| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows XP: 2 infizierte Dateien nach Malwarebytes ScanWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.09.2013, 18:06
| #1 |
 |  Windows XP: 2 infizierte Dateien nach Malwarebytes Scan Hallo allerseits, ich habe routinemäßig Malwarebytes laufen lassen und dabei wurden 2 infizierte Dateien entdeckt. Der Computer hat jedoch keine gravierenden Symptome, wobei er in letzter Zeit vielleicht ein wenig langsamer geworden ist. Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.07.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.11 Alex :: LENOVO-80D7E2D4 [Administrator] 07.09.2013 16:31:48 MBAM-log-2013-09-07 (17-32-53).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 242501 Laufzeit: 1 Stunde(n), 38 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads\iLividSetup-r400-n-bc.exe (PUP.Optional.Bandoo) -> Keine Aktion durchgeführt. C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Temp\InstallShare14830\bab_setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:42 on 07/09/2013 (Alex)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2013 03
Ran by Alex (administrator) on LENOVO-80D7E2D4 on 07-09-2013 17:45:49
Running from C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
(Microsoft Corporation) c:\Programme\Microsoft Security Client\MsMpEng.exe
(Broadcom Corporation.) C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
() C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStatsUpdater.exe
(Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
(Skype Technologies S.A.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
( ) c:\programme\lenovo\system update\suservice.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo.) C:\WINDOWS\System32\TPHDEXLG.exe
(IBM) C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
() C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
() C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
() C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPLpr.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Lenovo Group Limited) C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe
(Lenovo Group Limited) C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\WINDOWS\system32\TpShocks.exe
(Lenovo Group Limited) C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Zoom\TpScrex.exe
(Lenovo Group Limited) C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
(Analog Devices, Inc.) C:\Programme\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
(Sonic Solutions) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(Lenovo Group Limited) C:\Programme\Lenovo\AwayTask\AwaySch.EXE
(Lenovo Group Limited) C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
(LENOVO) C:\Programme\ThinkVantage\AMSG\Amsg.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\cssauth.exe
(Microsoft Corporation) C:\Programme\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Programme\PDF24\pdf24.exe
(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Programme\Digital Line Detect\DLG.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(InstallShield Software Corporation) c:\programme\gemeinsame dateien\installshield\updateservice\isuspm.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPLpr] - C:\Programme\Synaptics\SynTP\SynTPLpr.exe [110592 2006-02-14] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Programme\Synaptics\SynTP\SynTPEnh.exe [512000 2006-02-14] (Synaptics, Inc.)
HKLM\...\Run: [PWRMGRTR] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [BLOG] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
HKLM\...\Run: [TPFNF7] - C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe [58416 2007-03-28] (Lenovo Group Limited)
HKLM\...\Run: [TPHOTKEY] - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe [66176 2007-03-09] (Lenovo Group Limited)
HKLM\...\Run: [] -
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [181808 2007-03-29] (Lenovo.)
HKLM\...\Run: [EZEJMNAP] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [243248 2007-03-07] (Lenovo Group Limited)
HKLM\...\Run: [SoundMAXPnP] - C:\Programme\Analog Devices\Core\smax4pnp.exe [925696 2007-01-29] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Programme\Analog Devices\SoundMAX\Smax4.exe [749568 2007-01-16] (Analog Devices, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TVT Scheduler Proxy] - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe [536576 2007-02-08] (Lenovo Group Limited)
HKLM\...\Run: [DLA] - C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2006-02-02] (Sonic Solutions)
HKLM\...\Run: [ISUSPM Startup] - C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [AwaySch] - C:\Programme\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [LPManager] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [120368 2007-03-22] (Lenovo Group Limited)
HKLM\...\Run: [AMSG] - C:\Programme\ThinkVantage\AMSG\Amsg.exe [419376 2007-02-01] (LENOVO)
HKLM\...\Run: [DiskeeperSystray] - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe [196696 2006-05-18] (Diskeeper Corporation)
HKLM\...\Run: [ACWLIcon] - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [126976 2007-03-27] (Lenovo )
HKLM\...\Run: [cssauth] - C:\Programme\Lenovo\Client Security Solution\cssauth.exe [2618944 2007-01-30] (Lenovo Group Limited)
HKLM\...\Run: [MSC] - c:\Programme\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM\...\Run: [PDFPrint] - C:\Programme\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
Winlogon\Notify\ACNotify: ACNotify.dll [X]
Winlogon\Notify\psfus: C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\tpfnf2: C:\Programme\Lenovo\HOTKEY\notifyf2.dll [X]
Winlogon\Notify\tphotkey: C:\Programme\Lenovo\HOTKEY\tphklock.dll [X]
HKCU\...\Run: [Google Update] - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [116648 2012-09-04] (Google Inc.)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli psqlpwd ACGina
Startup: C:\Dokumente und Einstellungen\Alex\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
ShortcutTarget: Adobe Reader - Schnellstart.lnk -> C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Programme\Digital Line Detect\DLG.exe (Avanquest Software )
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ColorZillaStats - {59F7FE53-2860-44B1-968A-E54E3E949A07} - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStats.dll (Alex Sirota)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKCU -Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @alternatiff.com/AlternaTIFF - C:\Programme\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: ColorZillaStats - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default\Extensions\stats@colorzilla.com
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Babylon ToolBar) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (AlternaTIFF) - C:\Programme\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
CHR Plugin: (Picasa) - C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (ColorZillaStats) - C:\DOKUME~1\Alex\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cgfambohdeocadlemmdceabhlgccijal\2.7.12_0
CHR Extension: (Chrome In-App Payments service) - C:\DOKUME~1\Alex\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR HKLM\...\Chrome\Extension: [cgfambohdeocadlemmdceabhlgccijal] - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\CHROME\ColorZillaStats.crx
========================== Services (Whitelisted) =================
R2 AcPrfMgrSvc; C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [65536 2007-03-27] (Lenovo )
R2 AcSvc; C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe [180224 2007-03-27] (Lenovo )
R2 btwdins; C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe [266295 2007-02-27] (Broadcom Corporation.)
R2 ColorZillaStatsUpdater; C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStatsUpdater.exe [18432 2012-06-18] ()
R2 Diskeeper; C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe [622700 2006-05-23] (Diskeeper Corporation)
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [643072 2007-03-06] (Intel Corporation)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2007-01-04] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R2 IPSSVC; C:\Windows\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114144 2012-09-09] (Mozilla Foundation)
R2 MsMpSvc; c:\Programme\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-03-06] (Intel Corporation)
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-03-06] (Intel Corporation )
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
R2 SUService; c:\programme\lenovo\system update\suservice.exe [11776 2006-12-15] ( )
R2 ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [644672 2007-01-30] (Lenovo Group Limited)
R2 TSSCoreService; C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe [722496 2007-01-30] (IBM)
R2 TVT Backup Protection Service; C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe [569344 2007-02-08] ()
R2 TVT Backup Service; C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe [950272 2007-02-08] (Lenovo Group Limited)
R2 TVT Scheduler; c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [1118208 2007-02-08] (Lenovo Group Limited)
R2 tvtnetwk; C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056 2007-02-08] ()
R2 vpnagent; C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [537592 2012-08-03] (Cisco Systems, Inc.)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-08-03] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57256 2012-08-03] (Cisco Systems, Inc.)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21425 2011-10-05] (Meetinghouse Data Communications)
R1 ANC; C:\Windows\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.)
R3 atmeltpm; C:\Windows\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [868042 2007-02-27] (Broadcom Corporation.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [67960 2007-01-24] (Broadcom Corporation.)
R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions)
R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions)
R2 DLADResN; C:\Windows\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions)
R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions)
R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions)
R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions)
R1 DLARTL_N; C:\Windows\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions)
R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions)
R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions)
R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions)
S3 G400; C:\Windows\System32\DRIVERS\G400m.sys [322432 2001-08-18] (Matrox Graphics Inc.)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [6016 2006-01-13] ()
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-03-18] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R1 MpKsl1f8fe896; c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{2E2529A9-6CEE-4A2E-B324-B6F9F2EB570D}\MpKsl1f8fe896.sys [29904 2013-09-07] (Microsoft Corporation)
R3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2204672 2007-03-28] (Intel Corporation)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2011-10-05] (Microsoft Corporation)
R2 PROCDD; C:\Windows\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation)
R2 smihlp; C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [11152 2007-03-14] (UPEK Inc.)
