Hallo schrauber,
danke für deine schnelle Antwort. Hier die Logs:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-02-2014
Ran by xxx (administrator) on IBM-92F2EB3AFEE on 07-02-2014 15:30:21
Running from C:\Dokumente und Einstellungen\xxx\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgcsrvx.exe
() C:\WINDOWS\system32\ibmpmsvc.exe
(SANDBOXIE L.T.D) C:\Programme\Sandboxie\SbieSvc.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IBM Corporation) C:\WINDOWS\system32\tp4serv.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
() C:\Programme\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
(IBM Corp.) C:\Programme\ThinkPad\Utilities\EzEjMnAp.Exe
() C:\Programme\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
(IBM Corporation) C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
(IBM Corp.) C:\IBMTOOLS\utils\ibmprc.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Greenshot) C:\Programme\Greenshot\Greenshot.exe
(Lexmark International, Inc.) C:\Programme\Lexmark X74-X75\lxbbbmgr.exe
(Lexmark International, Inc.) C:\Programme\Lexmark X74-X75\lxbbbmon.exe
(Cisco Systems, Inc.) C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Jay Elaraj) C:\Programme\Taskbar Shuffle\taskbarshuffle.exe
(Hyperionics Technology LLC) C:\Programme\FileBX\FileBX.exe
() C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Thunderbird\thunderbird.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Stoic Joker's Network) C:\Programme\T-Clock.20130503\Win32\Clock.exe
() C:\Programme\Hotspot Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Programme\Hotspot Shield\bin\hsswd.exe
() C:\Programme\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
() C:\Programme\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe
() C:\Programme\CDBurnerXP\NMSAccessU.exe
(pdfforge GbR) C:\Programme\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Programme\PDF Architect\ConversionService.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
() C:\WINDOWS\system32\TpKmpSvc.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
(Lenovo Group Limited) C:\Programme\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\Office12\WINWORD.EXE
(Dropbox, Inc.) C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [S3TRAY2] - C:\WINDOWS\system32\S3Tray2.exe [69632 2001-10-12] (S3 Graphics, Inc.)
HKLM\...\Run: [TrackPointSrv] - C:\WINDOWS\system32\tp4serv.exe [94208 2003-11-13] (IBM Corporation)
HKLM\...\Run: [TPKMAPHELPER] - C:\Programme\ThinkPad\Utilities\TpKmapAp.exe [897024 2004-02-05] (IBM Corp.)
HKLM\...\Run: [TPHOTKEY] - C:\Programme\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [94208 2004-08-07] ()
HKLM\...\Run: [TP4EX] - C:\WINDOWS\system32\tp4ex.exe [53248 2002-09-04] (IBM Corporation)
HKLM\...\Run: [EZEJMNAP] - C:\Programme\ThinkPad\Utilities\EzEjMnAp.Exe [208896 2003-12-25] (IBM Corp.)
HKLM\...\Run: [IBMPRC] - C:\IBMTOOLS\UTILS\ibmprc.exe [90112 2004-03-19] (IBM Corp.)
HKLM\...\Run: [BMMLREF] - C:\Programme\ThinkPad\Utilities\BMMLREF.EXE [20480 2004-07-29] ()
HKLM\...\Run: [BMMMONWND] - C:\Programme\ThinkPad\Utilities\BATINFEX.DLL [398848 2004-07-29] (IBM Corp.)
HKLM\...\Run: [IMJPMIG8.1] - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-04] ()
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [SystemTray] - C:\WINDOWS\system32\systray.exe [3072 2001-08-18] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] - C:\Programme\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Greenshot] - C:\Programme\Greenshot\Greenshot.exe [462848 2012-10-30] (Greenshot)
HKLM\...\Run: [Lexmark X74-X75] - C:\Programme\Lexmark X74-X75\lxbbbmgr.exe [57344 2002-10-14] (Lexmark International, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [ControlCenter4] - C:\Programme\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Programme\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Run: [Taskbar Shuffle] - C:\Programme\Taskbar Shuffle\taskbarshuffle.exe [818176 2008-04-17] (Jay Elaraj)
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid e3d084b531cc587b84daf968dc75963f-10eb0036462b7e71682ae8cfbb80209274338d0b --CMPID 0913b
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [NoMovingBands] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [NoCloseDragDropBands] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\Policies\Explorer: [ClassicShell] 0
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\MountPoints2: {18e5b8db-49ae-11df-89a2-000ae4c55cf2} - J:\Launcher.exe
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\MountPoints2: {3119cc80-d104-11e0-84f5-00166f5b3a98} - H:\AutoRun.exe
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\MountPoints2: {3119cc84-d104-11e0-84f5-00166f5b3a98} - H:\AutoRun.exe
HKU\S-1-5-21-3205541497-2666314098-1127971023-1006\...\MountPoints2: {dd6b7f32-791c-11e3-8904-000ae4c55cf2} - H:\ukvr.bat
Lsa: [Notification Packages] scecli pwdmon
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\FileBox eXtender.lnk
ShortcutTarget: FileBox eXtender.lnk -> C:\Programme\FileBX\FileBX.exe (Hyperionics Technology LLC)
Startup: C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\Mozilla Firefox.lnk
ShortcutTarget: Mozilla Firefox.lnk -> C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Startup: C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\RSSOwl.lnk
ShortcutTarget: RSSOwl.lnk -> C:\Programme\RSSOwl\RSSOwl.exe ()
Startup: C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\Skype.lnk
ShortcutTarget: Skype.lnk -> C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Startup: C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart\Stoic Joker's T-Clock 2010.lnk
ShortcutTarget: Stoic Joker's T-Clock 2010.lnk -> C:\Programme\T-Clock.20130503\Win32\Clock.exe (Stoic Joker's Network)
==================== Internet (Whitelisted) ====================
ProxyServer: socks=127.0.0.1:9050
