Hallo :Boogie: :Boogie: :Boogie:
Ich bin mir nicht sicher ob noch weitere Probleme bestehen bzw. hinzugekommen sind. Heute nachmittag habe ich mir die Vollversion-Magix-Foto-Grafik-Designer-7-SE_62965327.html aus dem Chip Adventskalender installiert und das Internet funktionierte nicht richtig. Dabei habe ich mich sehr viel auf Yahoo Internetseiten aufgehalten. Auf Youtube konnte ich erst keine Videovorschaubilder sehen, dass ging dann später.
Das Laden der Yahoo Seiten hat immer länger gedauert bis dann schließlich auch bei anderen Seiten bis zum Neustart nichts mehr ging. Der Pfeil/Kreis in der URL-leiste zeigte zwar an, dass die Seiten geladen werden, aber es ist nichts weiter passiert.... Die Seiten konnten zum Schluß gar nicht mehr neu geladen werden. Nach dem Neustart ist bisher noch nichts davon zu merken.
Was mich auch etwas skeptisch macht sind im addition aufgelistete Seiten wie diese hier: 010402.com;
www.0scan.com; 100sexlinks.com; www.00hq.com
FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-12-2013 02
Ran by Jule (administrator) on MASF on 08-12-2013 18:33:25
Running from C:\Users\Jule\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Flux Software LLC) C:\Users\Jule\AppData\Local\FluxSoftware\Flux\flux.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20090605-2002\soffice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [f.lux] - C:\Users\Jule\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKCU\...\Run: [SODCPreLoad] - C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20090605-2002\preload.exe [40960 2010-11-16] ()
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?type=800236&fr=spigot-yhp-ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {5C811A52-FBAE-4D9C-8180-8EEF0AC1BF65} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default
FF Homepage: hxxp://de.search.yahoo.com/?type=800236&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF NetworkProxy: "autoconfig_url", "hxxp://204.93.211.220/"
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: WOT - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DVDVideoSoft Menu - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: prefs - C:\Users\Jule\AppData\Roaming\Mozilla\Firefox\Profiles\qctezl56.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
Chrome:
=======
CHR HomePage: hxxp://de.search.yahoo.com/?type=800236&fr=spigot-yhp-ch
CHR RestoreOnStartup: "hxxp://de.search.yahoo.com/?type=800236&fr=spigot-yhp-ch"
CHR Extension: ( "name":"Advanced SystemCare Surfing Protection",) - C:\Users\Jule\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
========================== Services (Whitelisted) =================
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2006-12-28] (AVM Berlin)
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2006-12-28] (AVM GmbH)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S1 MpKsl9cd296d3; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-08 14:20 - 2013-12-08 14:20 - 00000000 ____D C:\Users\Jule\AppData\Roaming\MAGIX
2013-12-08 14:19 - 2013-12-08 14:19 - 00000000 ____D C:\Users\Jule\AppData\Local\Xara
2013-12-08 14:15 - 2013-12-08 14:18 - 00000000 ____D C:\Program Files\MAGIX Foto_Grafik_Designer_7_SE
2013-12-08 14:15 - 2013-12-08 14:15 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2013-12-07 19:03 - 2013-12-07 19:03 - 00448512 _____ (OldTimer Tools) C:\Users\Jule\Desktop\TFC.exe
2013-12-07 00:33 - 2013-12-07 00:33 - 00000000 ____D C:\Program Files\ESET
2013-12-06 23:31 - 2013-12-06 23:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-06 23:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-06 23:29 - 2013-12-06 23:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jule\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-06 13:27 - 2013-12-06 13:29 - 00026674 _____ C:\Users\Jule\Desktop\Addition.txt
2013-12-06 13:23 - 2013-12-08 17:56 - 00000000 ____D C:\Users\Jule\Desktop\FRST-OlderVersion
2013-12-06 11:13 - 2013-12-06 11:13 - 00000842 _____ C:\Users\Jule\Desktop\JRT.txt
2013-12-06 10:59 - 2013-12-06 10:59 - 00000000 ____D C:\Windows\ERUNT
2013-12-06 10:58 - 2013-12-06 10:58 - 01034531 _____ (Thisisu) C:\Users\Jule\Desktop\JRT.exe
2013-12-06 10:33 - 2013-12-06 10:33 - 01110034 _____ C:\Users\Jule\Desktop\adwcleaner.exe