R1 TPHKDRV; C:\Windows\System32\DRIVERS\TPHKDRV.sys [17778 2006-10-23] (IBM Corporation)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwrif.sys [4442 2006-12-19] ()
R1 TSMAPIP; C:\Windows\System32\drivers\TSMAPIP.SYS [12848 2007-03-28] ()
R3 TVTPktFilter; C:\Windows\System32\DRIVERS\tvtpktfilter.sys [17664 2007-02-08] (Lenovo Group Limited)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-07 16:12 - 2013-09-07 16:12 - 00008339 _____ C:\Dokumente und Einstellungen\Alex\Desktop\log_in_webmail_uni_koeln.odt
2013-09-06 13:51 - 2013-09-06 17:40 - 00014671 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Bibliotheque_Institut_de_France.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Eigene Dateien\adressen-archive-paris.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Desktop\adressen-archive-paris.odt
2013-09-05 22:48 - 2013-09-06 10:22 - 00017619 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brief_SEITA_Altadis_Archiv_Orleans.odt
2013-09-02 21:53 - 2013-09-07 08:45 - 00016893 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brainstorm_artes_jahrbuch_SoSe_2013.odt
2013-08-31 22:53 - 2013-08-31 22:54 - 00004491 _____ C:\WINDOWS\KB2834903-v2.log
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-13 23:56 - 2013-08-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 23:55 - 2013-08-13 23:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 23:54 - 2013-08-13 23:55 - 00013309 _____ C:\WINDOWS\KB2863058.log
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 20:08 - 2013-08-13 23:56 - 00018890 _____ C:\WINDOWS\KB2850869.log
2013-08-13 20:07 - 2013-08-13 23:56 - 00020616 _____ C:\WINDOWS\KB2859537.log
2013-08-13 20:06 - 2013-08-13 23:46 - 00109421 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-10 10:21 - 2013-08-10 23:02 - 00026699 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Noziz.odt
==================== One Month Modified Files and Folders =======
2013-09-07 17:45 - 2013-09-07 17:45 - 00000000 ____D C:\FRST
2013-09-07 17:34 - 2011-10-05 15:30 - 02832768 _____ C:\WINDOWS\system32\TPAPSLOG.LOG
2013-09-07 17:20 - 2012-09-04 19:49 - 00001206 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005UA.job
2013-09-07 16:48 - 2011-12-11 12:04 - 00000244 _____ C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2013-09-07 16:25 - 2012-11-26 10:09 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox
2013-09-07 16:12 - 2013-09-07 16:12 - 00008339 _____ C:\Dokumente und Einstellungen\Alex\Desktop\log_in_webmail_uni_koeln.odt
2013-09-07 16:07 - 2013-04-13 08:45 - 00585401 _____ C:\WINDOWS\setupapi.log
2013-09-07 14:28 - 2006-01-27 04:16 - 01974565 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-07 14:09 - 2012-04-23 18:22 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Skype
2013-09-07 08:48 - 2006-01-27 04:25 - 00032536 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-07 08:45 - 2013-09-02 21:53 - 00016893 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brainstorm_artes_jahrbuch_SoSe_2013.odt
2013-09-07 07:45 - 2012-09-09 18:29 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-09-07 07:37 - 2012-10-02 08:26 - 00000386 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-09-07 07:33 - 2012-11-26 10:13 - 00000000 ___RD C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Dropbox
2013-09-07 07:33 - 2011-12-14 01:15 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2013-09-07 07:29 - 2011-10-05 15:26 - 00000316 _____ C:\WINDOWS\Tasks\PMTask.job
2013-09-07 07:28 - 2013-03-13 01:07 - 00000498 _____ C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job
2013-09-07 07:27 - 2007-03-02 14:15 - 00025304 _____ C:\WINDOWS\system32\PROCDB.INI
2013-09-07 07:27 - 2006-01-26 19:12 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-07 07:27 - 2006-01-26 19:12 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-07 07:26 - 2011-10-05 15:31 - 00017544 _____ C:\TPHKLOCK.TXT
2013-09-07 07:26 - 2007-03-02 14:15 - 00000480 _____ C:\WINDOWS\system32\IPSCtrl.INI
2013-09-07 07:26 - 2006-01-27 04:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-06 23:38 - 2012-09-01 07:10 - 03997696 _____ C:\WINDOWS\system32\config\ACVPN.evt
2013-09-06 23:38 - 2011-12-11 12:03 - 00000190 ___SH C:\Dokumente und Einstellungen\Alex\ntuser.ini
2013-09-06 23:38 - 2011-12-11 12:03 - 00000000 ____D C:\Dokumente und Einstellungen\Alex
2013-09-06 17:40 - 2013-09-06 13:51 - 00014671 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Bibliotheque_Institut_de_France.odt
2013-09-06 11:52 - 2011-10-05 15:42 - 00000000 ____D C:\SWSHARE
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Eigene Dateien\adressen-archive-paris.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Desktop\adressen-archive-paris.odt
2013-09-06 10:22 - 2013-09-05 22:48 - 00017619 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brief_SEITA_Altadis_Archiv_Orleans.odt
2013-09-06 08:52 - 2012-08-11 12:32 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-09-05 18:00 - 2013-03-13 01:07 - 00000474 _____ C:\WINDOWS\Tasks\SpeedyPC Registration3.job
2013-09-04 17:27 - 2013-03-23 19:05 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Desktop\Workshop_mit_Pascal
2013-09-04 17:26 - 2012-09-04 19:50 - 00002364 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Google Chrome.lnk
2013-09-03 19:08 - 2011-12-11 12:03 - 00000000 ___RD C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Eigene Bilder
2013-09-02 22:48 - 2006-01-27 04:14 - 00068876 _____ C:\WINDOWS\wmsetup.log
2013-09-01 07:43 - 2012-01-12 15:20 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Citavi 3
2013-08-31 22:54 - 2013-08-31 22:53 - 00004491 _____ C:\WINDOWS\KB2834903-v2.log
2013-08-31 22:54 - 2006-01-26 19:09 - 01439000 _____ C:\WINDOWS\iis6.log
2013-08-31 22:54 - 2006-01-26 19:09 - 01303787 _____ C:\WINDOWS\FaxSetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00632005 _____ C:\WINDOWS\ocgen.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00605556 _____ C:\WINDOWS\tsoc.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00440118 _____ C:\WINDOWS\comsetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00404998 _____ C:\WINDOWS\msmqinst.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00264481 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00228811 _____ C:\WINDOWS\netfxocm.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00092078 _____ C:\WINDOWS\MedCtrOC.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00071498 _____ C:\WINDOWS\ocmsn.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00066449 _____ C:\WINDOWS\tabletoc.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00065296 _____ C:\WINDOWS\msgsocm.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-31 13:46 - 2006-01-27 03:01 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-17 11:20 - 2012-09-04 19:49 - 00001154 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005Core.job
2013-08-14 07:28 - 2006-01-26 15:19 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 00:17 - 2013-07-13 16:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 00:08 - 2011-12-14 13:29 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 00:01 - 2006-01-26 19:09 - 01171086 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-13 23:56 - 2013-08-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 23:56 - 2013-08-13 20:08 - 00018890 _____ C:\WINDOWS\KB2850869.log
2013-08-13 23:56 - 2013-08-13 20:07 - 00020616 _____ C:\WINDOWS\KB2859537.log
2013-08-13 23:56 - 2006-01-26 19:09 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-08-13 23:55 - 2013-08-13 23:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 23:55 - 2013-08-13 23:54 - 00013309 _____ C:\WINDOWS\KB2863058.log
2013-08-13 23:55 - 2011-10-05 15:21 - 00137776 _____ C:\WINDOWS\system32\TZLog.log
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 23:54 - 2006-01-27 19:21 - 00223863 _____ C:\WINDOWS\updspapi.log
2013-08-13 23:46 - 2013-08-13 20:06 - 00109421 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-13 23:46 - 2011-10-05 15:23 - 00000000 ____D C:\WINDOWS\system32\de-de
2013-08-10 23:02 - 2013-08-10 10:21 - 00026699 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Noziz.odt
Files to move or delete:
====================
C:\DOKUME~1\Alex\LOKALE~1\Temp\20111211112712437jniverify.dll
C:\DOKUME~1\Alex\LOKALE~1\Temp\20120709125921765jniverify.dll
C:\DOKUME~1\Alex\LOKALE~1\Temp\FlashPlayerUpdate.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\jre-6u32-windows-i586-iftw.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\jre-7u25-windows-i586-iftw.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\pdf24-creator-update.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SHSetup.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SkypeSetup.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\sqlite3.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SymLCSVC.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-01-27 03:01] - [2008-04-14 08:52] - 1036800 ____N (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0513024 ____N (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0014336 ____N (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-01-27 03:01] - [2009-02-09 13:21] - 0111104 ____N (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2006-01-27 03:00] - [2008-04-14 08:52] - 0580096 ____N (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0026624 ____N (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-01-27 03:01] - [2008-04-14 08:22] - 0053760 ____N (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2013 03 Ran by Alex at 2013-09-07 17:48:52 Running from C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 7-Zip 9.20 Access Help (Version: 2.00) Adobe Flash Player 11 ActiveX (Version: 11.1.102.55) Adobe Flash Player 11 Plugin (Version: 11.1.102.55) Adobe Reader 8 - Deutsch (Version: 8.0.0) Anzeige am Bildschirm (Version: 5.01) Apple Application Support (Version: 2.1.7) Apple Software Update (Version: 2.1.3.127) Cisco AnyConnect Secure Mobility Client (Version: 3.1.00495) Cisco AnyConnect Secure Mobility Client (Version: 3.1.00495) Citavi (Version: 3.1.15.0) Client Security Solution (Version: 8.00.0114.00) Dienstprogramm "ThinkPad UltraNav" (Version: 1.03) Diskeeper Lite (Version: 9.0.541) Dropbox (HKCU Version: 2.0.22) ElsterFormular (Version: 14.0.0.10960) Ergänzung zu Productivity Center für ThinkPad (Version: 2.00) FBReader for Windows Google Chrome (HKCU Version: 29.0.1547.66) Help Center (Version: 2.00c) High Definition Audio - KB888111 (Version: 20040219.000000) Hotfix für Windows XP (KB2570791) (Version: 1) Hotfix für Windows XP (KB2633952) (Version: 1) Hotfix für Windows XP (KB2756822) (Version: 1) Hotfix für Windows XP (KB2779562) (Version: 1) Hotfix für Windows XP (KB952287) (Version: 1) Hotfix für Windows XP (KB961118) (Version: 1) Integrated Camera (Version: 5.8.8.010) Intel(R) Graphics Media Accelerator Driver (Version: 6.14.10.4785) Intel(R) PRO Network Connections Drivers Intel(R) PROSet/Wireless Software (Version: 11.01.0.API) InterVideo WinDVD (Version: 5.0-B11.311) InterVideo WinDVD Creator 3 (Version: 3.0.01.196) J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60) Java Auto Updater (Version: 2.0.7.1) Java(TM) 6 Update 32 (Version: 6.0.320) Kyocera Product Library (Version: 2.0.0713) Lenovo Registration Maintenance Manager (Version: 3.0.4.