So , hier die Logs :) Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-06-2013
Ran by Schirmayer at 2013-06-18 18:01:23 Run:
Running from C:\Users\Schirmayer\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 3.7.0.1530)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Recommended Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Extra Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Download Assistant (Version: 1.2.5)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS (Version: CS)
Adobe Photoshop Lightroom 3.6 (Version: 3.6.1)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Ashampoo Burning Studio 6 FREE (Version: 6.7.7)
Avery Wizard 4.0 (Version: 4.0.103)
Avira Free Antivirus (Version: 13.0.0.3640)
CCleaner (Version: 3.02)
CDBurnerXP (Version: 4.5.1.3868)
COMODO Internet Security (Version: 5.10.31649.2253)
Copernic Desktop Search - Home
DHTML Editing Component (Version: 6.02.0001)
Easy DVD Clone
EasyBits GO
ElsterFormular (Version: 11.5.0.4546)
ElsterFormular (Version: 14.1.11318)
GetDataBack for NTFS (Version: 4.00.000)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
KeePass Password Safe 2.19
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Camera Codec Pack (Version: 16.0.0652.0621)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nuance PaperPort 12 (Version: 12.1.0000)
Nuance PDF Viewer Plus (Version: 5.30.3290)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Grafiktreiber 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Systemsteuerung 307.83 (Version: 307.83)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
PaperPort Image Printer (Version: 1.00.0001)
Paragon Backup & Recovery™ 10.2 Free Edition (Version: 90.00.0003)
Paragon Backup & Recovery™ 2012 Free (Version: 90.00.0003)
PC Inspector File Recovery (Version: 4.0)
PDF Settings (Version: 1.0)
PDF24 Creator 5.4.0
PhotoScape
PVSonyDll (Version: 1.00.0001)
Readiris Pro 10
Recuva (Version: 1.42)
Samsung AnyWeb Print (Version: 2.0.75.0)
Samsung Scan Assistant (Version: 1.04.20.00)
Scansoft PDF Professional
Secunia PSI (2.0.0.4002)
Skype Click to Call (Version: 5.11.9874)
Skype™ 6.3 (Version: 6.3.105)
SmarThru 4
Spybot - Search & Destroy (Version: 1.6.2)
SugarSync (Version: 2.0.18.112077)
TeamViewer 8 (Version: 8.0.18930)
TrueCrypt (Version: 6.3a)
Turbo Lister 2 (Version: 2.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC 9.0 Runtime (Version: 1.0.0)
Verbindungsassistent (Version: 3.1)
Versandhelfer (Version: 1.3)
Wartung Samsung CLX-3180 Series
WinRAR
XnView 1.99 (Version: 1.99)
ZoneAlarm Toolbar
==================== Restore Points =========================
17-06-2013 08:02:46 Geplanter Prüfpunkt
==================== Hosts content: ==========================
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
There are 1000 more lines starting with "127.0.0.1"
==================== Scheduled Tasks (whitelisted) =============
Task: {2C6B0577-9095-4099-993D-6AC0D98C5F06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {3404312E-2D4F-4525-857B-9EF9CB661BC5} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [2010-11-20] (Microsoft Corporation)
Task: {66C4FE82-27D6-47FF-957A-A05E681E3337} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-09] (Microsoft Corporation)
Task: {75E6A466-C685-4D5B-83E9-3E4DB821AD76} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {786CC1BE-6D73-492B-A5C9-08AB92D517AD} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader => C:\Windows\system32\WSqmCons.exe [2010-11-20] (Microsoft Corporation)
Task: {8CD20CD0-9225-4248-AE7F-DADDB33D9E1D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation)
Task: {C4DE9BAF-305E-42D0-94D6-662D26F826DE} - System32\Tasks\Paragon Archive name arc_070412140058195 => C:\Program Files\Paragon Software\Backup and Recovery 10 Free Edition\program\scripts.exe [2010-04-26] (Paragon Software Group)
Task: {CD19AAD7-8FA3-45AC-AA87-4C8BEDE90488} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {D406EAA3-723E-43BA-AC7A-07B450EF0F4D} - System32\Tasks\{3D285892-4195-44F4-8412-7428207605A4} => C:\Program Files\Skype\\Phone\Skype.exe [2013-02-28] (Skype Technologies S.A.)
