Und hier die Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2014 01
Ran by verena at 2014-01-29 15:17:46
Running from C:\Dokumente und Einstellungen\verena\desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (Version: 7.0.0 - Adobe Systems)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (Version: 7.0.0 - Adobe Systems) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Illustrator 10 (Version: 10 - Adobe Systems, Inc.)
Adobe InDesign CS (Version: CS - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (Version: 7.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (Version: 3.0 - Adobe Systems, Inc.)
ATI - Dienstprogramm zur Deinstallation der Software (Version: 6.14.10.1010 - )
ATI Control Panel (Version: 6.14.10.5134 - )
ATI Display Driver (Version: 8.083-041207a-020348C - )
avast! Free Antivirus (Version: 9.0.2013 - Avast Software)
Bluetooth Stack for Windows by Toshiba (Version: v3.10.00 - )
Bundled software uninstaller (Version: - ) <==== ATTENTION
CCleaner (Version: 3.19 - Piriform)
CD/DVD Drive Acoustic Silencer (Version: 1.00.005a - TOSHIBA)
CDBurnerXP (Version: 4.2.4.1430 - CDBurnerXP)
DivX Codec (Version: 6.8.5 - DivX, Inc.)
DivX Converter (Version: 6.6.1 - DivX, Inc.)
DivX Player (Version: 6.8.2 - )
DivX Web Player (Version: 1.4.2 - DivX,Inc.)
Epson Easy Photo Print 2 (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (Version: - )
EPSON Stylus SX100_TX100 Handbuch (Version: - )
EPSON SX100 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
ESS Energie Indikator (Version: 2009.0 - )
General Runtime Files for Nemetschek Allplan 2009 (Version: 1.5.2.0 - Nemetschek) Hidden
General Runtime Files for Nemetschek Allplan 2009 (Version: 1.6.0.0 - Nemetschek) Hidden
Google Chrome (Version: 32.0.1700.102 - Google Inc.)
Google Earth Plug-in (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hardlock Gerätetreiber (Version: - )
Hotfix für Windows XP (KB942288-v3) (Version: 3 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (Version: 1 - Microsoft Corporation)
InterVideo WinDVD for TOSHIBA (Version: 5.0-B11.475 - InterVideo Inc.)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Macromedia Flash Player (Version: 7.0.19.0 - Macromedia, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version: - )
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42 - Microsoft Corporation) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden
Microsoft Office OneNote 2003 (Version: 11.0.6360.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0 - Microsoft Corporation)
MyFreeCodec (HKCU Version: - )
Nemetschek Allplan 2009 (Version: 2009.0 - )
OpenOffice 4.0.1 (Version: 4.01.9714 - Apache Software Foundation)
PC Connectivity Solution (Version: 12.0.109.0 - Nokia)
SD Secure Module (Version: 1.0.2 - Ihr Firmenname)
Sicherheitsupdate für Step by Step Interactive Training (KB923723) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB936782) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954600) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982381) (Version: 1 - Microsoft Corporation) Hidden
SMSC IrCC V5.1.3600.5 (Version: r1.10.1 - )
SoundMAX (Version: 5.12.01.5240 - Analog Devices)
SoundTap Streaming Audio Recorder (Version: - NCH Swift Sound)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 7.12.4.0 - )
Texas Instruments PCIxx21/x515 drivers. (Version: 1.15.0000 - Texas Instruments Inc.)