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) mCore (Version: 9.07.0000) mDriver (Version: 9.07.0000) Message Center (Version: 2.01b) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 2.0 Language Pack - DEU Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Security Client (Version: 4.2.0223.1) Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0) Microsoft Security Essentials (Version: 4.2.223.1) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) mMHouse (Version: 9.07.0000) Mozilla Firefox 15.0.1 (x86 de) (Version: 15.0.1) Mozilla Maintenance Service (Version: 15.0.1) mPfMgr (Version: 9.07.0000) mProSafe (Version: 9.00.0000) MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 6.0 Parser (Version: 6.00.3883.8) mWlsSafe (Version: 9.00.0000) OpenOffice.org 3.3 (Version: 3.3.9567) PC-Doctor 5 für Windows (Version: 5.00.4334.11) PDF24 Creator 5.4.0 Picasa 3 (Version: 3.9) Präsentationsdirektor (Version: 3.02b) RecordNow Audio (Version: 2.0.4) RecordNow Copy (Version: 2.0.4) RecordNow Data (Version: 2.0.4) Remove Multimedia Center Rescue and Recovery (Version: 4.00.0114.00) Sicherheitsupdate für Microsoft Windows (KB2564958) Sicherheitsupdate für Step by Step Interactive Training (KB898458) (Version: 20050502.101010) Sicherheitsupdate für Step by Step Interactive Training (KB923723) (Version: 20050502.101010) Sicherheitsupdate für Windows Internet Explorer 7 (KB2544521) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2586448) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2618444) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2647516) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2675157) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2699988) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2722913) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2744842) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2761465) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2792100) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2797052) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2799329) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2809289) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2817183) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2829530) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2838727) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2846071) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB2862772) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 7 (KB929969) (Version: 20061222.120000) Sicherheitsupdate für Windows Media Player (KB2378111) Sicherheitsupdate für Windows Media Player (KB2834903) Sicherheitsupdate für Windows Media Player (KB2834903-v2) Sicherheitsupdate für Windows Media Player (KB911564) Sicherheitsupdate für Windows Media Player (KB952069) Sicherheitsupdate für Windows Media Player (KB954155) Sicherheitsupdate für Windows Media Player (KB973540) Sicherheitsupdate für Windows Media Player (KB975558) Sicherheitsupdate für Windows Media Player (KB978695) Sicherheitsupdate für Windows Media Player 10 (KB917734) Sicherheitsupdate für Windows XP (KB2079403) (Version: 1) Sicherheitsupdate für Windows XP (KB2115168) (Version: 1) Sicherheitsupdate für Windows XP (KB2229593) (Version: 1) Sicherheitsupdate für Windows XP (KB2296011) (Version: 1) Sicherheitsupdate für Windows XP (KB2347290) (Version: 1) Sicherheitsupdate für Windows XP (KB2360937) (Version: 1) Sicherheitsupdate für Windows XP (KB2387149) (Version: 1) Sicherheitsupdate für Windows XP (KB2393802) (Version: 1) Sicherheitsupdate für Windows XP (KB2412687) (Version: 1) Sicherheitsupdate für Windows XP (KB2419632) (Version: 1) Sicherheitsupdate für Windows XP (KB2423089) (Version: 1) Sicherheitsupdate für Windows XP (KB2440591) (Version: 1) Sicherheitsupdate für Windows XP (KB2443105) (Version: 1) Sicherheitsupdate für Windows XP (KB2476490) (Version: 1) Sicherheitsupdate für Windows XP (KB2478960) (Version: 1) Sicherheitsupdate für Windows XP (KB2478971) (Version: 1) Sicherheitsupdate für Windows XP (KB2479943) (Version: 1) Sicherheitsupdate für Windows XP (KB2481109) (Version: 1) Sicherheitsupdate für Windows XP (KB2483185) (Version: 1) Sicherheitsupdate für Windows XP (KB2485663) (Version: 1) Sicherheitsupdate für Windows XP (KB2506212) (Version: 1) Sicherheitsupdate für Windows XP (KB2507618) (Version: 1) Sicherheitsupdate für Windows XP (KB2507938) (Version: 1) Sicherheitsupdate für Windows XP (KB2508272) (Version: 1) Sicherheitsupdate für Windows XP (KB2508429) (Version: 1) Sicherheitsupdate für Windows XP (KB2509553) (Version: 1) Sicherheitsupdate für Windows XP (KB2510581) (Version: 1) Sicherheitsupdate für Windows XP (KB2535512) (Version: 1) Sicherheitsupdate für Windows XP (KB2536276-v2) (Version: 2) Sicherheitsupdate für Windows XP (KB2544893-v2) (Version: 2) Sicherheitsupdate für Windows XP (KB2562937) (Version: 1) Sicherheitsupdate für Windows XP (KB2566454) (Version: 1) Sicherheitsupdate für Windows XP (KB2567053) (Version: 1) Sicherheitsupdate für Windows XP (KB2567680) (Version: 1) Sicherheitsupdate für Windows XP (KB2570222) (Version: 1) Sicherheitsupdate für Windows XP (KB2570947) (Version: 1) Sicherheitsupdate für Windows XP (KB2584146) (Version: 1) Sicherheitsupdate für Windows XP (KB2585542) (Version: 1) Sicherheitsupdate für Windows XP (KB2592799) (Version: 1) Sicherheitsupdate für Windows XP (KB2598479) (Version: 1) Sicherheitsupdate für Windows XP (KB2603381) (Version: 1) Sicherheitsupdate für Windows XP (KB2618451) (Version: 1) Sicherheitsupdate für Windows XP (KB2619339) (Version: 1) Sicherheitsupdate für Windows XP (KB2620712) (Version: 1) Sicherheitsupdate für Windows XP (KB2621440) (Version: 1) Sicherheitsupdate für Windows XP (KB2624667) (Version: 1) Sicherheitsupdate für Windows XP (KB2631813) (Version: 1) Sicherheitsupdate für Windows XP (KB2633171) (Version: 1) Sicherheitsupdate für Windows XP (KB2639417) (Version: 1) Sicherheitsupdate für Windows XP (KB2641653) (Version: 1) Sicherheitsupdate für Windows XP (KB2646524) (Version: 1) Sicherheitsupdate für Windows XP (KB2647518) (Version: 1) Sicherheitsupdate für Windows XP (KB2653956) (Version: 1) Sicherheitsupdate für Windows XP (KB2655992) (Version: 1) Sicherheitsupdate für Windows XP (KB2659262) (Version: 1) Sicherheitsupdate für Windows XP (KB2660465) (Version: 1) Sicherheitsupdate für Windows XP (KB2661637) (Version: 1) Sicherheitsupdate für Windows XP (KB2676562) (Version: 1) Sicherheitsupdate für Windows XP (KB2685939) (Version: 1) Sicherheitsupdate für Windows XP (KB2686509) (Version: 1) Sicherheitsupdate für Windows XP (KB2691442) (Version: 1) Sicherheitsupdate für Windows XP (KB2695962) (Version: 1) Sicherheitsupdate für Windows XP (KB2698365) (Version: 1) Sicherheitsupdate für Windows XP (KB2705219) (Version: 1) Sicherheitsupdate für Windows XP (KB2707511) (Version: 1) Sicherheitsupdate für Windows XP (KB2709162) (Version: 1) Sicherheitsupdate für Windows XP (KB2712808) (Version: 1) Sicherheitsupdate für Windows XP (KB2718523) (Version: 1) Sicherheitsupdate für Windows XP (KB2719985) (Version: 1) Sicherheitsupdate für Windows XP (KB2723135) (Version: 1) Sicherheitsupdate für Windows XP (KB2724197) (Version: 1) Sicherheitsupdate für Windows XP (KB2727528) (Version: 1) Sicherheitsupdate für Windows XP (KB2731847) (Version: 1) Sicherheitsupdate für Windows XP (KB2753842) (Version: 1) Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2) Sicherheitsupdate für Windows XP (KB2757638) (Version: 1) Sicherheitsupdate für Windows XP (KB2758857) (Version: 1) Sicherheitsupdate für Windows XP (KB2761226) (Version: 1) Sicherheitsupdate für Windows XP (KB2770660) (Version: 1) Sicherheitsupdate für Windows XP (KB2778344) (Version: 1) Sicherheitsupdate für Windows XP (KB2779030) (Version: 1) Sicherheitsupdate für Windows XP (KB2780091) (Version: 1) Sicherheitsupdate für Windows XP (KB2799494) (Version: 1) Sicherheitsupdate für Windows XP (KB2802968) (Version: 1) Sicherheitsupdate für Windows XP (KB2807986) (Version: 1) Sicherheitsupdate für Windows XP (KB2808735) (Version: 1) Sicherheitsupdate für Windows XP (KB2813170) (Version: 1) Sicherheitsupdate für Windows XP (KB2813345) (Version: 1) Sicherheitsupdate für Windows XP (KB2820197) (Version: 1) Sicherheitsupdate für Windows XP (KB2820917) (Version: 1) Sicherheitsupdate für Windows XP (KB2829361) (Version: 1) Sicherheitsupdate für Windows XP (KB2834886) (Version: 1) Sicherheitsupdate für Windows XP (KB2839229) (Version: 1) Sicherheitsupdate für Windows XP (KB2845187) (Version: 1) Sicherheitsupdate für Windows XP (KB2849470) (Version: 1) Sicherheitsupdate für Windows XP (KB2850851) (Version: 1) Sicherheitsupdate für Windows XP (KB2850869) (Version: 1) Sicherheitsupdate für Windows XP (KB2859537) (Version: 1) Sicherheitsupdate für Windows XP (KB923561) (Version: 1) Sicherheitsupdate für Windows XP (KB923689) Sicherheitsupdate für Windows XP (KB941569) Sicherheitsupdate für Windows XP (KB946648) (Version: 1) Sicherheitsupdate für Windows XP (KB950762) (Version: 1) Sicherheitsupdate für Windows XP (KB950974) (Version: 1) Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2) Sicherheitsupdate für Windows XP (KB952004) (Version: 1) Sicherheitsupdate für Windows XP (KB952954) (Version: 1) Sicherheitsupdate für Windows XP (KB954459) (Version: 1) Sicherheitsupdate für Windows XP (KB956572) (Version: 1) Sicherheitsupdate für Windows XP (KB956744) (Version: 1) Sicherheitsupdate für Windows XP (KB956802) (Version: 1) Sicherheitsupdate für Windows XP (KB956844) (Version: 1) Sicherheitsupdate für Windows XP (KB958644) (Version: 1) Sicherheitsupdate für Windows XP (KB959426) (Version: 1) Sicherheitsupdate für Windows XP (KB960803) (Version: 1) Sicherheitsupdate für Windows XP (KB960859) (Version: 1) Sicherheitsupdate für Windows XP (KB961501) (Version: 1) Sicherheitsupdate für Windows XP (KB969059) (Version: 1) Sicherheitsupdate für Windows XP (KB970430) (Version: 1) Sicherheitsupdate für Windows XP (KB971657) (Version: 1) Sicherheitsupdate für Windows XP (KB972270) (Version: 1) Sicherheitsupdate für Windows XP (KB973507) (Version: 1) Sicherheitsupdate für Windows XP (KB973869) (Version: 1) Sicherheitsupdate für Windows XP (KB973904) (Version: 1) Sicherheitsupdate für Windows XP (KB974112) (Version: 1) Sicherheitsupdate für Windows XP (KB974318) (Version: 1) Sicherheitsupdate für Windows XP (KB974392) (Version: 1) Sicherheitsupdate für Windows XP (KB974571) (Version: 1) Sicherheitsupdate für Windows XP (KB975025) (Version: 1) Sicherheitsupdate für Windows XP (KB975467) (Version: 1) Sicherheitsupdate für Windows XP (KB975560) (Version: 1) Sicherheitsupdate für Windows XP (KB975562) (Version: 1) Sicherheitsupdate für Windows XP (KB975713) (Version: 1) Sicherheitsupdate für Windows XP (KB977816) (Version: 1) Sicherheitsupdate für Windows XP (KB977914) (Version: 1) Sicherheitsupdate für Windows XP (KB978338) (Version: 1) Sicherheitsupdate für Windows XP (KB978542) (Version: 1) Sicherheitsupdate für Windows XP (KB978601) (Version: 1) Sicherheitsupdate für Windows XP (KB978706) (Version: 1) Sicherheitsupdate für Windows XP (KB979309) (Version: 1) Sicherheitsupdate für Windows XP (KB979482) (Version: 1) Sicherheitsupdate für Windows XP (KB979687) (Version: 1) Sicherheitsupdate für Windows XP (KB980436) (Version: 1) Sicherheitsupdate für Windows XP (KB981322) (Version: 1) Sicherheitsupdate für Windows XP (KB981997) (Version: 1) Sicherheitsupdate für Windows XP (KB982132) (Version: 1) Sicherheitsupdate für Windows XP (KB982665) (Version: 1) Skype Click to Call (Version: 6.3.11079) Skype™ 6.3 (Version: 6.3.105) Sonic DLA (Version: 5.2.0) Sonic Express Labeler (Version: 2.1.0) Sonic Icons for Lenovo (Version: 1.0.2) Sonic Update Manager (Version: 3.0.0) SoundMAX (Version: 5.10.01.5370) System Migration Assistant (Version: 5.20.0033) System Update (Version: 3.00.0022) ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 5.1.0.3100) ThinkPad Energie-Manager (Version: 1.14) ThinkPad FullScreen Magnifier (Version: 1.16) ThinkPad Modem (Version: 7.62.00) ThinkPad PC Card Power Policy (Version: 1.02) ThinkPad Power Management Driver (Version: 1.42) ThinkPad UltraNav Driver (Version: 7.5.17.20) ThinkPad-Dienstprogramm 'EasyEject' (Version: 2.31) ThinkVantage Access Connections (Version: 4.40) ThinkVantage Fingerprint Software 5.6 (Version: 5.6.1.3425) ThinkVantage Productivity Center (Version: 2.02) ThinkVantage System für aktiven Festplattenschutz (Version: 1.52) ThinkVantage Technologies Welcome Message (Version: 1.18) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update für Windows XP (KB2345886) (Version: 1) Update für Windows XP (KB2541763) (Version: 1) Update für Windows XP (KB2641690) (Version: 1) Update für Windows XP (KB2661254-v2) (Version: 2) Update für Windows XP (KB2718704) (Version: 1) Update für Windows XP (KB2736233) (Version: 1) Update für Windows XP (KB2749655) (Version: 1) Update für Windows XP (KB2863058) (Version: 1) Update für Windows XP (KB951978) (Version: 1) Update für Windows XP (KB955759) (Version: 1) Update für Windows XP (KB968389) (Version: 1) Update für Windows XP (KB971029) (Version: 1) Update für Windows XP (KB971737) (Version: 1) Update für Windows XP (KB973687) (Version: 1) Update für Windows XP (KB973815) (Version: 1) VLC media player 1.1.11 (Version: 1.1.11) Wallpapers WebFldrs XP (Version: 9.50.7523) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0) Windows Internet Explorer 7 (Version: 20061107.210142) Windows Live Toolbar (Version: 03.01.0130) Windows Media Connect Windows Media Format Runtime Windows XP Service Pack 3 (Version: 20080414.031514) Windows-Treiberpaket - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (Version: 11/14/2006 6.00.01.04) WinRAR 4.01 (32-Bit) (Version: 4.01.0) XP Themes (Version: 1.00.0000) ==================== Restore Points ========================= 09-06-2013 13:14:16 Systemprüfpunkt 09-06-2013 20:13:01 Software Distribution Service 3.0 11-06-2013 13:43:12 Systemprüfpunkt 12-06-2013 18:36:20 Software Distribution Service 3.0 12-06-2013 22:33:03 Software Distribution Service 3.0 14-06-2013 05:49:44 Systemprüfpunkt 15-06-2013 19:06:06 Software Distribution Service 3.0 20-06-2013 17:23:40 Software Distribution Service 3.0 22-06-2013 16:49:04 Software Distribution Service 3.0 24-06-2013 10:37:23 Systemprüfpunkt 25-06-2013 18:06:57 Software Distribution Service 3.0 27-06-2013 19:07:23 Software Distribution Service 3.0 29-06-2013 18:15:53 Systemprüfpunkt 02-07-2013 09:06:52 Systemprüfpunkt 03-07-2013 19:04:29 Software