07 23:40 - 2009-06-07 23:40 - 00167936 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeePRPR.DLL
2009-11-04 12:14 - 2009-11-04 12:14 - 00236032 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeedr.dll
2013-12-12 17:06 - 2013-12-12 17:06 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
2013-12-27 18:02 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-27 18:02 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Nsynas32
Description: Nsynas32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Nsynas32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Description: Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/06/2014 11:15:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SciLors GrooveDownloader.exe, Version: 1.0.0.0, Zeitstempel: 0x52600965
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005d2914
ID des fehlerhaften Prozesses: 0x1570
Startzeit der fehlerhaften Anwendung: 0xSciLors GrooveDownloader.exe0
Pfad der fehlerhaften Anwendung: SciLors GrooveDownloader.exe1
Pfad des fehlerhaften Moduls: SciLors GrooveDownloader.exe2
Berichtskennung: SciLors GrooveDownloader.exe3
Error: (01/06/2014 11:15:25 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: SciLors GrooveDownloader.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei SciLors_GrooveDownloader.MainWindow.MainWindow_Closed(System.Object, System.EventArgs)
bei System.Windows.Window.OnClosed(System.EventArgs)
bei System.Windows.Window.WmDestroy()
bei System.Windows.Window.WindowFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.UnsafeSendMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
bei System.Windows.Window.InternalClose(Boolean, Boolean)
bei System.Windows.Application.DoShutdown()
bei System.Windows.Application.ShutdownImpl()
bei System.Windows.Application.ShutdownCallback(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.runTryCode(System.Object)
bei System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei System.Windows.Application.Run()
bei SciLors_GrooveDownloader.Application.Main()
Error: (01/06/2014 09:06:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SciLors GrooveDownloader.exe, Version: 1.0.0.0, Zeitstempel: 0x52600965
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003f2914
ID des fehlerhaften Prozesses: 0xd18
Startzeit der fehlerhaften Anwendung: 0xSciLors GrooveDownloader.exe0
Pfad der fehlerhaften Anwendung: SciLors GrooveDownloader.exe1
Pfad des fehlerhaften Moduls: SciLors GrooveDownloader.exe2
Berichtskennung: SciLors GrooveDownloader.exe3
Error: (01/06/2014 09:06:38 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: SciLors GrooveDownloader.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei SciLors_GrooveDownloader.MainWindow.MainWindow_Closed(System.Object, System.EventArgs)
bei System.Windows.Window.OnClosed(System.EventArgs)
bei System.Windows.Window.WmDestroy()
bei System.Windows.Window.WindowFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.UnsafeSendMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
bei System.Windows.Window.InternalClose(Boolean, Boolean)
bei System.Windows.Application.DoShutdown()
bei System.Windows.Application.ShutdownImpl()
bei System.Windows.Application.ShutdownCallback(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.runTryCode(System.Object)
bei System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei System.Windows.Application.Run()
bei SciLors_GrooveDownloader.Application.Main()
Error: (01/06/2014 08:13:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EmuPatchMixDSP.exe, Version: 1.0.1.17, Zeitstempel: 0x401f098e
Name des fehlerhaften Moduls: EmuPatchMixDSP.dll, Version: 1.0.1.8, Zeitstempel: 0x401f08a3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00019f58
ID des fehlerhaften Prozesses: 0x1484
Startzeit der fehlerhaften Anwendung: 0xEmuPatchMixDSP.exe0
Pfad der fehlerhaften Anwendung: EmuPatchMixDSP.exe1
Pfad des fehlerhaften Moduls: EmuPatchMixDSP.exe2
Berichtskennung: EmuPatchMixDSP.exe3
Error: (01/06/2014 07:33:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SciLors GrooveDownloader.exe, Version: 1.0.0.0, Zeitstempel: 0x52600965
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003a2914
ID des fehlerhaften Prozesses: 0x1320
Startzeit der fehlerhaften Anwendung: 0xSciLors GrooveDownloader.exe0
Pfad der fehlerhaften Anwendung: SciLors GrooveDownloader.exe1
Pfad des fehlerhaften Moduls: SciLors GrooveDownloader.exe2
Berichtskennung: SciLors GrooveDownloader.exe3
Error: (01/06/2014 07:33:31 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: SciLors GrooveDownloader.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei SciLors_GrooveDownloader.MainWindow.MainWindow_Closed(System.Object, System.EventArgs)
bei System.Windows.Window.OnClosed(System.EventArgs)
bei System.Windows.Window.WmDestroy()
bei System.Windows.Window.WindowFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.UnsafeSendMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
bei System.Windows.Window.InternalClose(Boolean, Boolean)
bei System.Windows.Application.DoShutdown()
bei System.Windows.Application.ShutdownImpl()
bei System.Windows.Application.ShutdownCallback(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.runTryCode(System.Object)
bei System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei System.Windows.Application.Run()
bei SciLors_GrooveDownloader.Application.Main()
Error: (01/06/2014 07:19:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3564078
Error: (01/06/2014 07:19:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3564078
Error: (01/06/2014 07:19:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (01/09/2014 05:05:14 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (01/09/2014 05:05:14 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (01/09/2014 05:01:34 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (01/09/2014 05:01:34 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (01/09/2014 01:01:09 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (01/09/2014 01:00:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/09/2014 01:00:21 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (01/09/2014 01:00:15 PM) (Source: sptd) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (01/08/2014 09:25:22 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (01/08/2014 02:24:39 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 3318.3 MB
Available physical RAM: 1162.28 MB
Total Pagefile: 6632.84 MB
Available Pagefile: 4362.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1873.3 MB
==================== Drives ================================
Drive c: (Volume) (Fixed) (Total:446.23 GB) (Free:278.25 GB) NTFS
Drive e: (TREKSTOR) (Fixed) (Total:149.01 GB) (Free:50.23 GB) FAT32
Drive j: (WAVES9R5) (CDROM) (Total:0.75 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5960FD37)
Partition 1: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 0B33A529)
Partition 1: (Active) - (Size=149 GB) - (Type=0B)
==================== End Of Log ============================
Spybot-Report Code:
ATTFilter Search results from Spybot - Search & Destroy
10.01.2014 09:54:52
Scan took 00:22:59.