Task: {E8164C0D-216C-4B6B-9EB8-31BF958B8014} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [2009-06-10] ()
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: ZoneAlarm Toolbar ISWKL
Description: ZoneAlarm Toolbar ISWKL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ISWKL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2013 04:37:10 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (06/18/2013 03:50:57 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (06/18/2013 01:00:08 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (06/18/2013 09:04:03 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (06/18/2013 07:52:52 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (06/17/2013 00:47:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 2.0.0.4002, Zeitstempel: 0x4e327b7b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x7d0
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (06/17/2013 09:58:46 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (06/17/2013 07:56:19 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (06/14/2013 05:18:07 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (06/13/2013 10:14:28 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
System errors:
=============
Error: (06/18/2013 02:44:38 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{23aaf11f-4b45-11df-9451-806e6f6e6963}" können nicht gelesen werden.
Error: (06/18/2013 02:44:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ZoneAlarm Toolbar IswSvc" ist vom Dienst "ZoneAlarm Toolbar ISWKL" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%3
Error: (06/18/2013 02:44:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ZoneAlarm Toolbar ISWKL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (06/18/2013 02:44:25 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (06/18/2013 07:35:41 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{23aaf11f-4b45-11df-9451-806e6f6e6963}" können nicht gelesen werden.
Error: (06/18/2013 07:35:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ZoneAlarm Toolbar IswSvc" ist vom Dienst "ZoneAlarm Toolbar ISWKL" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%3
Error: (06/18/2013 07:35:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ZoneAlarm Toolbar ISWKL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (06/18/2013 07:34:48 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (06/17/2013 00:47:18 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2013 10:00:14 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Microsoft Office Sessions:
=========================
Error: (04/24/2013 06:28:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16873 seconds with 3540 seconds of active time. This session ended with a crash.
Error: (02/28/2013 04:14:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/28/2013 08:33:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/07/2013 08:44:32 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 218 seconds with 180 seconds of active time. This session ended with a crash.
Error: (11/30/2012 09:03:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 27057 seconds with 720 seconds of active time. This session ended with a crash.
Error: (09/13/2012 03:18:50 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 41174 seconds with 900 seconds of active time. This session ended with a crash.
Error: (08/27/2012 07:18:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16694 seconds with 300 seconds of active time. This session ended with a crash.
Error: (07/19/2012 08:48:08 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2306 seconds with 480 seconds of active time. This session ended with a crash.
Error: (03/16/2012 00:11:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/31/2012 10:20:32 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5527 seconds with 720 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2012-03-19 09:18:49.414
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-19 09:05:50.805
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-19 08:51:16.500
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-19 08:15:59.592
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-19 07:57:20.390
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-16 13:57:53.048
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-16 11:16:06.237
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-16 11:05:03.305
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-16 10:57:40.225
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-16 10:46:00.507
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 2047.3 MB
Available physical RAM: 785.44 MB
Total Pagefile: 5347.3 MB
Available Pagefile: 3640.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.22 MB
==================== Drives ================================
Drive b: (Business) (Fixed) (Total:48.83 GB) (Free:27.62 GB) NTFS
Drive c: (Windows) (Fixed) (Total:58.49 GB) (Free:13.42 GB) NTFS
Drive d: (Business) (Fixed) (Total:48.83 GB) (Free:27.62 GB) NTFS
Drive e: (Daten) (Fixed) (Total:122.07 GB) (Free:50.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 0C550C54)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=125 GB) - (Type=OF Extended)
==================== End Of Log ============================
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-06-2013
Ran by Schirmayer (administrator) on 18-06-2013 18:00:38
Running from C:\Users\Schirmayer\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files\Verbindungsassistent\WTGService.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Copernic Inc.) C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun [688128 2011-07-06] ()
HKLM\...\Run: [CLX3180_Scan2Pc] C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM\...\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h [6756048 2012-11-08] (COMODO)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [3180 Scan2PC] "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe" [1990144 2011-04-29] ()
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload [1895424 2012-05-01] (Dominik Reichl)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-06] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM\...\Runonce: [AvgUninstallURL] cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA"&"inst=NwA3AC0AMQAyADEAOAA1ADMANgAxADUAMAAtAEIAQQBSADkATwArADEALQBGAEwAKwA5AC0ARgA5AE0ANgArADEALQBYAE8AMwA2ACsAMQAtAEYAOQBNADcAQwArADUALQBYAE8AOQArADEALQBGADkATQAzACsAMQAtAEQARABUACsAMAAtAEQARAA5ADAARgArADEALQBTAFQAOQAwAEYAQQBQAFAAKwAxAA"&"prod=90"&"ver=9.0.894 [x]
Winlogon\Notify\klogon:
HKCU\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [Copernic Desktop Search - Home] "C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray [1692200 2013-01-28] (Copernic Inc.)