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - DefaultScope {390C2861-5811-41C9-9E76-D10A335F9438} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {390C2861-5811-41C9-9E76-D10A335F9438} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: COmeaHelper Object - {09628AAA-66AD-4FA2-82E2-698185B66463} - C:\Programme\Omea Reader\IexploreOmeaW.dll (JetBrains Inc)
BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll (www.flashget.com)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM - jBrowse Toolbar - {9E5BD40E-6287-11D6-9772-0002A5DD2483} - C:\Programme\jBrowse\JBO.dll ()
Toolbar: HKLM - Omea - {35402C01-1777-4159-9ABA-3480BA70D90A} - C:\Programme\Omea Reader\IexploreOmeaW.dll (JetBrains Inc)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programme\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4.1/jinstall-141-win.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\r2t3eybs.book
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Programme\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Programme\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Programme\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Programme\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Programme\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Programme\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\browser\plugins\npjp2.dll (Oracle Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\browser\plugins\NPSWF32_12_0_0_44.dll ()
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\browser\plugins\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ReminderFox - C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\r2t3eybs.book\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-02-02]
FF Extension: Thumbnail Zoom Plus - C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\r2t3eybs.book\Extensions\thumbnailZoom@dadler.github.com.xpi [2013-12-09]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Programme\PDF Architect\FFPDFArchitectExt
FF HKLM\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Programme\AVG\AVG2012\Thunderbird\
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox Aurora\firefox.exe
========================== Services (Whitelisted) =================
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624 2013-09-07] (Apple Inc.)
R2 AVGIDSAgent; C:\Programme\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Programme\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S3 BrYNSvc; C:\Programme\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
S2 CCALib8; C:\Programme\Canon\CAL\CALMAIN.exe [86606 2005-06-02] (Canon Inc.)
R2 CVPND; C:\Programme\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 DCService.exe; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe [229376 2010-05-08] ()
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [86016 2006-02-06] (Intel Corporation)
R2 HotspotShieldService; C:\Programme\Hotspot Shield\bin\openvpnas.exe [271408 2011-01-07] ()
S3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-07] (Hewlett-Packard Co.)
R2 HssSrv; C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe [352304 2011-01-05] (AnchorFree Inc.)
S3 HssTrayService; C:\Programme\Hotspot Shield\bin\HssTrayService.EXE [57640 2011-01-07] ()
R2 HssWd; C:\Programme\Hotspot Shield\bin\hsswd.exe [326704 2010-10-15] ()
R2 IBM Rapid Restore Ultra Service; C:\Programme\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [339968 2004-03-19] ()
R2 IBMPMSVC; C:\WINDOWS\System32\ibmpmsvc.exe [57344 2004-02-26] ()
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553288 2013-10-19] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-01-15] (Oracle Corporation)
R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [303104 2002-10-14] (Lexmark International, Inc.)
R2 MA_CMIDI_InstallerService; C:\Programme\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe [94208 2005-09-28] ()
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-05] (Mozilla Foundation)
R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441712 2008-11-04] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Programme\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Programme\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [139264 2006-02-06] (Intel Corporation)
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [372809 2006-02-06] (Intel Corporation )
R2 SbieSvc; C:\Programme\Sandboxie\SbieSvc.exe [75496 2010-10-17] (SANDBOXIE L.T.D)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia)
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] ()
R2 SUService; c:\programme\lenovo\system update\suservice.exe [28672 2009-06-12] (Lenovo Group Limited)
S4 TabletServicePen; C:\Programme\Tablet\Pen\Pen_Tablet.exe [5554552 2011-09-08] (Wacom Technology, Corp.)
R2 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [644408 2007-09-26] (Lenovo Group Limited)
S4 TouchServicePen; C:\Programme\Tablet\Pen\Pen_TouchService.exe [451960 2011-09-08] (Wacom Technology, Corp.)
R2 TpKmpSVC; C:\WINDOWS\system32\TpKmpSVC.exe [32768 2003-07-12] ()
R2 TVT Scheduler; C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe /svc [X]
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe /medsvc [X]
S3 PsaSrv; No ImagePath
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
S4 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [17801 2012-01-04] (Meetinghouse Data Communications)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.)
S3 CyUsbNT; C:\WINDOWS\System32\Drivers\CyUsbNT.sys [28800 2005-02-16] (Cypress Semiconductor)
R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R2 EGATHDRV; C:\WINDOWS\SYSTEM32\EGATHDRV.SYS [5120 2004-03-19] (IBM Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-17] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-17] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-17] (HP)
R3 HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [197888 2004-07-22] (Conexant Systems, Inc.)