Distribution Service 3.0 04-07-2013 19:15:40 Software Distribution Service 3.0 06-07-2013 17:57:45 Software Distribution Service 3.0 07-07-2013 21:02:34 Software Distribution Service 3.0 08-07-2013 05:47:41 Software Distribution Service 3.0 08-07-2013 20:50:41 Software Distribution Service 3.0 10-07-2013 06:05:52 Software Distribution Service 3.0 11-07-2013 08:06:31 Software Distribution Service 3.0 11-07-2013 18:23:42 Software Distribution Service 3.0 11-07-2013 19:15:26 Software Distribution Service 3.0 12-07-2013 18:30:08 Software Distribution Service 3.0 13-07-2013 14:34:28 Software Distribution Service 3.0 15-07-2013 18:43:56 Software Distribution Service 3.0 16-07-2013 19:37:52 Software Distribution Service 3.0 18-07-2013 05:59:25 Software Distribution Service 3.0 19-07-2013 06:10:44 Software Distribution Service 3.0 20-07-2013 11:16:46 Software Distribution Service 3.0 21-07-2013 17:37:54 Software Distribution Service 3.0 23-07-2013 21:44:29 Software Distribution Service 3.0 25-07-2013 12:35:22 Software Distribution Service 3.0 26-07-2013 13:14:21 Systemprüfpunkt 26-07-2013 18:26:53 Software Distribution Service 3.0 27-07-2013 18:42:59 Software Distribution Service 3.0 28-07-2013 19:30:32 Systemprüfpunkt 29-07-2013 06:54:45 Software Distribution Service 3.0 30-07-2013 07:51:50 Software Distribution Service 3.0 31-07-2013 11:40:52 Systemprüfpunkt 01-08-2013 06:43:56 Software Distribution Service 3.0 02-08-2013 10:12:03 Systemprüfpunkt 02-08-2013 13:20:34 Software Distribution Service 3.0 03-08-2013 13:28:58 Software Distribution Service 3.0 04-08-2013 21:38:42 Systemprüfpunkt 05-08-2013 06:27:03 Software Distribution Service 3.0 06-08-2013 06:35:46 Systemprüfpunkt 08-08-2013 18:34:46 Software Distribution Service 3.0 10-08-2013 06:02:40 Systemprüfpunkt 10-08-2013 13:51:07 Software Distribution Service 3.0 11-08-2013 19:35:01 Software Distribution Service 3.0 12-08-2013 19:39:03 Software Distribution Service 3.0 13-08-2013 21:43:38 Software Distribution Service 3.0 14-08-2013 16:35:24 Software Distribution Service 3.0 15-08-2013 16:58:09 Systemprüfpunkt 17-08-2013 08:15:37 Systemprüfpunkt 17-08-2013 16:29:06 Software Distribution Service 3.0 31-08-2013 15:54:23 Software Distribution Service 3.0 31-08-2013 20:53:36 Software Distribution Service 3.0 01-09-2013 19:57:12 Software Distribution Service 3.0 03-09-2013 18:02:25 Systemprüfpunkt 04-09-2013 05:47:59 Software Distribution Service 3.0 06-09-2013 05:38:33 Software Distribution Service 3.0 07-09-2013 12:20:27 Software Distribution Service 3.0 ==================== Hosts content: ========================== 2006-01-27 03:01 - 2004-08-04 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe Task: C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job => C:\Programme\Windows Live Toolbar\MSNTBUP.EXE Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005Core.job => C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005UA.job => C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Programme\Microsoft Security Client\MpCmdRun.exe Task: C:\WINDOWS\Tasks\PMTask.job => C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE Task: C:\WINDOWS\Tasks\SpeedyPC Pro.job => C:\Programme\SpeedyPC Software\SpeedyPC\SpeedyPC.exe Task: C:\WINDOWS\Tasks\SpeedyPC Registration3.job => C:\Programme\Gemeinsame Dateien\SpeedyPC Software\UUS3\UUS3.dll Task: C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job => C:\Programme\Gemeinsame Dateien\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe Task: C:\WINDOWS\Tasks\SpeedyPC Update Version3.job => C:\Programme\Gemeinsame Dateien\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe ==================== Loaded Modules (whitelisted) ============= 2006-01-27 03:01 - 2008-04-14 08:51 - 00177152 ____N (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime 2011-10-05 15:40 - 2007-03-27 19:51 - 00032768 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll 2011-10-05 15:40 - 2007-03-27 19:43 - 00143360 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcSvcStub.dll 2011-10-05 15:40 - 2007-03-27 19:41 - 00176128 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcLocSettings.dll 2011-10-05 15:40 - 2007-03-27 19:41 - 00086016 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACHelper.dll 2007-03-14 22:17 - 2007-03-14 22:17 - 00089600 ____N (UPEK Inc.) C:\WINDOWS\system32\psqlpwd.dll 2007-03-14 22:17 - 2007-03-14 22:17 - 01119744 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\homefus2.dll 2007-03-14 21:49 - 2007-03-14 21:49 - 00292352 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\infra.dll 2007-03-14 22:11 - 2007-03-14 22:11 - 03079168 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\homepass.dll 2007-03-14 22:10 - 2007-03-14 22:10 - 02307072 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\bio.dll 2007-03-14 22:19 - 2007-03-14 22:19 - 00033792 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\ps2css.dll 2007-03-14 21:49 - 2007-03-14 21:49 - 00792064 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\remote.dll 2007-03-30 10:39 - 2006-12-14 04:06 - 00028672 ____N () C:\Programme\Lenovo\HOTKEY\tphklock.dll 2007-03-14 22:19 - 2007-03-14 22:19 - 00234000 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\pscssint.dll 2007-03-14 21:51 - 2007-03-14 21:51 - 00114688 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\basegui.dll 2007-03-14 21:50 - 2007-03-14 21:50 - 00349696 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\crypto.dll 2007-03-14 22:15 - 2007-03-14 22:15 - 00064000 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\biokmd.dll 2007-03-14 22:12 - 2007-03-14 22:12 - 00270336 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\tpmkey.dll 2007-03-14 22:15 - 2007-03-14 22:15 - 00041472 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\ibmcore.dll 2007-03-30 10:39 - 2006-09-06 09:37 - 00034344 ____N () C:\Programme\Lenovo\HOTKEY\notifyf2.dll 2011-10-05 15:40 - 2007-03-27 19:51 - 00233472 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACGina.dll 2011-10-05 15:40 - 2007-03-27 19:43 - 00602112 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACON.dll 2011-10-05 15:40 - 2007-03-27 19:42 - 00151552 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgr.dll 2011-10-05 15:40 - 2007-03-27 19:41 - 00450560 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcCryptHlpr.dll 2011-10-05 15:40 - 2007-03-27 19:42 - 00010240 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACTurinSupport.dll 2011-10-05 15:40 - 2007-03-20 19:51 - 00086016 ____N (Lenovo) C:\Programme\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll 2011-10-05 15:40 - 2007-03-27 19:43 - 00106496 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll 2013-09-07 14:20 - 2013-08-06 09:28 - 07166848 _____ (Microsoft Corporation) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{2E2529A9-6CEE-4A2E-B324-B6F9F2EB570D}\mpengine.dll 2013-09-07 16:24 - 2013-09-07 16:24 - 00060872 _____ (Microsoft Corporation) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{2E2529A9-6CEE-4A2E-B324-B6F9F2EB570D}\offreg.dll 2007-03-06 16:40 - 2007-03-06 16:40 - 00118784 ____N () C:\Programme\Intel\Wireless\Bin\IWMSPROV.DLL 2012-08-03 21:52 - 2012-08-03 21:52 - 00362488 ____N (Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommoncrypt.dll 2012-08-03 21:52 - 2012-08-03 21:52 - 01095160 ____N (Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommon.dll 2012-08-03 21:52 - 2012-08-03 21:52 - 00574456 ____N (Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagentutilities.dll 2012-08-03 21:52 - 2012-08-03 21:52 - 01041912 ____N (Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll 2012-08-03 21:42 - 2012-08-03 21:42 - 00092152 ____R (Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\ac_sock_fltr_api.dll 2012-08-03 21:53 - 2012-08-03 21:53 - 00105464 ____N (Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\Plugins\acfeedback.dll 2012-08-03 21:53 - 2012-08-03 21:53 - 00062968 ____N () C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2007-02-27 17:28 - 2007-02-27 17:28 - 00114688 ____N (Broadcom Corporation.) C:\WINDOWS\system32\bthcrp.dll 2007-02-27 17:10 - 2007-02-27 17:10 - 00581632 ____N (Broadcom Corporation.) C:\WINDOWS\system32\WidcommSdk.dll 2007-02-27 17:11 - 2007-02-27 17:11 - 00491581 ____N (Broadcom Corporation.) C:\WINDOWS\system32\wbtapi.dll 2011-12-20 21:03 - 2010-06-28 16:07 - 00069632 ____N (KYOCERA MITA Corporation) C:\WINDOWS\system32\KMPJLMN.DLL 2011-12-14 11:43 - 2008-07-06 14:06 - 00089088 ____N (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll 2007-03-02 14:15 - 2006-11-06 10:25 - 00108072 ____N (Lenovo Group Limited) C:\WINDOWS\system32\PROCHLP.DLL 2007-03-02 14:15 - 2007-01-30 05:04 - 00202288 ____N (Lenovo Group Limited) C:\Programme\Lenovo\AwayTask\AwayDB.DLL 2011-10-05 15:40 - 2007-03-27 19:46 - 00114688 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcLocMigrator.dll 2011-10-05 15:40 - 2007-03-27 19:44 - 00098304 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ThinQCon.dll 2006-05-23 21:07 - 2006-05-23 21:07 - 00204878 ____N (Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkLib.dll 2005-05-06 16:33 - 2005-05-06 16:33 - 00090112 ____N (Executive Software International, Inc.) C:\Programme\Diskeeper Corporation\Diskeeper\Tab.dll 2006-05-18 16:13 - 2006-05-18 16:13 - 00028672 ____N (Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\GetFATExtents.dll 2006-06-09 13:33 - 2006-06-09 13:33 - 00794624 ____N (Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\1031\DkRes.dll 2006-05-18 16:20 - 2006-05-18 16:20 - 00090206 ____N (Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkTabProvider.dll 2006-01-27 04:14 - 2008-04-14 08:52 - 00088576 ____N (Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiaprpl.dll 2013-07-11 21:49 - 2013-07-11 21:49 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e76c7e37\mscorlib.dll 2013-07-11 21:47 - 2013-07-11 21:47 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3506e1c3\system.dll 2006-12-15 16:50 - 2006-12-15 16:50 - 00042560 ____N ( ) c:\programme\lenovo\system update\tvsuservicecommon.dll 2007-02-08 13:04 - 2007-02-08 13:04 - 00054272 ____N (Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\zlib.dll 2007-02-08 13:05 - 2007-02-08 13:05 - 00774144 ____N (Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\ui.dll 2007-02-08 12:59 - 2007-02-08 12:59 - 00139264 ____N () C:\Programme\Lenovo\Rescue and Recovery\CDRecord.dll 2007-02-08 13:04 - 2007-02-08 13:04 - 01691648 ____N (Lenovo Limited Group Corporation) C:\Programme\Lenovo\Rescue and Recovery\rr_res.dll 2011-10-05 15:40 - 2007-03-27 19:44 - 00466944 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcSvcHlpr.dll 2011-10-05 15:40 - 2007-03-20 19:51 - 00081920 ____N (IBM Corp.) C:\Programme\ThinkPad\ConnectUtilities\ANCA.dll 2011-10-05 15:40 - 2007-03-20 19:51 - 00057344 ____N (IBM Corp.) C:\Programme\ThinkPad\ConnectUtilities\ANC.dll 2011-10-05 15:40 - 2007-03-27 19:48 - 00221184 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACGolan.DLL 2007-01-30 17:49 - 2007-01-30 17:49 - 00009216 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\csscsp.dll 2007-01-30 18:54 - 2007-01-30 18:54 - 01447488 ____N (Lenovo Group Limited) C:\WINDOWS\system32\cspcore.dll 2007-01-30 18:53 - 2007-01-30 18:53 - 00800320 ____N (Lenovo Group Limited) C:\WINDOWS\system32\cssuserdatadispatcher.dll 2007-01-30 18:45 - 2007-01-30 18:45 - 00386624 ____N (Lenovo) C:\WINDOWS\system32\tvttsp.dll 2007-01-30 18:45 - 2007-01-30 18:45 - 00665152 ____N (Lenovo) C:\WINDOWS\system32\tcsrpc.dll 2006-01-27 04:14 - 2008-04-14 08:24 - 00007680 ____N (Microsoft Corporation) C:\WINDOWS\system32\wbem\WMIApRes.dll 2006-01-27 04:14 - 2008-04-14 08:52 - 00144896 ____N (Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprov.dll 2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\DropboxExt.19.dll 2011-10-05 15:24 - 2006-02-14 07:17 - 00065536 ____N (Synaptics, Inc.) C:\WINDOWS\system32\SynTPFcs.dll 2011-10-05 15:26 - 2006-12-19 18:14 - 00159744 ____N (Lenovo Group Limited) C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL 2011-10-05 15:26 - 2006-12-19 18:14 - 00045056 ____N () C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL 2011-10-05 15:26 - 2006-12-19 18:14 - 00073728 ____N () C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL 2007-03-02 17:50 - 2007-03-02 17:50 - 00020528 ____N (Lenovo.) C:\WINDOWS\system32\Sensor.dll 2007-02-27 17:48 - 2007-02-27 17:48 - 00077824 ____N (Broadcom Corporation.) C:\WINDOWS\system32\btmmhook.dll 2011-01-17 17:19 - 2011-01-17 17:19 - 00420864 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll 2011-10-05 15:35 - 2006-02-02 05:20 - 00110652 ____N (Sonic Solutions) C:\WINDOWS\System32\DLA\DLASHX_W.DLL 2011-10-05 15:35 - 2006-02-02 05:20 - 00061500 ____N (Sonic Solutions) C:\WINDOWS\system32\DLAAPI_W.DLL 2011-10-05 15:35 - 2006-02-02 05:20 - 00639040 ____N (Sonic Solutions) C:\WINDOWS\System32\DLA\DLACResW.dll 