MountPoints2: G - G:\.\Autorun.exe AUTORUN=1
MountPoints2: H - H:\.\Autorun.exe AUTORUN=1
MountPoints2: {0c0858de-7233-11e1-b69f-00138ffcd25f} - G:\LaunchU3.exe -a
MountPoints2: {4aa759a5-95bb-11e2-9f6c-00138ffcd25f} - H:\.\Autorun.exe AUTORUN=1
MountPoints2: {4aa759b6-95bb-11e2-9f6c-00138ffcd25f} - H:\.\Autorun.exe AUTORUN=1
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Schirmayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk
ShortcutTarget: Versandhelfer.lnk -> C:\Program Files\Versandhelfer\Versandhelfer.exe ()
Startup: C:\Users\Schirmayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\virtuelle-laufwerke-mounten.bat ()
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
SearchScopes: HKCU - {5B002001-09FF-4333-A944-63444AE00D7C} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Schirmayer\AppData\Roaming\Mozilla\Firefox\Profiles\ippsrkm1.default
FF Homepage: hxxp://www.google.com/calendar/render
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Deutsches Wörterbuch - C:\Users\Schirmayer\AppData\Roaming\Mozilla\Firefox\Profiles\ippsrkm1.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: tineye - C:\Users\Schirmayer\AppData\Roaming\Mozilla\Firefox\Profiles\ippsrkm1.default\Extensions\tineye@ideeinc.com.xpi
FF Extension: yesscript - C:\Users\Schirmayer\AppData\Roaming\Mozilla\Firefox\Profiles\ippsrkm1.default\Extensions\yesscript@userstyles.org.xpi
FF Extension: No Name - C:\Users\Schirmayer\AppData\Roaming\Mozilla\Firefox\Profiles\ippsrkm1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Schirmayer\AppData\Roaming\Mozilla\Firefox\Profiles\ippsrkm1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com
========================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-09-27] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86752 2013-04-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110816 2013-04-02] (Avira Operations GmbH & Co. KG)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-08] (COMODO)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-07-29] (Secunia)
R2 WTGService; C:\Program Files\Verbindungsassistent\WTGService.exe [330696 2010-11-18] ()
S2 IswSvc; "C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-04-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-04-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-02] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [101248 2012-03-26] (AVM Berlin)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [273552 2010-11-30] (EldoS Corporation)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [494416 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [36072 2012-11-08] (COMODO)
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-07-13] (Samsung Electronics Co., Ltd.)