R3 HssDrv; C:\WINDOWS\System32\DRIVERS\HssDrv.sys [37376 2010-09-22] (AnchorFree Inc.)
R2 ibmfilter; C:\WINDOWS\system32\drivers\ibmfilter.sys [63872 2004-03-19] (IBM)
R3 IBMPMDRV; C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys [11344 2004-02-26] (IBM Corp.)
S3 ltmodem5; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [607196 2004-08-04] (LT)
S3 LVBulk; C:\WINDOWS\System32\DRIVERS\LVBulk.sys [10254 2002-06-10] (Logitech Inc.)
S3 MA_CMIDI; C:\WINDOWS\System32\drivers\ma_cmidi.sys [21888 2005-06-14] (M-Audio)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NANMp50; C:\WINDOWS\System32\Drivers\NANMp50.sys [36408 2010-03-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NANSp50; C:\WINDOWS\System32\Drivers\NANSp50.sys [35384 2010-03-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46848 2008-04-14] (Microsoft Corporation)
S3 PAC7311; C:\WINDOWS\System32\DRIVERS\PA707UCM.SYS [154752 2005-10-18] (PixArt Imaging Inc.)
S3 PID_0900_V; C:\WINDOWS\System32\DRIVERS\LV551AV.sys [220079 2002-06-10] (Logitech Inc.)
R2 PMEM; C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS [7012 2000-06-01] (Microsoft Corporation)
R1 PQNTDrv; C:\WINDOWS\system32\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation)
S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 RDID1079; C:\WINDOWS\System32\Drivers\rdwm1079.sys [140928 2009-10-14] (Roland Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11354 2005-11-07] (Intel Corporation)
S3 S3SSavage; C:\WINDOWS\System32\DRIVERS\s3ssavm.sys [95104 2001-11-01] (S3 Graphics, Inc.)
R3 SbieDrv; C:\Programme\Sandboxie\SbieDrv.sys [124648 2010-10-17] (SANDBOXIE L.T.D)
R1 Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [14848 2004-07-29] (Microsoft Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-04-16] ()
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2009-11-12] ()
R3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R1 TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [9341 2004-07-29] ()
R3 teamviewervpn; C:\WINDOWS\System32\DRIVERS\teamviewervpn.sys [25088 2013-06-06] (TeamViewer GmbH)
R3 Tp4Track; C:\WINDOWS\System32\DRIVERS\tp4track.sys [13904 2003-11-13] (IBM Corporation)
R1 TPHKDRV; C:\WINDOWS\system32\Drivers\TPHKDRV.sys [16340 2004-06-10] (IBM Corporation)
R1 TPPWR; C:\WINDOWS\System32\drivers\Tppwr.sys [16384 2004-07-29] (IBM Corp.)
R1 TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [7168 2004-07-15] ()
S3 TwoTrack; C:\WINDOWS\System32\DRIVERS\TwoTrack.sys [11520 2001-08-17] (IBM Corporation)
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [579840 2009-09-01] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [551424 2009-09-02] (eMPIA Technology, Inc.)
S3 USB_RNDIS; C:\WINDOWS\System32\DRIVERS\usb8023.sys [12800 2008-04-13] (Microsoft Corporation)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3325312 2006-01-17] (Intel® Corporation)
R3 xMrMINI; C:\WINDOWS\System32\DRIVERS\xMrMini.sys [242816 2007-03-30] (Generic Provider.)
R3 xVGAMINI; C:\WINDOWS\System32\DRIVERS\xVgaMini.sys [243456 2007-03-30] (Generic Provider.)
S3 xVGAUSB; C:\WINDOWS\System32\drivers\xvgausb.sys [25984 2007-04-03] (Generic Provider.)