TIxx21/x515 (Version: 1.15.0000 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (Version: - )
TOSHIBA Benutzerhandbücher (Version: - )
TOSHIBA ConfigFree (Version: 5.00.45 - )
TOSHIBA Controls (Version: - )
TOSHIBA Hotkey Utility (Version: 1.00.04K - )
TOSHIBA PC-Diagnose-Tool (Version: - )
TOSHIBA Power Saver (Version: 7.03.06.I - )
TOSHIBA SD-Speicherkarten-Formatierung (Version: - )
TOSHIBA Software Modem (Version: 2.1.47.6 (SM21476ALD6) - )
TOSHIBA TouchPad ON/Off Utility (Version: 1.00.08K - )
TOSHIBA Utilities (Version: 1.00.07K - )
TOSHIBA Virtual Sound (Version: - )
TOSHIBA Zoom-Dienstprogramm (Version: - )
Touch and Launch (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB980182) (Version: 1 - Microsoft Corporation) Hidden
VIS (Version: - ) <==== ATTENTION
VLC media player 0.9.8a (Version: 0.9.8a - VideoLAN Team)
WavePad Sound Editor (Version: - NCH Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Imaging Component (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 10 (Version: - )
Windows XP Service Pack 3 (Version: 20080414.031514 - Microsoft Corporation)
WinRAR Archivierer (Version: - )
XMind (Version: 3.3.0 - XMind Ltd.)
==================== Restore Points =========================
04-11-2013 11:06:34 Systemprüfpunkt
07-11-2013 08:42:19 Systemprüfpunkt
15-11-2013 12:53:27 Systemprüfpunkt
18-11-2013 17:34:31 Systemprüfpunkt
20-11-2013 10:46:45 Systemprüfpunkt
21-11-2013 12:06:15 Systemprüfpunkt
22-11-2013 12:28:11 Systemprüfpunkt
23-11-2013 12:33:31 Systemprüfpunkt
26-11-2013 16:07:28 Systemprüfpunkt
28-11-2013 16:37:59 Removed Snap.Do
06-12-2013 12:28:58 Systemprüfpunkt
10-12-2013 09:19:58 Systemprüfpunkt
11-12-2013 16:50:46 Installed Samsung Kies
13-12-2013 09:16:32 Systemprüfpunkt
16-12-2013 15:36:00 Removed Samsung Kies
21-12-2013 11:35:59 Systemprüfpunkt
23-12-2013 10:25:01 Systemprüfpunkt
06-01-2014 11:30:22 Systemprüfpunkt
07-01-2014 13:31:18 Systemprüfpunkt
09-01-2014 19:00:52 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
09-01-2014 19:01:40 OpenOffice 4.0.1 wird installiert
10-01-2014 19:11:26 Systemprüfpunkt
13-01-2014 12:36:18 Systemprüfpunkt
14-01-2014 17:41:26 Systemprüfpunkt
16-01-2014 13:30:12 Systemprüfpunkt
17-01-2014 13:46:57 Systemprüfpunkt
27-01-2014 10:03:49 Systemprüfpunkt
28-01-2014 12:48:28 avast! antivirus system restore point
28-01-2014 13:01:51 Removed Java 7 Update 25
28-01-2014 13:15:58 iTunes wird entfernt
28-01-2014 13:19:20 Apple Software Update wird entfernt
28-01-2014 13:19:59 Removed Apple Mobile Device Support
28-01-2014 13:22:36 Bonjour wird entfernt
28-01-2014 13:23:40 Apple Application Support wird entfernt
28-01-2014 13:40:05 Nokia Connectivity Cable Driver wird entfernt
29-01-2014 09:13:11 Software Distribution Service 3.0
29-01-2014 09:48:26 Software Distribution Service 3.0
29-01-2014 10:02:13 Software Distribution Service 3.0
==================== Hosts content: ==========================
2005-01-22 09:39 - 2004-08-04 14:00 - 00000820 ___AC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-737579288-560252177-3253341666-1006.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-737579288-560252177-3253341666-1006.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) =============
2014-01-28 19:35 - 2014-01-28 17:44 - 02166272 _____ () C:\Programme\AVAST Software\Avast\defs\14012801\algo.dll
2004-12-14 02:28 - 2004-12-14 02:28 - 01212416 _____ () C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU
2004-07-21 01:04 - 2004-07-21 01:04 - 00094208 _____ () C:\WINDOWS\system32\TosBtHcrpAPI.dll
2005-01-22 09:39 - 2008-04-14 03:22 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-01-28 13:49 - 2014-01-28 13:49 - 19336120 _____ () C:\Programme\AVAST Software\Avast\libcef.dll
2013-12-20 13:55 - 2013-12-20 13:56 - 03559024 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
Description: Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Marvell
Service: yukonwxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: 1394-Netzwerkadapter
Description: 1394-Netzwerkadapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/29/2014 02:15:51 PM) (Source: Microsoft Office 10) (User: )
Description: Faulting application winword.exe, version 10.0.2627.0, faulting module winword.exe, version 10.0.2627.0, fault address 0x008248f2.