2011-12-20 21:12 - 2011-05-28 23:04 - 00140288 _____ () C:\Programme\WinRAR\rarext.dll 2011-10-05 15:40 - 2007-03-27 19:46 - 00958464 ____N (Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACGUIHlpr.dll 2011-10-05 15:40 - 2007-03-30 21:52 - 00040448 ____N (Lenovo) C:\Programme\ThinkPad\ConnectUtilities\Res\GR\GUIHlprRes.dll 2011-10-05 15:40 - 2007-03-30 21:51 - 00031744 ____N (Lenovo) C:\Programme\ThinkPad\ConnectUtilities\Res\GR\SvcHlprRes.dll 2011-10-05 15:24 - 2006-02-14 07:09 - 00073728 ____N (Synaptics, Inc.) C:\WINDOWS\system32\SynCOM.dll 2011-10-05 15:24 - 2006-02-14 07:08 - 00094208 ____N (Synaptics, Inc.) C:\WINDOWS\system32\SynTPAPI.dll 2006-01-27 04:16 - 2012-06-02 15:19 - 00219160 ____N (Microsoft Corporation) C:\WINDOWS\system32\wuaucpl.cpl 2011-10-05 15:27 - 2007-03-28 20:02 - 00095792 ____N (LENOVO) C:\Programme\Lenovo\NPDIRECT\Oemdspif.dll 2011-10-05 15:27 - 2007-03-28 20:02 - 00235056 ____N () C:\Programme\Lenovo\NPDIRECT\tpfnf7.dll 2007-03-30 10:39 - 2006-11-10 06:26 - 00030256 ____N () C:\Programme\Lenovo\HOTKEY\TPOSDSVC.dll 2007-03-30 10:39 - 2007-01-25 08:25 - 00069720 ____N () C:\Programme\Lenovo\HOTKEY\hkvolkey.dll 2007-03-29 18:41 - 2007-03-29 18:41 - 00095792 ____N (Lenovo.) C:\Programme\ThinkPad\TpShocks\MUI\0407\TpShocks.dll 2011-10-05 15:27 - 2007-03-07 19:31 - 00063024 ____N () C:\Programme\ThinkPad\Utilities\GR\EZMAPRES.DLL 2007-03-19 03:43 - 2007-03-07 08:55 - 00303104 ____N (Analog Devices, Inc.) C:\Programme\Analog Devices\Core\SMWDMIF.dll 2007-02-08 12:59 - 2007-02-08 12:59 - 00139264 ____N () C:\Programme\Gemeinsame Dateien\Lenovo\CDRecord.dll 2007-02-08 13:04 - 2007-02-08 13:04 - 01691648 ____N (Lenovo Limited Group Corporation) C:\Programme\Gemeinsame Dateien\Lenovo\rr_res.dll 2007-03-02 14:15 - 2006-11-07 12:51 - 00083496 ____N (Lenovo Group Limited) C:\Programme\Lenovo\AwayTask\AwayAPI.dll 2011-10-05 15:36 - 2007-03-22 19:02 - 00063024 ____N () C:\Programme\ThinkVantage\PrdCtr\GR\LPRESMGR.DLL 2011-10-05 15:40 - 2007-03-30 21:51 - 00009728 ____N (Lenovo) C:\Programme\ThinkPad\ConnectUtilities\Res\GR\TrayRes.dll 2011-10-05 15:36 - 2007-01-08 22:00 - 00161328 ____N (LENOVO) C:\Programme\ThinkVantage\AMSG\AHLPRUNL.dll 2011-10-05 15:40 - 2007-03-30 21:52 - 00106496 ____N (Lenovo) C:\Programme\ThinkPad\ConnectUtilities\Res\GR\IconRes.dll 2007-01-30 18:54 - 2007-01-30 18:54 - 01910336 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\csswait.dll 2007-01-30 18:54 - 2007-01-30 18:54 - 00714304 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\css_banner.dll 2007-01-30 18:54 - 2007-01-30 18:54 - 01410624 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\cssdlgpwentry.dll 2007-01-30 18:53 - 2007-01-30 18:53 - 01222208 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\dlganswerprompt.dll 2007-01-30 18:21 - 2007-01-30 18:21 - 01642496 ____N (Apache Software Foundation) C:\Programme\Gemeinsame Dateien\Lenovo\xml4c_5_5.dll 2007-01-30 18:21 - 2007-01-30 18:21 - 00610304 ____N (IBM Corporation and others) C:\Programme\Gemeinsame Dateien\Lenovo\icuuc32.dll 2007-01-30 18:21 - 2007-01-30 18:21 - 09805824 ____N (IBM Corporation and others) C:\Programme\Gemeinsame Dateien\Lenovo\icudt32.dll 2007-01-30 18:21 - 2007-01-30 18:21 - 00110592 ____N () C:\Programme\Gemeinsame Dateien\Lenovo\XML4CMessages5_5.DLL 2007-01-30 18:37 - 2007-01-30 18:37 - 00067136 ____N (Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_think_res.dll 2007-01-30 18:54 - 2007-01-30 18:54 - 05211712 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\css_think_res.dll 2007-01-30 18:53 - 2007-01-30 18:53 - 02709056 ____N (Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\css_strings.dll 2007-03-14 22:20 - 2007-03-14 22:20 - 00057856 ____N (UPEK Inc.) C:\Programme\ThinkVantage Fingerprint Software\VTI.DLL 2012-10-24 19:49 - 2013-03-20 14:38 - 00057384 _____ (Geek Software GmbH) C:\Programme\PDF24\Settings.dll 2012-10-24 19:49 - 2013-03-20 14:38 - 00395304 _____ (Geek Software GmbH) C:\Programme\PDF24\NotifyIcon.dll 2012-10-24 19:49 - 2013-03-20 14:38 - 00047144 _____ (Geek Software GmbH) C:\Programme\PDF24\Language.dll 2012-10-24 19:49 - 2013-03-20 14:38 - 00382504 _____ (Geek Software GmbH) C:\Programme\PDF24\About.dll 2006-01-27 03:01 - 2008-04-14 08:52 - 00014336 ____N () C:\WINDOWS\system32\msdmo.dll 2007-02-27 17:26 - 2007-02-27 17:26 - 00122880 ____N (Broadcom Corporation.) C:\WINDOWS\system32\btosif.dll 2007-02-27 17:40 - 2007-02-27 17:40 - 00229376 ____N (Broadcom Corporation.) C:\WINDOWS\system32\btwhidcs.DLL 2007-02-27 17:18 - 2007-02-27 10:57 - 03190784 ____N (Broadcom Corporation.) C:\WINDOWS\system32\btrez.dll 2007-02-27 17:48 - 2007-02-27 17:48 - 02842624 ____N () C:\WINDOWS\system32\btwicons.dll 2007-02-27 17:45 - 2007-02-27 17:45 - 00053248 ____N () C:\Programme\ThinkPad\Bluetooth Software\btkeyind.dll 2011-10-05 15:28 - 2006-09-21 16:11 - 00024576 ____N (BVRP Software) C:\Programme\Digital Line Detect\BVRPDIAG.dll 2007-03-14 11:40 - 2006-06-19 07:26 - 00094208 ____N (Conexant) C:\WINDOWS\system32\MdmXSdk.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\icudt.dll 2012-09-09 18:29 - 2012-09-09 18:29 - 00813536 ____N (sqlite.org) C:\Programme\Mozilla Firefox\mozsqlite3.dll 2012-09-09 18:29 - 2012-09-09 18:29 - 02244064 ____N () C:\Programme\Mozilla Firefox\mozjs.dll 2011-12-11 23:56 - 2011-12-11 23:56 - 08527008 ____N () C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll 2004-07-27 16:50 - 2004-07-27 16:50 - 00385024 ____N (InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\_ispmres.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 01740800 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\sal3.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00086016 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\uwinapi.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 00379904 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\sofficeapp.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 01033728 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\comphelp4MSC.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00432128 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00013312 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\salhelper3MSC.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00142848 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\cppu3.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00597504 ____N (STLport Consulting, Inc.) C:\Programme\OpenOffice.org 3\URE\bin\stlport_vc7145.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00358912 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ucbhelper4MSC.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00094208 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\vos3MSC.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00135680 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\deploymentmiscmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00832000 ____N (Oracle) C:\Programme\OpenOffice.org 3\program\libdb47.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00529408 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\tlmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00700928 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\basegfxmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00026112 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\i18nisolang1MSC.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00958464 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\utlmi.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00531456 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\xcrmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 03234816 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\sfxmi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00869888 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\fwemi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00311296 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\fwimi.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 02863616 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\svtmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 02186752 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\tkmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 03266560 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\vclmi.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00256000 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\sotmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00029184 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\i18npapermi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00066560 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\i18nutilMSC.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00951296 ____N (IBM Corporation and others) C:\Programme\OpenOffice.org 3\program\icuuc40.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 13914112 ____N (IBM Corporation and others) C:\Programme\OpenOffice.org 3\program\icudt40.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00777216 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\svlmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00092160 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\jvmfwk3.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00985088 ____N () C:\Programme\OpenOffice.org 3\program\libxml2.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 01577984 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\sbmi.dll 2010-11-19 13:42 - 2010-11-19 13:42 - 00083456 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\saxmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00051712 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\msci_uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00452608 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\bootstrap.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00092672 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\reg3.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00053248 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\store3.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00396800 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\configmgr.uno.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00024064 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\localebe1.uno.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00092672 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\stocservices.uno.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00195072 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\splmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 01317376 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\i18npool.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 01071616 ____N (IBM Corporation and others) C:\Programme\OpenOffice.org 3\program\icuin40.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00212992 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ucb1.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 01649152 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\fwkmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00257024 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ucpfile1.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00083968 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\oooimprovementmi.dll 2011-01-06 18:50 - 2011-12-11 23:50 - 00186880 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\filterconfig1.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 02524672 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\svxmi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 01457152 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\editengmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 02967552 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\xomi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00991744 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\lngmi.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 05470208 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\svxcoremi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00211456 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\avmediami.dll 2011-01-17 17:18 - 2011-12-11 23:50 - 01026560 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\drawinglayermi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00503296 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\canvastoolsmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00129024 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\aggmi.dll 2011-01-17 17:18 - 2011-12-11 23:50 - 00285184 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\cppcanvasmi.dll 2011-01-06 18:51 - 2011-12-11 23:50 - 00282112 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\package2.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00115200 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\dnd.