2013-12-05 17:23 - 2013-12-05 19:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-05 17:20 - 2013-12-05 17:20 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-05 17:19 - 2013-12-05 19:19 - 00000000 ____D C:\Users\Jule\Desktop\mbar
2013-12-05 17:16 - 2013-12-05 17:18 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jule\Desktop\mbar-1.07.0.1007.exe
2013-12-05 00:23 - 2013-12-05 00:23 - 00001393 _____ C:\Users\Jule\Desktop\gmer.log
2013-12-04 23:18 - 2013-12-04 23:18 - 00377856 _____ C:\Users\Jule\Desktop\gmer_2.1.19163.exe
2013-12-04 23:12 - 2013-12-04 23:12 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-04 23:10 - 2013-12-08 18:35 - 00011174 _____ C:\Users\Jule\Desktop\FRST.txt
2013-12-04 23:08 - 2013-12-08 17:56 - 00000000 ____D C:\FRST
2013-12-04 23:07 - 2013-12-08 17:56 - 01060441 _____ (Farbar) C:\Users\Jule\Desktop\FRST.exe
2013-12-04 23:02 - 2013-12-04 23:04 - 00000470 _____ C:\Users\Jule\Desktop\defogger_disable.log
2013-12-04 23:02 - 2013-12-04 23:02 - 00000000 _____ C:\Users\Jule\defogger_reenable
2013-12-04 22:48 - 2013-12-04 22:48 - 00050477 _____ C:\Users\Jule\Desktop\Defogger.exe
2013-12-04 20:31 - 2013-12-04 20:31 - 00101983 _____ C:\ProgramData\1386185447.bdinstall.bin
2013-12-04 20:30 - 2013-12-04 20:30 - 00037408 _____ C:\ProgramData\1386185408.bdinstall.bin
2013-11-30 23:55 - 2013-12-06 10:36 - 00000000 ____D C:\AdwCleaner
2013-11-30 23:44 - 2013-11-30 23:44 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-30 16:37 - 2013-11-30 16:37 - 00454288 _____ (Realtek ) C:\Windows\system32\Drivers\Rtlh86.sys
2013-11-30 16:37 - 2013-11-30 16:37 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2013-11-30 16:37 - 2013-11-30 16:37 - 00080488 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2013-11-30 14:02 - 2013-12-04 21:22 - 00000000 ____D C:\ProgramData\ProductData
2013-11-30 14:02 - 2013-11-30 14:02 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-30 13:35 - 2013-12-07 00:24 - 00265728 _____ C:\Windows\PFRO.log
2013-11-30 10:31 - 2013-11-30 10:31 - 00001952 _____ C:\Windows\wininit.ini
2013-11-29 16:15 - 2013-11-29 16:15 - 00260906 _____ C:\ProgramData\1385736874.bdinstall.bin
2013-11-29 16:08 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2013-11-29 15:54 - 2013-11-29 15:54 - 00000000 ____D C:\Users\Jule\AppData\Roaming\QuickScan
2013-11-29 15:25 - 2013-11-29 15:25 - 00000000 ____D C:\Quarantine
2013-11-29 15:21 - 2013-11-29 18:46 - 00000000 ____D C:\Program Files\stinger
2013-11-29 11:14 - 2013-11-29 11:23 - 00000000 ____D C:\Program Files\Re-markit
2013-11-25 18:56 - 2013-11-25 23:26 - 00000000 ____D C:\Users\Jule\Desktop\TEX
2013-11-23 17:53 - 2013-11-23 17:53 - 00000000 _____ C:\Windows\setuperr.log
2013-11-22 19:48 - 2013-11-22 19:48 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2013-11-22 18:12 - 2013-11-23 00:06 - 00000000 ____D C:\MikTex
2013-11-22 17:27 - 2013-11-22 17:27 - 00000000 ____D C:\Users\Jule\Archiv\Documents\Neuer Ordner
2013-11-22 15:40 - 2013-11-22 15:50 - 00000000 ____D C:\Users\Jule\Archiv\Documents\MiKTex1
2013-11-22 13:43 - 2013-11-22 15:14 - 00000000 ____D C:\Users\Jule\Archiv\Documents\miktex
2013-11-22 01:00 - 2013-11-22 00:27 - 07360000 _____ (MiKTeX.org) C:\setup-2.9.4503.exe
2013-11-22 00:49 - 2013-11-22 00:50 - 00067784 _____ C:\Users\Jule\Archiv\Documents\cc_20131122_004939.reg
2013-11-22 00:41 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\system32\gcapi_dll.dll
2013-11-22 00:40 - 2013-11-22 00:42 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Foxit Software
2013-11-22 00:40 - 2013-11-22 00:41 - 00000000 ____D C:\Program Files\Foxit Reader
2013-11-21 23:00 - 2013-11-27 16:28 - 00000000 ____D C:\Users\Jule\Desktop\BA
2013-11-21 22:10 - 2013-11-21 22:10 - 00033235 _____ C:\Users\Jule\Desktop\ADHS eine kritische Bestandsaufnahme Christina Happ.odt
2013-11-20 23:58 - 2013-11-20 23:59 - 00000000 ____D C:\Users\Jule\AppData\Roaming\SumatraPDF
2013-11-20 23:58 - 2013-11-20 23:58 - 00000000 ____D C:\Program Files\SumatraPDF
2013-11-20 23:17 - 2013-11-20 23:17 - 00000000 ____D C:\Program Files\gs9.10
2013-11-20 22:53 - 2013-11-22 21:55 - 00000000 ____D C:\Program Files\TeXnicCenter
2013-11-20 22:17 - 2013-11-20 22:17 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2013-11-20 22:17 - 2013-11-20 22:17 - 00000000 ____D C:\Program Files\Texmaker
2013-11-20 16:09 - 2013-11-20 17:09 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Notepad++