U3 aouegull; C:\WINDOWS\system32\Drivers\aouegull.sys [0 ] (Microsoft Corporation)
S3 AEXPAM; No ImagePath
U2 CertPropSvc;
S3 CrystalSysInfo; \??\C:\Programme\MediaCoder\SysInfo.sys [X]
S3 moufiltr; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SynasUSB; No ImagePath
U5 UnlockerDriver5; C:\Programme\Unlocker\UnlockerDriver5.sys [4096 2010-03-09] ()
S3 vhidmini; No ImagePath
S3 w22n51; System32\DRIVERS\w22n51.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-07 15:30 - 2014-02-07 15:30 - 00032379 _____ () C:\Dokumente und Einstellungen\xxx\Desktop\FRST.txt
2014-02-07 15:30 - 2014-02-07 15:30 - 00000000 ____D () C:\FRST
2014-02-07 15:28 - 2014-02-07 15:28 - 01136640 _____ (Farbar) C:\Dokumente und Einstellungen\xxx\Desktop\FRST.exe
2014-02-05 00:12 - 2014-02-05 00:13 - 00000000 ____D () C:\Programme\Mozilla Firefox
2014-02-04 23:56 - 2014-02-05 00:01 - 00000000 ____D () C:\Programme\Mozilla Thunderbird
2014-01-25 03:42 - 2014-01-25 03:42 - 00000652 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Opera.lnk
2014-01-25 03:42 - 2014-01-25 03:42 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Opera Software
2014-01-25 03:42 - 2014-01-25 03:42 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Opera Software
2014-01-15 14:35 - 2014-01-15 14:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-01-15 14:35 - 2014-01-15 14:34 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-15 14:35 - 2014-01-15 14:34 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-15 14:35 - 2014-01-15 14:34 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-15 14:35 - 2014-01-15 14:34 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-15 14:35 - 2014-01-15 14:34 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
==================== One Month Modified Files and Folders =======
2014-02-07 15:30 - 2014-02-07 15:30 - 00032379 _____ () C:\Dokumente und Einstellungen\xxx\Desktop\FRST.txt
2014-02-07 15:30 - 2014-02-07 15:30 - 00000000 ____D () C:\FRST
2014-02-07 15:30 - 2010-04-16 07:51 - 01155007 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-07 15:28 - 2014-02-07 15:28 - 01136640 _____ (Farbar) C:\Dokumente und Einstellungen\xxx\Desktop\FRST.exe
2014-02-07 15:27 - 2010-10-06 14:58 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Dropbox
2014-02-07 15:08 - 2010-04-16 07:45 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Skype
2014-02-07 14:49 - 2011-08-30 22:14 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\TeraCopy
2014-02-07 14:45 - 2011-10-01 10:35 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-07 14:34 - 2012-11-21 13:34 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-07 14:11 - 2003-02-24 22:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-07 14:11 - 2003-02-24 22:23 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-07 14:08 - 2010-04-16 00:46 - 00000000 ____D () C:\Programme\Taskbar Shuffle
2014-02-07 14:07 - 2011-10-01 10:35 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-07 14:07 - 2003-02-24 22:32 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-07 09:52 - 2010-11-12 13:18 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2014-02-07 09:22 - 2010-10-06 20:04 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Eigene Dateien\Zotero
2014-02-07 09:17 - 2010-06-06 16:45 - 00000000 ____D () C:\Programme\RSSOwl
2014-02-07 01:27 - 2010-04-15 22:18 - 00000190 ___SH () C:\Dokumente und Einstellungen\xxx\ntuser.ini
2014-02-07 01:27 - 2003-02-24 22:37 - 00032564 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-06 09:49 - 2010-06-06 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\.rssowl2
2014-02-05 21:10 - 2010-04-16 09:27 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\foobar2000
2014-02-05 09:22 - 2012-04-24 19:33 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2014-02-05 00:18 - 2003-02-24 22:21 - 00000000 ___RD () C:\Programme
2014-02-05 00:13 - 2014-02-05 00:12 - 00000000 ____D () C:\Programme\Mozilla Firefox
2014-02-05 00:01 - 2014-02-04 23:56 - 00000000 ____D () C:\Programme\Mozilla Thunderbird
2014-02-04 18:45 - 2012-11-21 13:34 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-04 18:45 - 2012-11-10 20:49 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-03 00:53 - 2010-09-12 10:43 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\vlc
2014-01-29 01:59 - 2010-04-15 22:18 - 00000000 ___RD () C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Autostart
2014-01-28 16:58 - 2010-04-17 11:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2014-01-28 16:58 - 2010-04-15 23:07 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Adobe
2014-01-27 20:53 - 2011-06-24 12:05 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\.gimp-2.6
2014-01-27 20:52 - 2014-01-27 20:52 - 00016342 _____ () C:\Dokumente und Einstellungen\xxx\.recently-used.xbel
2014-01-27 20:52 - 2010-04-15 22:18 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx
2014-01-26 12:18 - 2012-11-14 01:57 - 00717731 _____ () C:\WINDOWS\setupapi.log
2014-01-25 03:42 - 2014-01-25 03:42 - 00000652 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Opera.lnk
2014-01-25 03:42 - 2014-01-25 03:42 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\Opera Software
2014-01-25 03:42 - 2014-01-25 03:42 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Opera Software
2014-01-25 03:42 - 2010-12-12 15:30 - 00000000 ____D () C:\Programme\Opera
2014-01-25 03:42 - 2003-02-24 22:21 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-01-23 15:56 - 2010-10-02 14:02 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\dwhelper
2014-01-22 13:06 - 2010-04-18 22:59 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mp3tag
2014-01-19 14:02 - 2011-01-19 21:57 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Startmenü\Programme\Dropbox
2014-01-19 14:02 - 2010-10-06 15:05 - 00001056 _____ () C:\Dokumente und Einstellungen\xxx\Desktop\Dropbox.lnk
2014-01-16 17:04 - 2010-06-02 00:34 - 00000000 ____D () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\gtk-2.0