Error: (01/29/2014 02:15:42 PM) (Source: Microsoft Office 10) (User: )
Description: Accepted Safe Mode action : Microsoft Word.
Error: (01/29/2014 02:15:16 PM) (Source: Microsoft Office 10) (User: )
Description: Faulting application winword.exe, version 10.0.2627.0, faulting module winword.exe, version 10.0.2627.0, fault address 0x008248f2.
Error: (01/29/2014 02:15:06 PM) (Source: Microsoft Office 10) (User: )
Description: Rejected Safe Mode action : Microsoft Word.
Error: (01/29/2014 01:28:35 PM) (Source: Microsoft Office 10) (User: )
Description: Faulting application winword.exe, version 10.0.2627.0, faulting module winword.exe, version 10.0.2627.0, fault address 0x008248f2.
Error: (01/29/2014 01:28:32 PM) (Source: Microsoft Office 10) (User: )
Description: Rejected Safe Mode action : Microsoft Word.
Error: (01/29/2014 01:28:10 PM) (Source: Microsoft Office 10) (User: )
Description: Faulting application winword.exe, version 10.0.2627.0, faulting module winword.exe, version 10.0.2627.0, fault address 0x008248f2.
Error: (01/29/2014 01:28:02 PM) (Source: Microsoft Office 10) (User: )
Description: Rejected Safe Mode action : Microsoft Word.
Error: (01/29/2014 01:27:43 PM) (Source: Microsoft Office 10) (User: )
Description: Faulting application winword.exe, version 10.0.2627.0, faulting module winword.exe, version 10.0.2627.0, fault address 0x008248f2.
Error: (01/28/2014 02:01:14 PM) (Source: Application Hang) (User: )
Description: Fehlerhafter Speicherbereich 10271910.
System errors:
=============
Error: (01/28/2014 02:40:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (01/28/2014 02:40:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office Sessions:
=========================
Error: (01/29/2014 02:15:51 PM) (Source: Microsoft Office 10)(User: )
Description: winword.exe10.0.2627.0winword.exe10.0.2627.0008248f2
Error: (01/29/2014 02:15:42 PM) (Source: Microsoft Office 10)(User: )
Description: Microsoft WordWord konnte zuletzt nicht korrekt gestartet werden. Das Starten von Word im abgesicherten Modus hilft Ihnen, ein Startproblem zu korrigieren oder zu isolieren, so dass Sie das Programm erfolgreich starten können. Einige Funktionen können in diesem Modus deaktiviert sein.
Möchten Sie Word im abgesicherten Modus starten?
Error: (01/29/2014 02:15:16 PM) (Source: Microsoft Office 10)(User: )
Description: winword.exe10.0.2627.0winword.exe10.0.2627.0008248f2
Error: (01/29/2014 02:15:06 PM) (Source: Microsoft Office 10)(User: )
Description: Microsoft Word
Error: (01/29/2014 01:28:35 PM) (Source: Microsoft Office 10)(User: )
Description: winword.exe10.0.2627.0winword.exe10.0.2627.0008248f2
Error: (01/29/2014 01:28:32 PM) (Source: Microsoft Office 10)(User: )
Description: Microsoft WordWord konnte zuletzt nicht korrekt gestartet werden. Das Starten von Word im abgesicherten Modus hilft Ihnen, ein Startproblem zu korrigieren oder zu isolieren, so dass Sie das Programm erfolgreich starten können. Einige Funktionen können in diesem Modus deaktiviert sein.