2013-11-20 16:09 - 2013-11-20 16:10 - 00000000 ____D C:\Program Files\Notepad++
2013-11-17 16:44 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-17 16:44 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-17 16:44 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-17 16:44 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-17 16:44 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-17 16:44 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-17 16:44 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-17 16:44 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-17 16:44 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-17 16:44 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-17 16:44 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-17 16:44 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-17 16:44 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-17 16:44 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-17 16:44 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-17 16:44 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-17 15:12 - 2013-11-17 15:28 - 00001594 _____ C:\Windows\VPNUnInstall.MIF
2013-11-17 15:12 - 2013-11-17 15:12 - 00000000 ____D C:\Users\Jule\Archiv\Documents\capella
2013-11-17 15:12 - 2013-11-17 15:12 - 00000000 ____D C:\Users\Jule\AppData\Roaming\capella-software
2013-11-14 21:42 - 2013-11-20 15:14 - 00000000 ____D C:\Users\Jule\AppData\Roaming\xm1
2013-11-14 10:35 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 10:35 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 10:34 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 10:34 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 10:34 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-14 00:10 - 2013-11-14 00:10 - 00000000 ____D C:\ProgramData\Gibraltar
2013-11-13 20:57 - 2013-11-13 20:57 - 00000000 ____D C:\Users\Jule\AppData\Local\Swiss Academic Software
2013-11-13 20:55 - 2013-11-23 10:37 - 00000000 ____D C:\Users\Jule\Archiv\Documents\Citavi 4
2013-11-13 20:55 - 2013-11-14 00:10 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Swiss Academic Software
2013-11-13 18:25 - 2013-11-13 18:25 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2013-11-13 18:18 - 2013-11-13 18:24 - 00000000 ____D C:\Program Files\Citavi 4
2013-11-12 14:24 - 2011-05-04 14:36 - 00007657 _____ C:\Windows\_DETMP.1
2013-11-12 14:24 - 1996-05-10 10:41 - 00009296 _____ (Stirling Technologies Inc.) C:\Windows\_DETMP.2
==================== One Month Modified Files and Folders =======
2013-12-08 18:35 - 2013-12-04 23:10 - 00011174 _____ C:\Users\Jule\Desktop\FRST.txt
2013-12-08 18:14 - 2012-04-09 17:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-08 17:56 - 2013-12-06 13:23 - 00000000 ____D C:\Users\Jule\Desktop\FRST-OlderVersion
2013-12-08 17:56 - 2013-12-04 23:08 - 00000000 ____D C:\FRST
2013-12-08 17:56 - 2013-12-04 23:07 - 01060441 _____ (Farbar) C:\Users\Jule\Desktop\FRST.exe
2013-12-08 17:56 - 2013-03-29 20:14 - 00000342 _____ C:\Windows\Tasks\WpsUpdateTask_Jule.job
2013-12-08 17:49 - 2006-11-02 13:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-08 17:49 - 2006-11-02 13:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-08 17:46 - 2011-08-30 10:21 - 00651304 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 17:46 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-08 16:43 - 2006-11-02 14:01 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-08 16:40 - 2013-01-14 19:39 - 00000000 ____D C:\Program Files\IObit Malware Fighter
2013-12-08 15:56 - 2009-08-27 20:18 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Skype
2013-12-08 14:20 - 2013-12-08 14:20 - 00000000 ____D C:\Users\Jule\AppData\Roaming\MAGIX
2013-12-08 14:19 - 2013-12-08 14:19 - 00000000 ____D C:\Users\Jule\AppData\Local\Xara
2013-12-08 14:18 - 2013-12-08 14:15 - 00000000 ____D C:\Program Files\MAGIX Foto_Grafik_Designer_7_SE
2013-12-08 14:15 - 2013-12-08 14:15 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2013-12-08 14:15 - 2007-04-16 07:36 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-08 14:14 - 2007-07-12 20:02 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-12-08 13:19 - 2009-09-21 10:04 - 00000000 ____D C:\Users\Jule\AppData\Roaming\vlc
2013-12-08 11:55 - 2009-10-19 18:11 - 00000000 ____D C:\Users\Jule\AppData\Roaming\dvdcss