2014-01-15 14:35 - 2014-01-15 14:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-01-15 14:34 - 2014-01-15 14:35 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-15 14:34 - 2014-01-15 14:35 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-15 14:34 - 2014-01-15 14:35 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-15 14:34 - 2014-01-15 14:35 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-15 14:34 - 2014-01-15 14:35 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-13 14:05 - 2010-05-29 14:23 - 00000000 ____D () C:\Programme\Flash Disinfector
Files to move or delete:
====================
C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Camdata.ini
C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\CamLayout.ini
C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\CamShapes.ini
C:\Dokumente und Einstellungen\xxx\gm_scripts_batch_file.bat
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\multiskype\Lokale Einstellungen\Temp\SkypeSetup.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\npp.6.4.3.Installer.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\npp.6.4.5.Installer.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\npp.6.5.1.Installer.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\npp.6.5.Installer.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\rtdrvmon.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\vlc-2.0.6-win32.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\vlc-2.0.7-win32.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\vlc-2.0.8-win32.exe
C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe
[1980-01-01 08:00] - [2008-04-14 06:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\WINDOWS\system32\winlogon.exe
[1980-01-01 08:00] - [2008-04-14 06:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\WINDOWS\system32\svchost.exe
[1980-01-01 08:00] - [2008-04-14 06:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\WINDOWS\system32\services.exe
[1980-01-01 08:00] - [2008-04-14 06:53] - 0109056 ____A (Microsoft Corporation) 4bb6a83640f1d1792ad21ce767b621c6
C:\WINDOWS\system32\User32.dll
[1980-01-01 08:00] - [2008-04-14 06:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\WINDOWS\system32\userinit.exe
[1980-01-01 08:00] - [2008-04-14 06:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\WINDOWS\system32\rpcss.dll
[1980-01-01 08:00] - [2008-04-14 06:52] - 0399360 ____A (Microsoft Corporation) e970c2296916bf4a2f958680016fe312
ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[1980-01-01 08:00] - [2008-04-14 06:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-02-2014
Ran by xxx at 2014-02-07 15:32:00
Running from C:\Dokumente und Einstellungen\xxx\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 2 (SP2) (Version: - Microsoft) Hidden
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
7-Zip 4.65 (Version: - )
AC3Filter 1.63b (Version: 1.63b - Alexander Vigovsky)
Access IBM (Version: 4.51 - IBM Corporation)
Access IBM Message Center (Version: 2.101 - Ihr Firmenname)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
All Office Converter Platinum 6.4 (Version: - OfficeConvert Software, Inc.)
AMP Font Viewer (Version: - )
Aostsoft All Document Converter Professional 3.8.2 (Version: - Aostsoft,Inc.)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (Version: - )
Aurora 25.0a2 (x86 de) (Version: 25.0a2 - Mozilla)
Autostart-Manager 2006 (Version: 6.00.0000 - Wirth New Media Sarl)
AVG 2014 (Version: 14.0.3697 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
BestPractice (remove only) (Version: - )
BlogBridge (Version: 6.7 - Salas Associates Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
Brother MFL-Pro Suite MFC-J5910DW (Version: 1.1.1.0 - Brother Industries, Ltd.)
calibre (Version: 0.7.42 - Kovid Goyal)
Camera Access Library (Version: 8.0.0.21 - Canon) Hidden
Camera Support Core Library (Version: 7.3.0.4 - Canon) Hidden
Camera Window DS (Version: 5.3.1 - Canon) Hidden
Camera Window DVC (Version: 5.4.4 - Canon) Hidden
Camera Window DVC (Version: 6.0 - Canon) Hidden
Camera Window MC (Version: 6.0 - Canon) Hidden
Canon Camera Access Library (Version: 8.0.0.21 - Canon)
Canon Camera Support Core Library (Version: 7.3.0.4 - Canon)
Canon Camera Window DC_DV 5 for ZoomBrowser EX (Version: 5.4.4 - Canon)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.0 - Canon)
Canon Camera Window DSLR 5 for ZoomBrowser EX (Version: 5.3.1 - Canon)
Canon Camera Window MC 6 for ZoomBrowser EX (Version: 6.0 - Canon)
CANON iMAGE GATEWAY Task (Version: 1.0.0.23 - Canon) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.0.0.23 - Canon)
Canon Internet Library for ZoomBrowser EX (Version: 1.4.0 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.1.0.20 - Canon)
Canon PhotoRecord (Version: 02.02.03002 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.2 - Canon)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.16 - Canon)
Canon ZoomBrowser EX (G) (Version: 5.05.0000 - Canon)
CDBurnerXP (Version: 4.3.8.2568 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.6 - Cisco Systems, Inc.)
Data Lifeguard Diagnostic for Windows (Version: 1.17 - Western Digital Corporation)
Dienstprogramm 'IBM ThinkPad EasyEject' (Version: 2.04 - )
Dienstprogramm 'IBM ThinkPad-Tastaturanpassung' (Version: 1.2.92.0 - )
DivX-Setup (Version: 1.0.1.5 - DivX, Inc. )
Double File Finder (Version: 1.0.2.0 - WarpSoft)
Driver Sweeper Version 3.1.0 (Version: 3.1.0 - Phyxion.net)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
EMEA Wallpaper (Version: 1.00.0000 - IBM) Hidden
Exact Audio Copy 1.0beta1 (Version: 1.0beta1 - Andre Wiethoff)
Fax (Version: 100.0.272.000 - Hewlett-Packard) Hidden
FileBox eXtender (Version: - Hyperionics Technology LLC)
FileBox eXtender (Version: 2.1.0 - Hyperionics Technology LLC) Hidden
FileZilla Client 3.3.3 (Version: 3.3.3 - )
FLAC 1.2.1b (remove only) (Version: 1.2.1b - Xiph.org)
FlashGet 1.9.6.1073 (Version: 1.9.6.1073 - hxxp://www.FlashGet.com)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25) - Martijn de Visser)
foobar2000 v1.1.2 (Version: 1.1.2 - Peter Pawlowski)
Foto-Mosaik-Edda Standard V5.6.1 (Version: - Steffen Schirmer)
Free Video to iPhone Converter version 5.0.4.1228 (Version: - DVDVideoSoft Ltd.)