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00103936 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\localedata_en.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00226304 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\uuimi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 07884800 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\swmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00051712 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\fileacc.dll 2011-01-06 18:51 - 2011-12-11 23:50 - 00054784 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\swdmi.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00346112 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\xstor.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00156672 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\sax.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00098816 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\reflection.uno.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 00174080 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\updchk.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00180224 ____N (The cURL library, hxxp://curl.haxx.se/) C:\Programme\OpenOffice.org 3\program\libcurl.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00153088 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\unordfmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00099328 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\librdf.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00286208 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\raptor.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00155648 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\rasqal.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00170496 ____N () C:\Programme\OpenOffice.org 3\program\libxslt.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00294400 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\unoxmlmi.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 00211968 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\xmlsecurity.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00106496 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\sysdtrans.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00093696 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\fsstorage.uno.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00542208 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\deploymentmi.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00154624 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\helplinkermi.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00024064 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ucpexpand1.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00098816 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\URE\bin\introspection.uno.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00287232 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\oleautobridge.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00148480 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\emsermi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00050688 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ftransl.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00033280 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\mcnttype.dll 2011-01-17 17:19 - 2011-12-11 23:50 - 00260096 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ucpchelp1.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 00053760 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\updatefeed.uno.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00008192 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\onlinecheck.dll 2010-12-13 17:23 - 2011-12-11 23:50 - 00048128 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\updchkmi.dll 2010-12-13 17:22 - 2011-12-11 23:50 - 00063488 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\resmi.dll 2010-11-19 19:45 - 2011-12-11 23:50 - 00040960 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\dtrans.dll 2010-11-19 19:46 - 2011-12-11 23:50 - 00148992 ____N (OpenOffice.org) C:\Programme\OpenOffice.org 3\program\ucppkg1.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/07/2013 05:07:47 PM) (Source: Application Hang) (User: ) Description: Stillstehende Anwendung soffice.bin, Version 3.3.9556.500, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (09/06/2013 10:24:02 AM) (Source: Application Error) (User: ) Description: Fehlgeschlagene Anwendung acrord32.exe, Version 8.0.0.456, fehlgeschlagenes Modul acrord32.dll, Version 8.0.0.456, Fehleradresse 0x000c8405. Das medienspezifische Ereignis für [acrord32.exe!ws!] wird verarbeitet. Error: (09/03/2013 04:19:31 PM) (Source: PerfNet) (User: ) Description: Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0. Error: (09/03/2013 04:19:31 PM) (Source: PerfNet) (User: ) Description: Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0. Error: (08/17/2013 09:48:39 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL) Error: (08/11/2013 09:34:36 PM) (Source: Application Error) (User: ) Description: Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes Modul mp4vdec.ax, Version 0.8.7.0, Fehleradresse 0x00013658. Das medienspezifische Ereignis für [wmplayer.exe!ws!] wird verarbeitet. Error: (08/05/2013 08:16:07 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL) Error: (08/04/2013 00:01:39 PM) (Source: Application Error) (User: ) Description: Fehlgeschlagene Anwendung acrord32.exe, Version 8.0.0.456, fehlgeschlagenes Modul acrord32.dll, Version 8.0.0.456, Fehleradresse 0x000c8405. Das medienspezifische Ereignis für [acrord32.exe!ws!] wird verarbeitet. Error: (08/01/2013 02:05:45 PM) (Source: Application Error) (User: ) Description: Fehlgeschlagene Anwendung acrord32.exe, Version 8.0.0.456, fehlgeschlagenes Modul acrord32.dll, Version 8.0.0.456, Fehleradresse 0x000c8405. Das medienspezifische Ereignis für [acrord32.exe!ws!] wird verarbeitet. Error: (08/01/2013 00:00:12 PM) (Source: Application Error) (User: ) Description: Fehlgeschlagene Anwendung acrord32.exe, Version 8.0.0.456, fehlgeschlagenes Modul acrord32.dll, Version 8.0.0.456, Fehleradresse 0x000c8405. Das medienspezifische Ereignis für [acrord32.exe!ws!] wird verarbeitet. System errors: ============= Error: (09/07/2013 04:07:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/07/2013 07:33:42 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/06/2013 10:05:51 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/06/2013 09:26:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/06/2013 09:01:07 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/06/2013 06:57:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/06/2013 09:51:28 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/06/2013 07:32:40 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Error: (09/05/2013 10:00:10 PM) (Source: Microsoft Antimalware) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.157.1098.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.2.0223.00 Quellpfad: 4.2.0223.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (09/05/2013 06:24:36 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1811 Microsoft Office Sessions: ========================= Error: (09/07/2013 05:07:47 PM) (Source: Application Hang)(User: ) Description: soffice.bin3.3.9556.500hungapp0.0.0.000000000 Error: (09/06/2013 10:24:02 AM) (Source: Application Error)(User: ) Description: acrord32.exe8.0.0.456acrord32.dll8.0.0.456000c8405 Error: (09/03/2013 04:19:31 PM) (Source: PerfNet)(User: ) Description: Error: (09/03/2013 04:19:31 PM) (Source: PerfNet)(User: ) Description: Error: (08/17/2013 09:48:39 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL) Error: (08/11/2013 09:34:36 PM) (Source: Application Error)(User: ) Description: wmplayer.exe10.0.0.3646mp4vdec.ax0.8.7.000013658 Error: (08/05/2013 08:16:07 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL) Error: (08/04/2013 00:01:39 PM) (Source: Application Error)(User: ) Description: acrord32.exe8.0.0.456acrord32.dll8.0.0.456000c8405 Error: (08/01/2013 02:05:45 PM) (Source: Application Error)(User: ) Description: acrord32.exe8.0.0.456acrord32.dll8.0.0.456000c8405 Error: (08/01/2013 00:00:12 PM) (Source: Application Error)(User: ) Description: acrord32.exe8.0.0.456acrord32.dll8.0.0.456000c8405 ==================== Memory info =========================== Percentage of memory in use: 46% Total physical RAM: 3046.22 MB Available physical RAM: 1617.06 MB Total Pagefile: 4931.79 MB Available Pagefile: 3701.97 MB Total Virtual: 2047.88 MB Available Virtual: 1936.21 MB ==================== Drives ================================ Drive c: (Preload) (Fixed) (Total:461.45 GB) (Free:311.62 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 1CEEEB03) Partition 1: (Active) - (Size=461 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=4 GB) - (Type=12) ==================== End Of Log ============================ Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-07 18:47:25
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9500420AS rev.0002SDM1 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\DOKUME~1\Alex\LOKALE~1\Temp\kwxoifod.sys
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 mouclass.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys
Device mrxsmb.sys
Device 9E692D20
AttachedDevice fltmgr.sys
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Vielen Dank im voraus für die Hilfe! |
|
07.09.2013, 18:13
| #2 |
| /// the machine /// TB-Ausbilder    | Windows XP: 2 infizierte Dateien nach Malwarebytes Scan hi,
__________________Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
07.09.2013, 18:45
| #3 |
| | Windows XP: 2 infizierte Dateien nach Malwarebytes ScanCode:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 07/09/2013 um 19:19:18
# Updated 07/09/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzername : Alex - LENOVO-80D7E2D4
# Gestartet von : C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads\adwcleaner(1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
***** [ Browser ] *****
-\\ Internet Explorer v7.0.6000.21348
-\\ Mozilla Firefox v15.0.1 (de)
[ Datei : C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1781 octets] - [07/09/2013 19:17:02]
AdwCleaner[S0].txt - [1702 octets] - [07/09/2013 19:19:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1762 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Alex on 07.09.2013 at 19:32:22,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\speedypc software
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\mozilla\firefox\profiles\lzbe10s2.default\minidumps [1 files]
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2013 03
Ran by Alex (administrator) on LENOVO-80D7E2D4 on 07-09-2013 19:38:46
Running from C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
(Microsoft Corporation) c:\Programme\Microsoft Security Client\MsMpEng.exe
(Broadcom Corporation.) C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
() C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStatsUpdater.exe
(Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
(Skype Technologies S.A.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
( ) c:\programme\lenovo\system update\suservice.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo.) C:\WINDOWS\System32\TPHDEXLG.exe
(IBM) C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
() C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
() C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
() C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
(Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPLpr.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe
(Lenovo Group Limited) C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\WINDOWS\system32\TpShocks.exe
(Lenovo Group Limited) C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
(Lenovo Group Limited) C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Zoom\TpScrex.exe
(Analog Devices, Inc.) C:\Programme\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
(Sonic Solutions) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(Lenovo Group Limited) C:\Programme\Lenovo\AwayTask\AwaySch.EXE
(Lenovo Group Limited) C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
(LENOVO) C:\Programme\ThinkVantage\AMSG\Amsg.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\cssauth.exe
(Microsoft Corporation) C:\Programme\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Programme\PDF24\pdf24.exe
(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Programme\Digital Line Detect\DLG.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPLpr] - C:\Programme\Synaptics\SynTP\SynTPLpr.exe [110592 2006-02-14] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Programme\Synaptics\SynTP\SynTPEnh.exe [512000 2006-02-14] (Synaptics, Inc.)