S3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [123784 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. )
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [40560 2010-04-26] (Paragon Software Group)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [82952 2012-11-08] (COMODO)
S4 Nvleien; C:\Windows\system32\drivers\BrFiltLo.sys [13568 2009-07-14] (Brother Industries, Ltd.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 SSCBFS3; C:\Windows\System32\DRIVERS\sscbfs3.sys [295488 2012-10-30] (EldoS Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-01] (Avira GmbH)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-12] (Samsung Electronics)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-11-28] (TeamViewer GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [45240 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [441608 2011-11-17] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [277576 2011-11-17] (Paragon)
S2 ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [x]
U3 pgldrpow; \??\C:\Users\SCHIRM~1\AppData\Local\Temp\pgldrpow.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-18 18:00 - 2013-06-18 18:00 - 00000000 ____D C:\FRST
2013-06-18 17:59 - 2013-06-18 17:59 - 01365717 ____A (Farbar) C:\Users\Schirmayer\Desktop\FRST.exe
2013-06-18 13:53 - 2013-06-18 13:53 - 00377856 ____A C:\Users\Schirmayer\Desktop\gmer_2.1.19163.exe
2013-06-18 13:51 - 2013-06-18 14:43 - 00072171 ____A C:\Users\Schirmayer\Desktop\Neues Textdokument.txt
2013-06-18 13:46 - 2013-06-18 13:46 - 00602112 ____A (OldTimer Tools) C:\Users\Schirmayer\Desktop\OTL.exe
2013-06-18 13:45 - 2013-06-18 13:45 - 00000482 ____A C:\Users\Schirmayer\Downloads\defogger_disable.log
2013-06-18 13:45 - 2013-06-18 13:45 - 00000000 ____A C:\Users\Schirmayer\defogger_reenable
2013-06-18 13:44 - 2013-06-18 13:44 - 00050477 ____A C:\Users\Schirmayer\Desktop\Defogger.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Schirmayer\Downloads\tdsskiller.exe
2013-06-14 12:24 - 2013-06-14 12:48 - 00000000 ____D C:\Users\Schirmayer\Desktop\Frau ****
2013-06-11 10:23 - 2013-06-18 12:39 - 00000000 ____D C:\ProgramData\08D6D9468F1EC0A3000008D6D074C5AA
2013-06-11 10:21 - 2013-06-11 10:21 - 00000000 ____D C:\Windows\Sun
2013-06-03 16:59 - 2013-06-03 16:59 - 14323712 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-03 16:59 - 2013-06-03 16:59 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 01767424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-03 16:59 - 2013-06-03 16:59 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-03 16:59 - 2013-06-03 16:59 - 01130496 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-03 16:59 - 2013-06-03 16:59 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-03 16:59 - 2013-06-03 16:59 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-03 16:58 - 2013-06-03 17:03 - 00009518 ____A C:\Windows\IE10_main.log
2013-05-29 11:15 - 2013-06-17 16:23 - 00000000 ____D C:\Users\Schirmayer\Desktop\29.05.2013
2013-05-28 08:18 - 2013-05-28 08:18 - 00001825 ____A C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-05-28 08:18 - 2013-05-28 08:18 - 00001810 ____A C:\Users\Public\Desktop\PDF24 Fax.lnk
==================== One Month Modified Files and Folders ========
2013-06-18 18:00 - 2013-06-18 18:00 - 00000000 ____D C:\FRST
2013-06-18 17:59 - 2013-06-18 17:59 - 01365717 ____A (Farbar) C:\Users\Schirmayer\Desktop\FRST.exe
2013-06-18 17:18 - 2012-04-10 16:52 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 14:52 - 2009-07-14 06:34 - 00014496 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 14:52 - 2009-07-14 06:34 - 00014496 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 14:44 - 2013-01-04 15:26 - 00008726 ____A C:\Windows\setupact.log
2013-06-18 14:44 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-18 14:43 - 2013-06-18 13:51 - 00072171 ____A C:\Users\Schirmayer\Desktop\Neues Textdokument.txt