2013-12-07 19:03 - 2013-12-07 19:03 - 00448512 _____ (OldTimer Tools) C:\Users\Jule\Desktop\TFC.exe
2013-12-07 14:44 - 2011-12-29 13:54 - 00000000 ____D C:\Users\Jule\AppData\Roaming\DVDVideoSoft
2013-12-07 00:33 - 2013-12-07 00:33 - 00000000 ____D C:\Program Files\ESET
2013-12-07 00:24 - 2013-11-30 13:35 - 00265728 _____ C:\Windows\PFRO.log
2013-12-07 00:24 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Globalization
2013-12-06 23:31 - 2013-12-06 23:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-06 23:29 - 2013-12-06 23:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jule\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-06 13:29 - 2013-12-06 13:27 - 00026674 _____ C:\Users\Jule\Desktop\Addition.txt
2013-12-06 11:13 - 2013-12-06 11:13 - 00000842 _____ C:\Users\Jule\Desktop\JRT.txt
2013-12-06 10:59 - 2013-12-06 10:59 - 00000000 ____D C:\Windows\ERUNT
2013-12-06 10:58 - 2013-12-06 10:58 - 01034531 _____ (Thisisu) C:\Users\Jule\Desktop\JRT.exe
2013-12-06 10:36 - 2013-11-30 23:55 - 00000000 ____D C:\AdwCleaner
2013-12-06 10:33 - 2013-12-06 10:33 - 01110034 _____ C:\Users\Jule\Desktop\adwcleaner.exe
2013-12-05 22:57 - 2013-03-09 17:35 - 00000000 ____D C:\Users\Jule\Desktop\Themenpläne
2013-12-05 19:19 - 2013-12-05 17:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-05 19:19 - 2013-12-05 17:19 - 00000000 ____D C:\Users\Jule\Desktop\mbar
2013-12-05 17:20 - 2013-12-05 17:20 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-05 17:18 - 2013-12-05 17:16 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jule\Desktop\mbar-1.07.0.1007.exe
2013-12-05 13:37 - 2009-11-02 18:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-05 00:23 - 2013-12-05 00:23 - 00001393 _____ C:\Users\Jule\Desktop\gmer.log
2013-12-05 00:23 - 2009-09-21 14:06 - 01799889 _____ C:\Windows\WindowsUpdate.log
2013-12-04 23:18 - 2013-12-04 23:18 - 00377856 _____ C:\Users\Jule\Desktop\gmer_2.1.19163.exe
2013-12-04 23:12 - 2013-12-04 23:12 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-04 23:04 - 2013-12-04 23:02 - 00000470 _____ C:\Users\Jule\Desktop\defogger_disable.log
2013-12-04 23:02 - 2013-12-04 23:02 - 00000000 _____ C:\Users\Jule\defogger_reenable
2013-12-04 23:02 - 2009-07-27 14:08 - 00000000 ____D C:\Users\Jule
2013-12-04 22:48 - 2013-12-04 22:48 - 00050477 _____ C:\Users\Jule\Desktop\Defogger.exe
2013-12-04 21:22 - 2013-11-30 14:02 - 00000000 ____D C:\ProgramData\ProductData
2013-12-04 20:31 - 2013-12-04 20:31 - 00101983 _____ C:\ProgramData\1386185447.bdinstall.bin
2013-12-04 20:30 - 2013-12-04 20:30 - 00037408 _____ C:\ProgramData\1386185408.bdinstall.bin
2013-12-04 20:26 - 2011-12-29 13:36 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-12-04 20:26 - 2009-10-04 09:21 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-12-01 00:31 - 2013-01-15 13:13 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-11-30 23:53 - 2009-07-27 14:35 - 00000000 ____D C:\Users\Jule\AppData\Local\Adobe
2013-11-30 23:44 - 2013-11-30 23:44 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-30 23:44 - 2009-08-18 20:56 - 00000000 ____D C:\ProgramData\Adobe
2013-11-30 23:44 - 2007-04-16 07:30 - 00000000 ____D C:\Program Files\Adobe
2013-11-30 23:43 - 2009-11-11 20:16 - 00000000 ____D C:\Program Files\AdobeReader 9.0
2013-11-30 16:37 - 2013-11-30 16:37 - 00454288 _____ (Realtek ) C:\Windows\system32\Drivers\Rtlh86.sys
2013-11-30 16:37 - 2013-11-30 16:37 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2013-11-30 16:37 - 2013-11-30 16:37 - 00080488 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2013-11-30 14:06 - 2013-01-14 19:39 - 00000000 ____D C:\Users\Jule\AppData\Roaming\IObit
2013-11-30 14:02 - 2013-11-30 14:02 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-30 14:02 - 2013-01-14 19:57 - 00000000 ____D C:\Program Files\IObit
2013-11-30 14:01 - 2013-01-14 19:39 - 00000000 ____D C:\ProgramData\IObit
2013-11-30 10:31 - 2013-11-30 10:31 - 00001952 _____ C:\Windows\wininit.ini
2013-11-29 18:46 - 2013-11-29 15:21 - 00000000 ____D C:\Program Files\stinger
2013-11-29 17:45 - 2013-01-22 17:08 - 00002912 _____ C:\Users\Jule\AppData\Roaming\Safer-Networking.log
2013-11-29 16:15 - 2013-11-29 16:15 - 00260906 _____ C:\ProgramData\1385736874.bdinstall.bin
2013-11-29 15:54 - 2013-11-29 15:54 - 00000000 ____D C:\Users\Jule\AppData\Roaming\QuickScan
2013-11-29 15:25 - 2013-11-29 15:25 - 00000000 ____D C:\Quarantine