HKLM\...\Run: [PWRMGRTR] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [BLOG] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
HKLM\...\Run: [TPFNF7] - C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe [58416 2007-03-28] (Lenovo Group Limited)
HKLM\...\Run: [TPHOTKEY] - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe [66176 2007-03-09] (Lenovo Group Limited)
HKLM\...\Run: [] -
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [181808 2007-03-29] (Lenovo.)
HKLM\...\Run: [EZEJMNAP] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [243248 2007-03-07] (Lenovo Group Limited)
HKLM\...\Run: [SoundMAXPnP] - C:\Programme\Analog Devices\Core\smax4pnp.exe [925696 2007-01-29] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Programme\Analog Devices\SoundMAX\Smax4.exe [749568 2007-01-16] (Analog Devices, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TVT Scheduler Proxy] - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe [536576 2007-02-08] (Lenovo Group Limited)
HKLM\...\Run: [DLA] - C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2006-02-02] (Sonic Solutions)
HKLM\...\Run: [ISUSPM Startup] - C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [AwaySch] - C:\Programme\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [LPManager] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [120368 2007-03-22] (Lenovo Group Limited)
HKLM\...\Run: [AMSG] - C:\Programme\ThinkVantage\AMSG\Amsg.exe [419376 2007-02-01] (LENOVO)
HKLM\...\Run: [DiskeeperSystray] - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe [196696 2006-05-18] (Diskeeper Corporation)
HKLM\...\Run: [ACWLIcon] - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [126976 2007-03-27] (Lenovo )
HKLM\...\Run: [cssauth] - C:\Programme\Lenovo\Client Security Solution\cssauth.exe [2618944 2007-01-30] (Lenovo Group Limited)
HKLM\...\Run: [MSC] - c:\Programme\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM\...\Run: [PDFPrint] - C:\Programme\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
Winlogon\Notify\ACNotify: ACNotify.dll [X]
Winlogon\Notify\psfus: C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\tpfnf2: C:\Programme\Lenovo\HOTKEY\notifyf2.dll [X]
Winlogon\Notify\tphotkey: C:\Programme\Lenovo\HOTKEY\tphklock.dll [X]
HKCU\...\Run: [Google Update] - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [116648 2012-09-04] (Google Inc.)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli psqlpwd ACGina
Startup: C:\Dokumente und Einstellungen\Alex\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
ShortcutTarget: Adobe Reader - Schnellstart.lnk -> C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Programme\Digital Line Detect\DLG.exe (Avanquest Software )
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ColorZillaStats - {59F7FE53-2860-44B1-968A-E54E3E949A07} - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStats.dll (Alex Sirota)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKCU -Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @alternatiff.com/AlternaTIFF - C:\Programme\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: ColorZillaStats - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default\Extensions\stats@colorzilla.com
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Babylon ToolBar) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (AlternaTIFF) - C:\Programme\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
CHR Plugin: (Picasa) - C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (ColorZillaStats) - C:\DOKUME~1\Alex\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cgfambohdeocadlemmdceabhlgccijal\2.7.12_0
CHR Extension: (Chrome In-App Payments service) - C:\DOKUME~1\Alex\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR HKLM\...\Chrome\Extension: [cgfambohdeocadlemmdceabhlgccijal] - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\CHROME\ColorZillaStats.crx
========================== Services (Whitelisted) =================
R2 AcPrfMgrSvc; C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [65536 2007-03-27] (Lenovo )
R2 AcSvc; C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe [180224 2007-03-27] (Lenovo )
R2 btwdins; C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe [266295 2007-02-27] (Broadcom Corporation.)
R2 ColorZillaStatsUpdater; C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStatsUpdater.exe [18432 2012-06-18] ()
R2 Diskeeper; C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe [622700 2006-05-23] (Diskeeper Corporation)
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [643072 2007-03-06] (Intel Corporation)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2007-01-04] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R2 IPSSVC; C:\Windows\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114144 2012-09-09] (Mozilla Foundation)
R2 MsMpSvc; c:\Programme\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-03-06] (Intel Corporation)
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-03-06] (Intel Corporation )
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
R2 SUService; c:\programme\lenovo\system update\suservice.exe [11776 2006-12-15] ( )
R2 ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [644672 2007-01-30] (Lenovo Group Limited)
R2 TSSCoreService; C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe [722496 2007-01-30] (IBM)
R2 TVT Backup Protection Service; C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe [569344 2007-02-08] ()
R2 TVT Backup Service; C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe [950272 2007-02-08] (Lenovo Group Limited)
R2 TVT Scheduler; c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [1118208 2007-02-08] (Lenovo Group Limited)
R2 tvtnetwk; C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056 2007-02-08] ()
R2 vpnagent; C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [537592 2012-08-03] (Cisco Systems, Inc.)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-08-03] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57256 2012-08-03] (Cisco Systems, Inc.)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21425 2011-10-05] (Meetinghouse Data Communications)
R1 ANC; C:\Windows\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.)
R3 atmeltpm; C:\Windows\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [868042 2007-02-27] (Broadcom Corporation.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [67960 2007-01-24] (Broadcom Corporation.)
R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions)
R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions)
R2 DLADResN; C:\Windows\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions)
R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions)
R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions)
R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions)
R1 DLARTL_N; C:\Windows\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions)
R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions)
R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions)
R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions)
S3 G400; C:\Windows\System32\DRIVERS\G400m.sys [322432 2001-08-18] (Matrox Graphics Inc.)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [6016 2006-01-13] ()
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-03-18] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2204672 2007-03-28] (Intel Corporation)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2011-10-05] (Microsoft Corporation)
R2 PROCDD; C:\Windows\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation)
R2 smihlp; C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [11152 2007-03-14] (UPEK Inc.)
R1 TPHKDRV; C:\Windows\System32\DRIVERS\TPHKDRV.sys [17778 2006-10-23] (IBM Corporation)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwrif.sys [4442 2006-12-19] ()
R1 TSMAPIP; C:\Windows\System32\drivers\TSMAPIP.SYS [12848 2007-03-28] ()
R3 TVTPktFilter; C:\Windows\System32\DRIVERS\tvtpktfilter.sys [17664 2007-02-08] (Lenovo Group Limited)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-07 19:26 - 2013-09-07 19:26 - 00001842 _____ C:\Dokumente und Einstellungen\Alex\Desktop\AdwCleaner[S0].txt
2013-09-07 19:16 - 2013-09-07 19:19 - 00000000 ____D C:\AdwCleaner
2013-09-07 18:56 - 2013-09-07 17:42 - 00000470 _____ C:\Dokumente und Einstellungen\Alex\Desktop\defogger_disable.log
2013-09-07 18:47 - 2013-09-07 18:47 - 00000943 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Gmer.txt
2013-09-07 17:50 - 2013-09-07 17:50 - 00059321 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Addition.txt
2013-09-07 17:50 - 2013-09-07 17:50 - 00037255 _____ C:\Dokumente und Einstellungen\Alex\Desktop\FRST.txt
2013-09-07 17:45 - 2013-09-07 17:45 - 00000000 ____D C:\FRST
2013-09-07 16:12 - 2013-09-07 16:12 - 00008339 _____ C:\Dokumente und Einstellungen\Alex\Desktop\log_in_webmail_uni_koeln.odt
2013-09-06 13:51 - 2013-09-06 17:40 - 00014671 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Bibliotheque_Institut_de_France.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Eigene Dateien\adressen-archive-paris.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Desktop\adressen-archive-paris.odt
2013-09-05 22:48 - 2013-09-06 10:22 - 00017619 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brief_SEITA_Altadis_Archiv_Orleans.odt
2013-09-02 21:53 - 2013-09-07 08:45 - 00016893 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brainstorm_artes_jahrbuch_SoSe_2013.odt
2013-08-31 22:53 - 2013-08-31 22:54 - 00004491 _____ C:\WINDOWS\KB2834903-v2.log
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-13 23:56 - 2013-08-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 23:55 - 2013-08-13 23:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 23:54 - 2013-08-13 23:55 - 00013309 _____ C:\WINDOWS\KB2863058.log
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 20:08 - 2013-08-13 23:56 - 00018890 _____ C:\WINDOWS\KB2850869.log
2013-08-13 20:07 - 2013-08-13 23:56 - 00020616 _____ C:\WINDOWS\KB2859537.log
2013-08-13 20:06 - 2013-08-13 23:46 - 00109421 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-10 10:21 - 2013-08-10 23:02 - 00026699 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Noziz.odt
==================== One Month Modified Files and Folders =======
2013-09-07 19:35 - 2013-09-07 19:35 - 00001006 _____ C:\Dokumente und Einstellungen\Alex\Desktop\JRT.txt
2013-09-07 19:33 - 2012-10-02 08:26 - 00000386 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-09-07 19:31 - 2011-10-05 15:30 - 02832960 _____ C:\WINDOWS\system32\TPAPSLOG.LOG
2013-09-07 19:27 - 2013-04-13 08:45 - 00589777 _____ C:\WINDOWS\setupapi.log
2013-09-07 19:27 - 2012-11-26 10:13 - 00000000 ___RD C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Dropbox
2013-09-07 19:27 - 2012-11-26 10:09 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox
2013-09-07 19:26 - 2013-09-07 19:26 - 00001842 _____ C:\Dokumente und Einstellungen\Alex\Desktop\AdwCleaner[S0].txt
2013-09-07 19:26 - 2011-12-14 01:15 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2013-09-07 19:25 - 2011-10-05 15:26 - 00000316 _____ C:\WINDOWS\Tasks\PMTask.job
2013-09-07 19:24 - 2013-03-13 01:07 - 00000498 _____ C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job
2013-09-07 19:24 - 2006-01-27 04:16 - 01980981 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-07 19:23 - 2007-03-02 14:15 - 00025304 _____ C:\WINDOWS\system32\PROCDB.INI
2013-09-07 19:22 - 2011-10-05 15:31 - 00017556 _____ C:\TPHKLOCK.TXT
2013-09-07 19:22 - 2007-03-02 14:15 - 00000480 _____ C:\WINDOWS\system32\IPSCtrl.INI
2013-09-07 19:22 - 2006-01-27 04:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-07 19:22 - 2006-01-26 19:12 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-07 19:22 - 2006-01-26 19:12 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-07 19:20 - 2012-09-04 19:49 - 00001206 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005UA.job
2013-09-07 19:20 - 2012-09-01 07:10 - 03997696 _____ C:\WINDOWS\system32\config\ACVPN.evt
2013-09-07 19:20 - 2011-12-11 12:03 - 00000190 ___SH C:\Dokumente und Einstellungen\Alex\ntuser.ini
2013-09-07 19:20 - 2011-12-11 12:03 - 00000000 ____D C:\Dokumente und Einstellungen\Alex
2013-09-07 19:20 - 2006-01-27 04:25 - 00032536 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-07 19:19 - 2013-09-07 19:16 - 00000000 ____D C:\AdwCleaner