2013-06-18 13:53 - 2013-06-18 13:53 - 00377856 ____A C:\Users\Schirmayer\Desktop\gmer_2.1.19163.exe
2013-06-18 13:47 - 2012-06-01 07:35 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-06-18 13:46 - 2013-06-18 13:46 - 00602112 ____A (OldTimer Tools) C:\Users\Schirmayer\Desktop\OTL.exe
2013-06-18 13:45 - 2013-06-18 13:45 - 00000482 ____A C:\Users\Schirmayer\Downloads\defogger_disable.log
2013-06-18 13:45 - 2013-06-18 13:45 - 00000000 ____A C:\Users\Schirmayer\defogger_reenable
2013-06-18 13:45 - 2010-04-19 02:04 - 00000000 ____D C:\users\Schirmayer
2013-06-18 13:44 - 2013-06-18 13:44 - 00050477 ____A C:\Users\Schirmayer\Desktop\Defogger.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Schirmayer\Downloads\tdsskiller.exe
2013-06-18 12:39 - 2013-06-11 10:23 - 00000000 ____D C:\ProgramData\08D6D9468F1EC0A3000008D6D074C5AA
2013-06-18 12:30 - 2012-05-31 09:17 - 00000324 ____A C:\Windows\hpbafd.ini
2013-06-18 08:10 - 2010-04-19 02:06 - 01622012 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-18 07:36 - 2012-03-08 08:31 - 01620992 __ASH C:\Users\Schirmayer\Desktop\Thumbs.db
2013-06-17 16:23 - 2013-05-29 11:15 - 00000000 ____D C:\Users\Schirmayer\Desktop\29.05.2013
2013-06-17 14:57 - 2010-05-23 23:20 - 00000000 ____D C:\ProgramData\Adobe
2013-06-17 14:57 - 2010-04-19 02:20 - 00000000 ____D C:\Users\Schirmayer\AppData\Roaming\Adobe
2013-06-17 07:32 - 2011-01-27 08:36 - 00272172 ____A C:\Windows\PFRO.log
2013-06-14 19:59 - 2010-04-19 01:54 - 01383111 ____A C:\Windows\WindowsUpdate.log
2013-06-14 12:48 - 2013-06-14 12:24 - 00000000 ____D C:\Users\Schirmayer\Desktop\Frau ****
2013-06-13 08:57 - 2013-03-04 13:47 - 00005314 ____A C:\Windows\System32\TeamViewer8_Hooks.log
2013-06-13 08:56 - 2013-01-03 17:58 - 00001055 ____A C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-12 11:18 - 2012-04-10 16:52 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-12 11:18 - 2011-05-31 17:31 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-11 10:21 - 2013-06-11 10:21 - 00000000 ____D C:\Windows\Sun
2013-06-06 05:17 - 2012-04-07 16:03 - 00000934 ____A C:\Windows\Tasks\Paragon Archive name arc_070412140058195.job
2013-06-05 18:12 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-05 15:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-03 17:03 - 2013-06-03 16:58 - 00009518 ____A C:\Windows\IE10_main.log
2013-06-03 16:59 - 2013-06-03 16:59 - 14323712 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-03 16:59 - 2013-06-03 16:59 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 01767424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-03 16:59 - 2013-06-03 16:59 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-03 16:59 - 2013-06-03 16:59 - 01130496 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-03 16:59 - 2013-06-03 16:59 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-03 16:59 - 2013-06-03 16:59 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-03 16:59 - 2013-06-03 16:59 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-03 16:59 - 2013-06-03 16:59 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-03 12:29 - 2012-06-21 09:55 - 00000000 ____D C:\Users\Schirmayer\AppData\Local\SugarSync
2013-05-29 15:54 - 2013-03-26 16:08 - 00000000 ____D C:\Users\Schirmayer\AppData\Roaming\Verbindungsassistent
2013-05-28 08:18 - 2013-05-28 08:18 - 00001825 ____A C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-05-28 08:18 - 2013-05-28 08:18 - 00001810 ____A C:\Users\Public\Desktop\PDF24 Fax.lnk
2013-05-28 08:18 - 2012-09-25 14:34 - 00000000 ____D C:\Program Files\PDF24
2013-05-27 12:03 - 2012-05-02 14:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-27 09:07 - 2010-08-25 13:02 - 00000000 ____D C:\Users\Schirmayer\AppData\Roaming\KeePass
2013-05-21 07:37 - 2013-05-17 14:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-13 09:20
==================== End Of Log ============================ --- --- ---
--- --- --- |