2013-11-29 12:54 - 2012-11-12 00:38 - 00000000 ____D C:\Windows\system32\QuickTime
2013-11-29 11:23 - 2013-11-29 11:14 - 00000000 ____D C:\Program Files\Re-markit
2013-11-27 16:28 - 2013-11-21 23:00 - 00000000 ____D C:\Users\Jule\Desktop\BA
2013-11-25 23:26 - 2013-11-25 18:56 - 00000000 ____D C:\Users\Jule\Desktop\TEX
2013-11-23 17:53 - 2013-11-23 17:53 - 00000000 _____ C:\Windows\setuperr.log
2013-11-23 10:37 - 2013-11-13 20:55 - 00000000 ____D C:\Users\Jule\Archiv\Documents\Citavi 4
2013-11-23 00:06 - 2013-11-22 18:12 - 00000000 ____D C:\MikTex
2013-11-22 21:55 - 2013-11-20 22:53 - 00000000 ____D C:\Program Files\TeXnicCenter
2013-11-22 19:48 - 2013-11-22 19:48 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2013-11-22 17:27 - 2013-11-22 17:27 - 00000000 ____D C:\Users\Jule\Archiv\Documents\Neuer Ordner
2013-11-22 15:50 - 2013-11-22 15:40 - 00000000 ____D C:\Users\Jule\Archiv\Documents\MiKTex1
2013-11-22 15:24 - 2012-04-09 17:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-22 15:24 - 2011-09-26 10:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-22 15:14 - 2013-11-22 13:43 - 00000000 ____D C:\Users\Jule\Archiv\Documents\miktex
2013-11-22 14:37 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-22 13:47 - 2006-11-02 11:33 - 01593056 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-22 00:50 - 2013-11-22 00:49 - 00067784 _____ C:\Users\Jule\Archiv\Documents\cc_20131122_004939.reg
2013-11-22 00:42 - 2013-11-22 00:40 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Foxit Software
2013-11-22 00:41 - 2013-11-22 00:40 - 00000000 ____D C:\Program Files\Foxit Reader
2013-11-22 00:27 - 2013-11-22 01:00 - 07360000 _____ (MiKTeX.org) C:\setup-2.9.4503.exe
2013-11-22 00:20 - 2011-05-04 14:36 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SÜDWEST
2013-11-21 22:10 - 2013-11-21 22:10 - 00033235 _____ C:\Users\Jule\Desktop\ADHS eine kritische Bestandsaufnahme Christina Happ.odt
2013-11-21 16:52 - 2009-07-27 16:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-21 16:49 - 2009-08-02 14:50 - 00000061 _____ C:\Windows\vbaddin.ini
2013-11-20 23:59 - 2013-11-20 23:58 - 00000000 ____D C:\Users\Jule\AppData\Roaming\SumatraPDF
2013-11-20 23:58 - 2013-11-20 23:58 - 00000000 ____D C:\Program Files\SumatraPDF
2013-11-20 23:17 - 2013-11-20 23:17 - 00000000 ____D C:\Program Files\gs9.10
2013-11-20 22:17 - 2013-11-20 22:17 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2013-11-20 22:17 - 2013-11-20 22:17 - 00000000 ____D C:\Program Files\Texmaker
2013-11-20 17:09 - 2013-11-20 16:09 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Notepad++
2013-11-20 16:10 - 2013-11-20 16:09 - 00000000 ____D C:\Program Files\Notepad++
2013-11-20 15:51 - 2011-08-29 23:01 - 00188776 _____ C:\Users\Jule\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-20 15:14 - 2013-11-14 21:42 - 00000000 ____D C:\Users\Jule\AppData\Roaming\xm1
2013-11-20 12:29 - 2013-01-14 19:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-18 19:39 - 2009-08-05 19:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-17 21:42 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-17 21:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-17 15:29 - 2010-07-01 14:24 - 00008522 _____ C:\Windows\system32\QuickTime.qtp
2013-11-17 15:28 - 2013-11-17 15:12 - 00001594 _____ C:\Windows\VPNUnInstall.MIF
2013-11-17 15:17 - 2013-10-01 12:41 - 00000000 ____D C:\Windows\system32\MRT
2013-11-17 15:12 - 2013-11-17 15:12 - 00000000 ____D C:\Users\Jule\Archiv\Documents\capella
2013-11-17 15:12 - 2013-11-17 15:12 - 00000000 ____D C:\Users\Jule\AppData\Roaming\capella-software
2013-11-17 14:50 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-14 22:10 - 2011-08-30 20:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-14 21:53 - 2007-04-16 06:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-14 00:10 - 2013-11-14 00:10 - 00000000 ____D C:\ProgramData\Gibraltar
2013-11-14 00:10 - 2013-11-13 20:55 - 00000000 ____D C:\Users\Jule\AppData\Roaming\Swiss Academic Software
2013-11-13 22:25 - 2013-10-31 23:49 - 00136653 _____ C:\Users\Jule\Desktop\ADHD__Ba ADHS da Between_biomedical_trends_and_social_norms.txt
2013-11-13 20:57 - 2013-11-13 20:57 - 00000000 ____D C:\Users\Jule\AppData\Local\Swiss Academic Software
2013-11-13 18:25 - 2013-11-13 18:25 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2013-11-13 18:24 - 2013-11-13 18:18 - 00000000 ____D C:\Program Files\Citavi 4