27 items found.
Somoto.BetterInstaller: [SBI $B8A7F4F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdp
Somoto.BetterInstaller: [SBI $B8A7F4F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdp
SweetIM: [SBI $AA2FA8DB] User settings (Registry Key, nothing done)
HKEY_USERS\.DEFAULT\Software\SweetIM
SweetIM: [SBI $AA2FA8DB] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-18\Software\SweetIM
SweetIM: [SBI $08F288FC] User settings (Registry Key, nothing done)
HKEY_USERS\.DEFAULT\Software\ImInstaller
SweetIM: [SBI $B05CF80C] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-18\Software\ImInstaller
SweetIM: [SBI $156C1FE6] Settings (Registry Key, nothing done)
HKEY_USERS\.DEFAULT\Software\SweetIM\Toolbars
SweetIM: [SBI $156C1FE6] Settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-18\Software\SweetIM\Toolbars
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Anna\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CRKS8W4V\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=131
Properties.md5=D3ED6DCAE3C3081EF612CD0EC2757558
Properties.filedate=1389285997
Properties.filedatetext=2014-01-09 17:46:36
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Anna\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CRKS8W4V\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=39
Properties.md5=B43F43445AA3414DDC22EC80FBB22871
Properties.filedate=1389285997
Properties.filedatetext=2014-01-09 17:46:36
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Anna\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CRKS8W4V\www.paypalobjects.com\paypalLSO.sol
Properties.size=111
Properties.md5=36B2FE09D6EF0C12ABC7A8240B86D561
Properties.filedate=1389286265
Properties.filedatetext=2014-01-09 17:51:04
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Anna\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CRKS8W4V\www.paypalobjects.com\ppLsoTest.sol
Properties.size=48
Properties.md5=74EE4375686A2069414EEF13E7B62789
Properties.filedate=1389286255
Properties.filedatetext=2014-01-09 17:50:55
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\Anna\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CRKS8W4V\www.ajaxcdn.org\swf.swf\dm_cookie.sol
Properties.size=415
Properties.md5=ED4E3C925CD421F9BE689B124CAAFEF2
Properties.filedate=1389339904
Properties.filedatetext=2014-01-10 08:45:04
DoubleClick: [SBI $19447DDC] Tracking cookie (Firefox: Anna (default)) (Browser: Cookie, nothing done)
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3567876854-2728293220-477572695-1001\Software\Microsoft\Microsoft Management Console\Recent File List
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3567876854-2728293220-477572695-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3567876854-2728293220-477572695-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3567876854-2728293220-477572695-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (13) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (5) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (163) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-12-27 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2013-11-12 Includes\Adware.sbi (*)
2013-12-23 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-10-16 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2013-10-29 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-12-23 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-10-29 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-12-03 Includes\TrojansC-03.sbi (*)
2013-12-23 Includes\TrojansC-04.sbi (*)
2013-12-10 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
GMER hat nicht funktioniert. Hier erschien folgende Fehlermeldung: Es befindet sich kein Datenträger im Laufwerk. Legen Sie einen Datenträger in Laufwerk \Device\Harddisk3\DR3 ein. Das selbe kam beim Versuch im abgesicherten Modus zu scannen. Auch google hat mir da nicht viel weitergeholfen. Ich danke für eure Hilfe. Grüße |
| Themen zu Windows 7: Trojaner auf PC "http://onlinewebfind.com/ads-clicktrack..." |
| 4d36e972-e325-11ce-bfc1-08002be10318, adblock, adobe, bonjour, browser, cubase, defender, ebay, email, error, excel, fehlermeldung, firefox, flash player, mozilla, plug-in, problem, prozessor, realtek, refresh, registry key, safer networking, scan, security, services.exe, software, svchost.exe, temp, trojaner, tv wizard, usb, user agent, windows, windows xp |
Baum-Darstellung