Möchten Sie Word im abgesicherten Modus starten?
Error: (01/29/2014 01:28:10 PM) (Source: Microsoft Office 10)(User: )
Description: winword.exe10.0.2627.0winword.exe10.0.2627.0008248f2
Error: (01/29/2014 01:28:02 PM) (Source: Microsoft Office 10)(User: )
Description: Microsoft WordWord konnte zuletzt nicht korrekt gestartet werden. Das Starten von Word im abgesicherten Modus hilft Ihnen, ein Startproblem zu korrigieren oder zu isolieren, so dass Sie das Programm erfolgreich starten können. Einige Funktionen können in diesem Modus deaktiviert sein.
Möchten Sie Word im abgesicherten Modus starten?
Error: (01/29/2014 01:27:43 PM) (Source: Microsoft Office 10)(User: )
Description: winword.exe10.0.2627.0winword.exe10.0.2627.0008248f2
Error: (01/28/2014 02:01:14 PM) (Source: Application Hang)(User: )
Description: 10271910
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 1023.42 MB
Available physical RAM: 480.88 MB
Total Pagefile: 2462.34 MB
Available Pagefile: 2017.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.53 GB) (Free:45.73 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 75 GB) (Disk ID: 95EE8EEB)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
==================== End Of Log ============================ und Germ
[CODE]
GMER Logfile: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-01-29 15:53:57
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHT2080AT rev.0022 74,53GB
Running: Gmer-19357.exe; Driver: C:\DOKUME~1\verena\LOKALE~1\Temp\pxtdipow.sys
---- System - GMER 2.1 ----
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwAddBootEntry [0xEDF81ACC]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0xEDF825AA]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwClose [0xEDFC6881]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateEvent [0xEDF8E692]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateEventPair [0xEDF8E6DE]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0xEDF8E878]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateKey [0xEDFC6235]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateMutant [0xEDF8E600]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateSection [0xEDF8E722]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateSemaphore [0xEDF8E648]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateThread [0xEDF82AE0]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwCreateTimer [0xEDF8E832]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0xEDF83398]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0xEDF81B32]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDeleteKey [0xEDFC6F47]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDeleteValueKey [0xEDFC71FD]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwDuplicateObject [0xEDF86BE4]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwEnumerateKey [0xEDFC6DB2]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwEnumerateValueKey [0xEDFC6C1D]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwLoadDriver [0xEDF8171E]
SSDT \??\C:\WINDOWS\system32\drivers\aswSP.sys ZwMapViewOfSection [0xEE2F8506]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwModifyBootEntry [0xEDF81B98]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0xEDF86FDA]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0xEDF83EDE]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenEvent [0xEDF8E6BC]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenEventPair [0xEDF8E700]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0xEDF8E89C]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenKey [0xEDFC6591]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenMutant [0xEDF8E626]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenProcess [0xEDF864DE]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenSection [0xEDF8E7B0]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenSemaphore [0xEDF8E670]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenThread [0xEDF868C6]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwOpenTimer [0xEDF8E856]
SSDT \??\C:\WINDOWS\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0xEE2F82AA]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueryKey [0xEDFC6A98]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueryObject [0xEDF83CF4]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueryValueKey [0xEDFC68EA]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwQueueApcThread [0xEDF8384A]
SSDT \??\C:\WINDOWS\system32\drivers\aswSP.sys ZwRenameKey [0xEE306286]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwRestoreKey [0xEDFC587B]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0xEDF81BFE]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetBootOptions [0xEDF81C64]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetContextThread [0xEDF83212]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetSystemInformation [0xEDF817B8]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0xEDF8198A]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSetValueKey [0xEDFC704E]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwShutdownSystem [0xEDF81918]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSuspendProcess [0xEDF83562]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSuspendThread [0xEDF836C4]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwSystemDebugControl [0xEDF81A12]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwTerminateProcess [0xEDF83050]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwTerminateThread [0xEDF831F2]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwVdmControl [0xEDF81CCA]
SSDT \??\C:\WINDOWS\system32\drivers\aswSnx.sys ZwWriteVirtualMemory [0xEDF82606]
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!_abnormal_termination + 98 804E2704 1 Byte [AA]
.text ntoskrnl.exe!_abnormal_termination + E4 804E2750 4 Bytes [78, E8, F8, ED] {JS 0xffffffea; CLC ; IN EAX, DX}
.text ntoskrnl.exe!_abnormal_termination + 220 804E288C 4 Bytes CALL 84461689
.text ntoskrnl.exe!_abnormal_termination + 258 804E28C4 4 Bytes [56, E8, F8, ED]
.text ntoskrnl.exe!_abnormal_termination + 310 804E297C 4 Bytes JMP C4EDFC68
.text ...