2013-11-13 18:16 - 2011-10-04 22:59 - 00000000 ____D C:\Users\Jule\AppData\Local\Downloaded Installations
2013-11-13 18:12 - 2010-04-24 20:54 - 00000000 ____D C:\Program Files\Citavi
2013-11-13 18:10 - 2010-10-14 12:32 - 00000000 ____D C:\Users\Jule\Archiv\Documents\Citavi
2013-11-12 14:24 - 2011-05-04 14:35 - 00000000 ____D C:\Program Files\BGB
2013-11-11 05:50 - 2009-10-02 20:58 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-08 17:53
==================== End Of Log ============================
--- --- ---
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-12-2013 02
Ran by Jule at 2013-12-08 18:38:25
Running from C:\Users\Jule\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.9.900.152)
Adobe Flash Player 9 ActiveX (Version: 9)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Apple Application Support (Version: 1.5.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio 5.5
ATI Catalyst Install Manager (Version: 3.0.641.0)
Bluetooth Stack for Windows by Toshiba (Version: v5.10.06(T))
Bonjour (Version: 3.0.0.2)
Canon MP510 Benutzerregistrierung
Canvas 11 (Version: 11.00.1173)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2007.0621.1715.28924)
Catalyst Control Center Graphics Full Existing (Version: 2007.0621.1715.28924)
Catalyst Control Center Graphics Full New (Version: 2007.0621.1715.28924)
Catalyst Control Center Graphics Light (Version: 2007.0621.1715.28924)
Catalyst Control Center Graphics Previews Common (Version: 2007.0621.1715.28924)
Catalyst Control Center Graphics Previews Vista (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Czech (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Danish (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Dutch (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Finnish (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization French (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization German (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Greek (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Hungarian (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Italian (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Japanese (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Korean (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Norwegian (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Polish (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Portuguese (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Russian (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Spanish (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Swedish (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Thai (Version: 2007.0621.1715.28924)
Catalyst Control Center Localization Turkish (Version: 2007.0621.1715.28924)
CCC Help Chinese Standard (Version: 2007.0621.1714.28924)
CCC Help Chinese Traditional (Version: 2007.0621.1714.28924)
CCC Help Czech (Version: 2007.0621.1714.28924)
CCC Help Danish (Version: 2007.0621.1714.28924)
CCC Help Dutch (Version: 2007.0621.1714.28924)
CCC Help English (Version: 2007.0621.1714.28924)
CCC Help Finnish (Version: 2007.0621.1714.28924)
CCC Help French (Version: 2007.0621.1714.28924)
CCC Help German (Version: 2007.0621.1714.28924)
CCC Help Greek (Version: 2007.0621.1714.28924)
CCC Help Hungarian (Version: 2007.0621.1714.28924)
CCC Help Italian (Version: 2007.0621.1714.28924)
CCC Help Japanese (Version: 2007.0621.1714.28924)
CCC Help Korean (Version: 2007.0621.1714.28924)
CCC Help Norwegian (Version: 2007.0621.1714.28924)
CCC Help Polish (Version: 2007.0621.1714.28924)
CCC Help Portuguese (Version: 2007.0621.1714.28924)
CCC Help Russian (Version: 2007.0621.1714.28924)
CCC Help Spanish (Version: 2007.0621.1714.28924)
CCC Help Swedish (Version: 2007.0621.1714.28924)
CCC Help Thai (Version: 2007.0621.1714.28924)
CCC Help Turkish (Version: 2007.0621.1714.28924)
ccc-core-static (Version: 2007.0621.1715.28924)
ccc-utility (Version: 2007.0621.1715.28924)
CCleaner (Version: 3.12)
CD/DVD Drive Acoustic Silencer (Version: 2.00.02)
Citavi 4 (Version: 4.2.0.11)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Codec (Version: 6.9.1)
DivX Converter (Version: 7.1.0)
DivX Player (Version: 7.2.0)
DivX Plus Web Player (Version: 2.0.0)
doPDF 6.2 printer
DraftSight (Version: 8.2.301)