FreeCommander 2009.02a (Version: 2009.02 - Marek Jasinski)
FreeOCR v4.2 (Version: - )
Funktion "IBM TrackPoint-Eingabehilfen" (Version: 1.06.0.0 - )
GetASFStream (Version: - )
GetCanon! 1.7 (Version: 1.7 - David Vidmar)
GIMP 2.6.11 (Version: 2.6.11 - The GIMP Team)
GNU Solfege 3.16.3 (Version: - )
Google Earth Plug-in (Version: 6.1.0.4738 - Google)
Google Update Helper (Version: 1.3.21.69 - Google Inc.) Hidden
GPL Ghostscript 9.01 (Version: - )
Greenshot 1.0.6.2228 (Version: 1.0.6.2228 - Greenshot)
GSview 4.9 (Version: - )
Haali Media Splitter (Version: - )
HijackThis 2.0.2 (Version: 2.0.2 - TrendMicro)
Hotfix für Windows XP (KB942288-v3) (Version: 3 - Microsoft Corporation)
Hotspot Shield 1.57 (Version: 1.57 - AnchorFree)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet J4500 Series (Version: 1.0 - HP)
HxD Hex Editor Version 1.7.7.0 (Version: 1.7.7.0 - Maël Hörz)
IBM 32-bit Runtime Environment for Java 2, v1.4.1 (Version: 1.4.1 - IBM)
IBM 32-bit Runtime Environment for Java 2, v1.4.1 (Version: 1.4.1 - IBM) Hidden
IBM DLA (Version: 4.95 - IBM Corporation)
IBM Integrated 56K Modem (Version: 7.02.03 - )
IBM RecordNow! (Version: 7.22 - IBM Corporation)
IBM Rescue and Recovery with Rapid Restore (Version: 1.00.0033 - Ihr Firmenname)
IBM Themes (Version: 1.00.0000 - IBM) Hidden
IBM ThinkPad 'Akku-MaxiMiser' und Stromsparfunktionen (Version: 1.37 - )
IBM ThinkPad Power Management Driver (Version: 1.26 - )
IBM ThinkPad 'Präsentationsdirektor' (Version: 2.31 - )
IBM ThinkPad-Konfiguration (Version: 1.36 - )
IBM ThinkVantage Technologies Welcome Message (Version: 1.00 - ) Hidden
IBM TrackPoint Support (Version: 3.12.0.0 - )
Inkscape 0.48.2 (Version: 0.48.2 - )
Installationsprogramm für ThinkPad-Software (Version: 2.30.0481 - )
Intel(R) Extreme Graphics 2 Driver (Version: 6.14.10.3879 - )
Intel(R) PRO Network Adapters and Drivers (Version: - )
Intel(R) PROSet/Wireless Software (Version: - Intel Corporation)
Internet Library (Version: 1.4.0 - Canon Inc.) Hidden
InterVideo WinDVD (Version: 5.0-B11.250 - InterVideo Inc.)
iPhone-Konfigurationsprogramm (Version: 3.6.2.300 - Apple Inc.)
IrfanView (remove only) (Version: - )
IsoBuster 1.7 (Version: 1.7 - Smart Projects)
iTunes (Version: 11.1.2.31 - Apple Inc.)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JetBrains Omea Reader (Version: - )
Lexmark X74-X75 (Version: - )
Logitech ImageStudio (Version: 7.30.0000 - Logitech, Inc.)