PAGE ntoskrnl.exe!ZwReplyWaitReceivePortEx + 3CC 8056B8E8 4 Bytes CALL EDF845AF \??\C:\WINDOWS\system32\drivers\aswSnx.sys
init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF721823F]
.text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0xB8392400, 0x87EE2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xB8436620] C:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xB8436620]
.protectÿÿÿÿhardlockunknown last code section [0xB8436400, 0x5126, 0xE0000020] C:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0xB8436400, 0x5126, 0xE0000020]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\svchost.exe[156] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[192] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[192] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Synaptics\SynTP\SynTPEnh.exe[220] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Synaptics\SynTP\SynTPEnh.exe[220] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[456] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[456] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\smss.exe[592] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe[608] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe[608] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[640] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[640] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[664] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[664] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[708] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[708] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[720] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[720] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[876] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[876] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[892] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[892] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[976] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[976] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1016] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1016] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1056] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1056] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Dokumente und Einstellungen\verena\Desktop\Gmer-19357.exe[1156] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Dokumente und Einstellungen\verena\Desktop\Gmer-19357.exe[1156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1160] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1160] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1176] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1176] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1200] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1200] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[1320] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[1320] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[1396] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[1396] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\AVAST Software\Avast\AvastSvc.exe[1404] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\AVAST Software\Avast\AvastSvc.exe[1404] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1516] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1516] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1580] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1580] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe[1640] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe[1640] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[1756] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[1756] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[1760] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[1760] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Java\jre7\bin\jqs.exe[1932] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Java\jre7\bin\jqs.exe[1932] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\CDBurnerXP\NMSAccessU.exe[1956] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\CDBurnerXP\NMSAccessU.exe[1956] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[2024] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[2024] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Analog Devices\SoundMAX\Smax4.exe[2208] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Analog Devices\SoundMAX\Smax4.exe[2208] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Toshiba\Tvs\TvsTray.exe[2316] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Toshiba\Tvs\TvsTray.exe[2316] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\AGRSMMSG.exe[2336] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\AGRSMMSG.exe[2336] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Toshiba\Toshiba Applet\thotkey.exe[2416] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Toshiba\Toshiba Applet\thotkey.exe[2416] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\TPSMain.exe[2500] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\TPSMain.exe[2500] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe[2532] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe[2532] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\TPSBattM.exe[2560] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\TPSBattM.exe[2560] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2784] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2784] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe[2896] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe[2896] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\HCWemmon.exe[2980] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\HCWemmon.exe[2980] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe[3076] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe[3076] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\AVAST Software\Avast\AvastUI.exe[3096] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\AVAST Software\Avast\AvastUI.exe[3096] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3216] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3216] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3228] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3228] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe[3344] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe[3344] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3668] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3668] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe[3928] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe[3928] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Programme\Synaptics\SynTP\SynTPLpr.exe[3964] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9271CA 1 Byte [62]
.text C:\Programme\Synaptics\SynTP\SynTPLpr.exe[3964] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.sys
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.sys
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x55 0xFA 0xA7 0xF9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x55 0xFA 0xA7 0xF9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x55 0xFA 0xA7 0xF9 ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ---- --- --- ---
VG |