Emdedded IR Driver (Version: 0.0.0.6C)
ESET Online Scanner v3
f.lux
Foxit Reader (Version: 6.0.4.719)
Free YouTube Download version 3.2.18.1128 (Version: 3.2.18.1128)
GPL Ghostscript (Version: 9.10)
IBM Lotus Symphony (Version: 1.3.09157)
Intel Matrix Storage Manager
IrfanView (remove only)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.2.4)
Java(TM) 6 Update 22 (Version: 6.0.220)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
Kingsoft Office 2012 (8.1.0.3375) (Version: 8.1.0.3375)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Office 2000 Premium (Version: 9.00.2816)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Visio 2010 (Version: 14.0.7015.1000)
Microsoft Office Visio MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders (German) 12 (Version: 12.0.6612.1000)
Microsoft Visio Premium 2010 (Version: 14.0.7015.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft XML Parser (Version: 8.20.8730.4)
MiKTeX 2.9 (HKCU Version: 2.9)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Notepad++ (Version: 6.5.1)
Ontrack EasyRecovery Professional (Version: 10.0.5.6)
OpenOffice.org 3.3 (Version: 3.3.9567)
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5433)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0187)
Recuva (Version: 1.40)
Revo Uninstaller 1.95 (Version: 1.95)
Roadkil's Unstoppable Copier Version 4.2
Serif DrawPlus 4.0
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shockwave
Skins (Version: 2007.0621.1715.28924)
Skype™ 5.10 (Version: 5.10.116)
Spybot - Search & Destroy (Version: 2.0.12)
SumatraPDF (Version: 2.4)
Synaptics Pointing Device Driver (Version: 10.0.1.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0001)
Texmaker
TIPCI (Version: 2.00.0001)
TOSHIBA ConfigFree (Version: 7.00.29)
TOSHIBA Disc Creator (Version: 2.0.0.8)
TOSHIBA DVD PLAYER (Version: 1.00.24A)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C)
TOSHIBA Hardware Setup (Version: 1.48.0.11C)
Toshiba Online Product Information (Version: 1.00.0009)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD03))
TOSHIBA Supervisor Password (Version: 1.48.0.8C)
TOSHIBA Supervisorkennwort (Version: 1.48.0.8C)
TOSHIBA Value Added Package (Version: 1.0.24)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Utility Common Driver (Version: 0.0.1.1C)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.0.1 (Version: 1.0.1)
Windows Media Encoder 9-Reihe
Windows Media Encoder 9-Reihe (Version: 9.00.3374)
==================== Restore Points =========================
30-11-2013 23:31:35 IObit Uninstaller restore point
01-12-2013 17:34:32 Geplanter Prüfpunkt
04-12-2013 19:29:12 IObit Uninstaller restore point
04-12-2013 19:45:38 IObit Uninstaller restore point
07-12-2013 10:40:47 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2013-01-15 16:01 - 00445178 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {31830DF6-4671-46CD-9253-1B21864E52DF} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files\IBM Lotus Symphony\framework\rcp\rcplauncher.exe [2009-05-05] ()
Task: {38757A9C-E1B4-4088-B0D8-EE3207DF0031} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {3A061B1D-3192-42CE-852E-67FCC3889567} - System32\Tasks\{2E2EA250-2E30-4810-A4A9-3A003F79248C} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5D69ECF2-C53E-4494-90D7-A7114C7CC130} - System32\Tasks\{EB6E0E21-C667-4AD9-95AF-D29D49871B68} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/go/help.faq.installer?LastError=1618
Task: {710A2204-564E-4190-B17B-19A8B4FF444B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {79FB67D8-77D6-4B65-8E3C-6AAC7AB19A7D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Jule => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {810E46A0-622B-4805-AC6A-B423692C589E} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {86908681-6287-4538-9B94-AF9C268BCEDD} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {9D53C720-97ED-4261-8B5C-CE1F38ADED98} - System32\Tasks\Google Updater and Installer => C:\Users\Jule\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {9EB99301-3EA4-490C-9D6F-FFDD5092E387} - System32\Tasks\File Helper => C:\Program Files\File Helper\1.1.0.4\FileHelper.exe [2009-10-13] ()
Task: {BF86556D-9C50-48A5-9E5A-594193D80D1E} - System32\Tasks\WpsUpdateTask_Jule => C:\Program Files\Kingsoft Office\office6\wpsupdate.exe [2013-06-05] (Kingsoft Corp. Ltd.)