MA_CMIDI (Version: 4.2.01v3 - M-Audio)
MAGIX USB-Videowandler 2 Device Driver (Version: - )
mCore (Version: 1.45.0000 - Intel Corporation) Hidden
mDriver (Version: 1.45.0000 - Intel) Hidden
MeCab 0.98 (Version: 0.98 - Taku Kudo)
MediaInfo 0.7.58 (Version: 0.7.58 - MediaArea.net)
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft AppLocale (Version: 1.0.0 - MS)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft RichCopy 4.0 (Version: 4.0.211 - Microsoft Corporation)
Microsoft Software Update for Web Folders (German) 12 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (Version: - )
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mobile Partner (Version: 16.002.03.03.511 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 27.0 (x86 de) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (Version: 27.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (Version: 24.3.0 - Mozilla)
Mp3tag v2.58 (Version: v2.58 - Florian Heidenreich)
mPfMgr (Version: 1.45.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 1.45.0000 - Intel Corporation) Hidden
NetSurveyor 2.0.9582.0 (Version: - Nuts About Nets, LLC)
Network Stumbler 0.4.0 (remove only) (Version: - )
No23 Recorder (Version: 2.1.0.3 - No23)
No23 Recorder (Version: 2.1.0.3 - No23) Hidden
Nokia Connectivity Cable Driver (Version: 7.1.23.0 - Nokia)
Nokia PC Suite (Version: 7.1.40.6 - Nokia)
Nokia PC Suite (Version: 7.1.40.6 - Nokia) Hidden
Notepad++ (Version: 6.5.1 - Notepad++ Team)
Open XML Editor (Version: - Dieter Köhler)
Open XML Editor (Version: 1.6.2 - Dieter Köhler) Hidden
OpenSSL 1.0.0f Light (32-bit) (Version: - OpenSSL Win32 Installer Team)
Opera Stable 18.0.1284.68 (Version: 18.0.1284.68 - Opera Software ASA)
Paint.NET v3.5.5 (Version: 3.55.0 - dotPDN LLC)
Panda Batch File Renamer 2.3 (Version: 2.3 - Animal Software)
Pano2VR - Garden Gnome Software (Version: - )
PC Connectivity Solution (Version: 9.44.0.3 - Nokia)
PC VGA Camera (Version: 1.0.1.49 - Ihr Firmenname) Hidden
PC-Doctor für Windows (Version: - )
PDF Architect (Version: 1.0.52.8917 - pdfforge)
PDFCreator (Version: 1.6.2 - pdfforge)
PDF-XChange Viewer (Version: 2.0.55.0 - Tracker Software Products Ltd.)
Phase 5 HTML-Editor (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoStitch (Version: 3.1.16 - Canon) Hidden
Powertoys For Windows XP (Version: 1.00.0000 - Microsoft Corporation)
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
RAW Image Task 2.2 (Version: 2.2 - Canon) Hidden
RCA Digital Cable Modem (Version: - )
Real Alternative 2.0.2 (Version: 2.0.2 - )
REAPER (Version: - )
RSSOwl (Version: - )
Sandboxie 3.50 (Version: - )
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Scribus 1.3.9 (Version: 1.3.9 - The Scribus Team)
SIW version 2010.03.10 (Version: 2010.03.10 - Topala Software Solutions)
Skype™ 3.8 (Version: 3.8.139 - Skype Technologies S.A.)
SmartOCR Lite Edition 1.0 (Version: 1.0.70 - Smart Reading)
SpringCard PC/SC Diagnostic (SQ2075-BA) (Version: BA - SpringCard)
Streambox Vcr Suite 2 (Version: - The Streaming Media Recording Forum)
Streamripper (Remove only) (Version: - )
StreamTransport version: 1.0.2.2171 (Version: - )
SVG Explorer Extension 0.1.1 (Version: 0.1.1 - Dotz Softwares)
System Update (Version: 3.14.0024 - Lenovo)
Sytrus (Version: - Image-Line)
TABVIEW2 (Version: - )
Taskbar Shuffle version 2.5 (Version: 2.5 - Jay Elaraj)
TeamViewer 8 (Version: 8.0.22298 - TeamViewer)
TEFView 2.73 (Version: - TablEdit)
TeraCopy 2.2 (Version: - Code Sector Inc.)
ThinkPad FullScreen Magnifier (Version: 1.10 - )
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Tor 0.2.1.25 (Version: - )
TotalDocConverter (Version: - Softplicity, Inc.)
TV-Browser 3.2 (Version: 3.2 - TV-Browser Team)
Ultra Document To Text Converter 2.0 (Version: - Ultra Shareware, Inc.)
Universal Extractor 1.6.1 (Version: 1.6.1 - Jared Breland)
Unlocker 1.8.9 (Version: 1.8.9 - Cedrick Collomb)
Update for Microsoft Office Word 2007 (KB974631) (Version: - Microsoft)
URL Snooper v2.26.01 (Version: - DonationCoder.com)
URLy Warning 3.0 (Version: - )
USB 2.0 VGA Adapter 7.4.0.0403.0101 (Version: 7.4.0.0403.0101 - MCT Co.)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
Vidalia 0.2.7 (Version: - )
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
VobSub v2.23 (Remove Only) (Version: - )
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
WebSite-Watcher 2010 (10.3) (Version: 2010 (10.3) - www.aignes.com)
WebTablet FB Plugin (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (Version: 1.1.0.10 - Wacom Technology Corp.)
WinDjView 2.0.2 (Version: 2.0.2 - Andrew Zhezherun)
Windows Imaging Component (Version: 3.0.0.0 - Microsoft Corporation)
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (Version: 20080414.031514 - Microsoft Corporation)
Windows-Treiberpaket - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724) (Version: 08/01/2006 5.2.3790.2724 - Microsoft)
Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4) (Version: 06/01/2009 7.01.0.4 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) (Version: 10/05/2009 4.2 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinHTTrack Website Copier 3.44-1 (Version: 3.44.1 - HTTrack)
WinMerge 2.12.4 (Version: 2.12.4 - Thingamahoochie Software)
WinPcap 4.1.3 (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinSPOKES (Version: - )
WinX HD Video Converter Deluxe 3.10.2 (Version: - Digiarty Software,Inc.)