Task: {CB47C0DA-6F27-431D-9B24-2DE2DA882356} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {CDB48552-B9D8-4EFB-A136-506372D469A8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {FC744C72-7DA3-4099-BD4B-3A9F0BFB4844} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\File Helper.job => C:\Program Files\File Helper\1.1.0.4\FileHelper.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Jule.job => C:\Program Files\Kingsoft Office\office6\wpsupdate.exe
==================== Loaded Modules (whitelisted) =============
2007-07-12 09:54 - 2007-06-21 10:27 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 02400323 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\vcl645mi.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 01794123 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\udkservice1.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00073794 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\vos3MSC.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 01749055 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\sal3.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00098304 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\uwinapi.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00147524 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\reg3.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 01437784 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\log4pt.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 02981961 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\svt645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 01224776 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\tk645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 06660166 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.framework.win32_3.5.0.20090605-2002\sfx645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 02326598 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\sb645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 00299083 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\xcr645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 00413764 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\so645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 00286792 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\go645mi.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00647244 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\basicservice.uno.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00049230 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\jvmaccess3MSC.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 02854984 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\ucpchelp1.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00286720 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\xerces-depdom_2_6.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00036864 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\xslt4cMessages_1_7_0.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00032837 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\rmcxt3.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 01716292 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\sax.uno.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 01601610 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20090605-2002\desktp645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 00397382 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.framework.win32_3.5.0.20090605-2002\ofa645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 08671299 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.framework.win32_3.5.0.20090605-2002\svx645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 01921103 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20090605-2002\i18npool645mi.dll
2010-11-16 23:29 - 2010-11-16 23:29 - 00204883 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20090605-2002\oleautobridge.uno.dll
2010-11-16 23:30 - 2010-11-16 23:30 - 00094283 _____ () C:\Program Files\IBM Lotus Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20090605-2002\emser645mi.dll
2012-02-28 18:36 - 2013-11-18 19:39 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-11-13 18:25 - 2013-07-17 23:56 - 00430080 _____ () C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\FirefoxPickerCommunication.dll
2013-11-22 15:24 - 2013-11-22 15:24 - 16237448 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/08/2013 05:46:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/08/2013 05:46:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/08/2013 04:43:32 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (12/08/2013 10:50:30 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/08/2013 10:50:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/08/2013 10:08:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/08/2013 10:08:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/07/2013 08:30:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/07/2013 08:30:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/07/2013 06:53:17 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (12/08/2013 05:47:26 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (12/08/2013 05:45:23 PM) (Source: atikmdag) (User: )
Description: Unknown EDID version
Error: (12/08/2013 05:45:23 PM) (Source: atikmdag) (User: )
Description: Unknown EDID version
Error: (12/08/2013 05:45:23 PM) (Source: atikmdag) (User: )
Description: Unknown EDID version
Error: (12/08/2013 04:43:30 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (12/08/2013 10:50:54 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (12/08/2013 10:49:38 AM) (Source: atikmdag) (User: )
Description: Unknown EDID version
Error: (12/08/2013 10:49:37 AM) (Source: atikmdag) (User: )
Description: Unknown EDID version
Error: (12/08/2013 10:49:37 AM) (Source: atikmdag) (User: )
Description: Unknown EDID version
Error: (12/08/2013 10:48:37 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Microsoft Office Sessions:
=========================
Error: (12/08/2013 05:46:50 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/08/2013 05:46:50 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/08/2013 04:43:32 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (12/08/2013 10:50:30 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/08/2013 10:50:29 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/08/2013 10:08:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/08/2013 10:08:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/07/2013 08:30:21 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/07/2013 08:30:21 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
Error: (12/07/2013 06:53:17 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
CodeIntegrity Errors:
===================================
Date: 2013-12-08 18:37:28.971
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:27.638
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:26.307
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:24.968
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:23.646
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:22.305
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:20.954
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-08 18:37:19.630
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 00:06:40.607
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-07 00:06:39.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 2045.69 MB
Available physical RAM: 961.02 MB
Total Pagefile: 4330.64 MB
Available Pagefile: 3101.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.14 MB
==================== Drives ================================
Drive c: (Vista) (Fixed) (Total:74.22 GB) (Free:1.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:73.36 GB) (Free:19.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: A0A8BD18)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ich habe grad mal eine eurer Anleitungen zu FRST gefunden, allerdings wird da das Addition Log auch nicht weiter erwähnt. ( http://www.trojaner-board.de/132035-...scan-tool.html) Sollte der Scan in meinen Fall auch erst nach einem Start von Windows durch die erweiterten Startoptionen durchgeführt werden?
Achso, ich benutze nur mozilla firefox. Ich habe die im Betreff genannte Zeile bereits mehrere Male aus der Chronik entfernt ("Seite komplett vergessen"), aber sie taucht auch nach dem Scan mit TFC wieder auf`s Neue auf.
Viele Grüße,
julekai |
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