Wireshark 1.10.0 (32-bit) (Version: 1.10.0 - The Wireshark developer community, hxxp://www.wireshark.org)
Xaldon WebSpider2 (Version: - )
XMedia Recode 2.2.2.9 (Version: 2.2.2.9 - Sebastian Dörfler)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
Xvid 1.2.2 final uninstall (Version: 1.2 - Xvid team (Koepi))
XviD MPEG4 Video Codec (remove only) (Version: - )
Xvid MPEG-4 Video Codec (Version: - Xvid Development Team)
==================== Restore Points =========================
03-02-2014 20:15:31 Systemprüfpunkt
04-02-2014 21:13:27 Systemprüfpunkt
05-02-2014 21:21:30 Systemprüfpunkt
07-02-2014 10:35:48 Systemprüfpunkt
==================== Hosts content: ==========================
1980-01-01 08:00 - 2013-01-06 22:46 - 00001553 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\BMMTask.job => C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2004-03-19 20:12 - 2004-03-19 20:12 - 00045056 _____ () C:\WINDOWS\system32\pwdmon.dll
2010-04-16 00:46 - 2008-04-13 14:32 - 00165376 ____C () C:\Programme\Taskbar Shuffle\tbhookin.dll
2010-03-09 03:55 - 2010-03-09 03:55 - 00010752 _____ () C:\Programme\Unlocker\UnlockerCOM.dll
2011-06-06 19:40 - 2011-05-28 21:04 - 00140288 _____ () C:\Programme\WinRAR\rarext.dll
2011-09-28 17:36 - 2009-06-22 01:26 - 00305664 _____ () C:\Programme\TeraCopy\TeraCopyExt.dll
2011-09-28 17:36 - 2009-07-13 22:50 - 00325120 _____ () C:\Programme\TeraCopy\TeraCopy.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
1980-01-01 08:00 - 2003-11-13 11:12 - 00115200 _____ () C:\WINDOWS\system32\tp4uires.dll
2010-04-16 06:39 - 2003-07-04 07:49 - 00024576 _____ () C:\Programme\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll
2010-04-16 06:39 - 2004-05-28 23:33 - 00225280 _____ () C:\Programme\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\WINDOWS\system32\vpnapi.dll
2011-02-23 16:08 - 2011-02-23 16:08 - 00080384 _____ () C:\Programme\FileBX\FbxRes.dll
2014-02-05 00:12 - 2014-02-05 00:13 - 03583600 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
2014-02-04 23:56 - 2014-02-04 23:56 - 03019376 _____ () C:\Programme\Mozilla Thunderbird\mozjs.dll
2014-02-04 23:56 - 2014-02-04 23:56 - 00158832 _____ () C:\Programme\Mozilla Thunderbird\NSLDAP32V60.dll
2014-02-04 23:56 - 2014-02-04 23:56 - 00023152 _____ () C:\Programme\Mozilla Thunderbird\NSLDAPPR32V60.dll
2012-11-21 11:38 - 2012-11-21 06:26 - 00008704 ____N () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Thunderbird\Profiles\cu47u924.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
1980-01-01 08:00 - 2008-04-14 06:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2009-03-30 03:34 - 2009-03-30 03:34 - 00280143 _____ () C:\Programme\Hotspot Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Programme\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Programme\Hotspot Shield\bin\libssl32.dll
2013-12-30 12:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Programme\Brother\BrUtilities\BrLogAPI.dll
2012-01-07 14:50 - 2011-03-16 10:29 - 01841000 _____ () C:\WINDOWS\system32\HPScanTRDrv_DJ3050A_J611.dll
2009-02-14 04:04 - 2009-02-14 04:04 - 00756040 _____ () C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A24211BA
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Nokia 6500s-1
Description: Nokia 6500s-1
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (02/07/2014 02:11:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/07/2014 02:11:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Canon Camera Access Library 8" ist vom Dienst "SSDP-Suchdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/07/2014 02:05:44 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache.
Error: (02/07/2014 09:20:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/07/2014 09:20:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Canon Camera Access Library 8" ist vom Dienst "SSDP-Suchdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/06/2014 08:15:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/06/2014 08:15:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Canon Camera Access Library 8" ist vom Dienst "SSDP-Suchdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/06/2014 06:51:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/06/2014 06:51:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Canon Camera Access Library 8" ist vom Dienst "SSDP-Suchdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/06/2014 09:48:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Microsoft Office Sessions:
=========================
Error: (12/26/2011 05:21:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/21/2011 01:41:43 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 73%
Total physical RAM: 2038.42 MB
Available physical RAM: 532.12 MB
Total Pagefile: 3934.07 MB
Available Pagefile: 2452.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.34 MB
==================== Drives ================================
Drive c: (IBM_PRELOAD) (Fixed) (Total:69.17 GB) (Free:3.52 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: () (Fixed) (Total:44.89 GB) (Free:3.78 GB) NTFS
Drive f: (Lokaler Datenträger) (Fixed) (Total:179.53 GB) (Free:1.77 GB) NTFS
Drive h: (SANDISK8GB) (Removable) (Total:7.46 GB) (Free:0.73 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: CCCDCCCD)
Partition 1: (Active) - (Size=69 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=4 GB) - (Type=12)
Partition 3: (Not Active) - (Size=224 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================ Viele Grüße |