2013-09-07 18:48 - 2011-12-11 12:04 - 00000244 _____ C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2013-09-07 18:47 - 2013-09-07 18:47 - 00000943 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Gmer.txt
2013-09-07 18:47 - 2012-09-09 18:29 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-09-07 18:00 - 2013-03-13 01:07 - 00000474 _____ C:\WINDOWS\Tasks\SpeedyPC Registration3.job
2013-09-07 17:50 - 2013-09-07 17:50 - 00059321 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Addition.txt
2013-09-07 17:50 - 2013-09-07 17:50 - 00037255 _____ C:\Dokumente und Einstellungen\Alex\Desktop\FRST.txt
2013-09-07 17:45 - 2013-09-07 17:45 - 00000000 ____D C:\FRST
2013-09-07 17:42 - 2013-09-07 18:56 - 00000470 _____ C:\Dokumente und Einstellungen\Alex\Desktop\defogger_disable.log
2013-09-07 16:12 - 2013-09-07 16:12 - 00008339 _____ C:\Dokumente und Einstellungen\Alex\Desktop\log_in_webmail_uni_koeln.odt
2013-09-07 14:09 - 2012-04-23 18:22 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Skype
2013-09-07 08:45 - 2013-09-02 21:53 - 00016893 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brainstorm_artes_jahrbuch_SoSe_2013.odt
2013-09-06 17:40 - 2013-09-06 13:51 - 00014671 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Bibliotheque_Institut_de_France.odt
2013-09-06 11:52 - 2011-10-05 15:42 - 00000000 ____D C:\SWSHARE
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Eigene Dateien\adressen-archive-paris.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Desktop\adressen-archive-paris.odt
2013-09-06 10:22 - 2013-09-05 22:48 - 00017619 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brief_SEITA_Altadis_Archiv_Orleans.odt
2013-09-06 08:52 - 2012-08-11 12:32 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-09-04 17:27 - 2013-03-23 19:05 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Desktop\Workshop_mit_Pascal
2013-09-04 17:26 - 2012-09-04 19:50 - 00002364 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Google Chrome.lnk
2013-09-03 19:08 - 2011-12-11 12:03 - 00000000 ___RD C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Eigene Bilder
2013-09-02 22:48 - 2006-01-27 04:14 - 00068876 _____ C:\WINDOWS\wmsetup.log
2013-09-01 07:43 - 2012-01-12 15:20 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Citavi 3
2013-08-31 22:54 - 2013-08-31 22:53 - 00004491 _____ C:\WINDOWS\KB2834903-v2.log
2013-08-31 22:54 - 2006-01-26 19:09 - 01439000 _____ C:\WINDOWS\iis6.log
2013-08-31 22:54 - 2006-01-26 19:09 - 01303787 _____ C:\WINDOWS\FaxSetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00632005 _____ C:\WINDOWS\ocgen.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00605556 _____ C:\WINDOWS\tsoc.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00440118 _____ C:\WINDOWS\comsetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00404998 _____ C:\WINDOWS\msmqinst.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00264481 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00228811 _____ C:\WINDOWS\netfxocm.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00092078 _____ C:\WINDOWS\MedCtrOC.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00071498 _____ C:\WINDOWS\ocmsn.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00066449 _____ C:\WINDOWS\tabletoc.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00065296 _____ C:\WINDOWS\msgsocm.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-31 13:46 - 2006-01-27 03:01 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-17 11:20 - 2012-09-04 19:49 - 00001154 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005Core.job
2013-08-14 07:28 - 2006-01-26 15:19 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 00:17 - 2013-07-13 16:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 00:08 - 2011-12-14 13:29 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 00:01 - 2006-01-26 19:09 - 01171086 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-13 23:56 - 2013-08-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 23:56 - 2013-08-13 20:08 - 00018890 _____ C:\WINDOWS\KB2850869.log
2013-08-13 23:56 - 2013-08-13 20:07 - 00020616 _____ C:\WINDOWS\KB2859537.log
2013-08-13 23:56 - 2006-01-26 19:09 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-08-13 23:55 - 2013-08-13 23:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 23:55 - 2013-08-13 23:54 - 00013309 _____ C:\WINDOWS\KB2863058.log
2013-08-13 23:55 - 2011-10-05 15:21 - 00137776 _____ C:\WINDOWS\system32\TZLog.log
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 23:54 - 2006-01-27 19:21 - 00223863 _____ C:\WINDOWS\updspapi.log
2013-08-13 23:46 - 2013-08-13 20:06 - 00109421 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-13 23:46 - 2011-10-05 15:23 - 00000000 ____D C:\WINDOWS\system32\de-de
2013-08-10 23:02 - 2013-08-10 10:21 - 00026699 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Noziz.odt
Files to move or delete:
====================
C:\DOKUME~1\Alex\LOKALE~1\Temp\20111211112712437jniverify.dll
C:\DOKUME~1\Alex\LOKALE~1\Temp\20120709125921765jniverify.dll
C:\DOKUME~1\Alex\LOKALE~1\Temp\FlashPlayerUpdate.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\jre-6u32-windows-i586-iftw.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\jre-7u25-windows-i586-iftw.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\pdf24-creator-update.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\Quarantine.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SHSetup.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SkypeSetup.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\sqlite3.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SymLCSVC.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-01-27 03:01] - [2008-04-14 08:52] - 1036800 ____N (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0513024 ____N (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0014336 ____N (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-01-27 03:01] - [2009-02-09 13:21] - 0111104 ____N (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2006-01-27 03:00] - [2008-04-14 08:52] - 0580096 ____N (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0026624 ____N (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-01-27 03:01] - [2008-04-14 08:22] - 0053760 ____N (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- |
|
09.09.2013, 04:46
| #4 |
| /// the machine /// TB-Ausbilder | Windows XP: 2 infizierte Dateien nach Malwarebytes ScanESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.09.2013, 17:16
| #5 |
| | Windows XP: 2 infizierte Dateien nach Malwarebytes Scan Hallo, hab alles gemacht und außerdem nochmal einen Malwarebytes Scan laufen lassen. Der zeigt an (siehe unten), dass noch immer zwei infizierte Dateien auf dem Computer sind. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=84eb979fcc295d4f974bb8c2ed369dd4
# engine=15070
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-10 10:50:35
# local_time=2013-09-10 12:50:35 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 17549763 42926696 0 0
# scanned=151215
# found=0
# cleaned=0
# scan_time=13376
Code:
ATTFilter Results of screen317's Security Check version 0.99.73 Windows XP Service Pack 3 x86 Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java(TM) 6 Update 32 Java version out of Date! Adobe Flash Player 11.1.102.55 Adobe Reader 8 Adobe Reader out of Date! Mozilla Firefox 15.0.1 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 01
Ran by Alex (administrator) on LENOVO-80D7E2D4 on 10-09-2013 16:27:45
Running from C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
(Microsoft Corporation) c:\Programme\Microsoft Security Client\MsMpEng.exe
(Broadcom Corporation.) C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
() C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStatsUpdater.exe
(Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
(Skype Technologies S.A.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
( ) c:\programme\lenovo\system update\suservice.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo.) C:\WINDOWS\System32\TPHDEXLG.exe
(IBM) C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
() C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
() C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
() C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
(Diskeeper Corporation) C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPLpr.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe
(Lenovo Group Limited) C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\WINDOWS\system32\TpShocks.exe
(Lenovo Group Limited) C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
(Lenovo Group Limited) C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Zoom\TpScrex.exe
(Analog Devices, Inc.) C:\Programme\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Lenovo Group Limited) C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
(Sonic Solutions) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(Lenovo Group Limited) C:\Programme\Lenovo\AwayTask\AwaySch.EXE
(Lenovo Group Limited) C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
(LENOVO) C:\Programme\ThinkVantage\AMSG\Amsg.exe
(Lenovo ) C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe
(Lenovo Group Limited) C:\Programme\Lenovo\Client Security Solution\cssauth.exe
(Microsoft Corporation) C:\Programme\Microsoft Security Client\msseces.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Programme\PDF24\pdf24.exe
(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Programme\Digital Line Detect\DLG.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Programme\Windows Live Toolbar\msn_sl.exe
(Farbar) C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPLpr] - C:\Programme\Synaptics\SynTP\SynTPLpr.exe [110592 2006-02-14] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Programme\Synaptics\SynTP\SynTPEnh.exe [512000 2006-02-14] (Synaptics, Inc.)
HKLM\...\Run: [PWRMGRTR] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [BLOG] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
HKLM\...\Run: [TPFNF7] - C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe [58416 2007-03-28] (Lenovo Group Limited)
HKLM\...\Run: [TPHOTKEY] - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe [66176 2007-03-09] (Lenovo Group Limited)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [181808 2007-03-29] (Lenovo.)
HKLM\...\Run: [EZEJMNAP] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [243248 2007-03-07] (Lenovo Group Limited)
HKLM\...\Run: [SoundMAXPnP] - C:\Programme\Analog Devices\Core\smax4pnp.exe [925696 2007-01-29] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Programme\Analog Devices\SoundMAX\Smax4.exe [749568 2007-01-16] (Analog Devices, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [TVT Scheduler Proxy] - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe [536576 2007-02-08] (Lenovo Group Limited)
HKLM\...\Run: [DLA] - C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2006-02-02] (Sonic Solutions)
HKLM\...\Run: [ISUSPM Startup] - C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [AwaySch] - C:\Programme\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [LPManager] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [120368 2007-03-22] (Lenovo Group Limited)
HKLM\...\Run: [AMSG] - C:\Programme\ThinkVantage\AMSG\Amsg.exe [419376 2007-02-01] (LENOVO)
HKLM\...\Run: [DiskeeperSystray] - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe [196696 2006-05-18] (Diskeeper Corporation)
HKLM\...\Run: [ACWLIcon] - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [126976 2007-03-27] (Lenovo )
HKLM\...\Run: [cssauth] - C:\Programme\Lenovo\Client Security Solution\cssauth.exe [2618944 2007-01-30] (Lenovo Group Limited)
HKLM\...\Run: [MSC] - c:\Programme\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM\...\Run: [PDFPrint] - C:\Programme\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
Winlogon\Notify\ACNotify: ACNotify.dll [X]
Winlogon\Notify\psfus: C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\tpfnf2: C:\Programme\Lenovo\HOTKEY\notifyf2.dll [X]
Winlogon\Notify\tphotkey: C:\Programme\Lenovo\HOTKEY\tphklock.dll [X]
HKCU\...\Run: [Google Update] - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [116648 2012-09-04] (Google Inc.)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli psqlpwd ACGina
Startup: C:\Dokumente und Einstellungen\Alex\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
ShortcutTarget: Adobe Reader - Schnellstart.lnk -> C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Programme\Digital Line Detect\DLG.exe (Avanquest Software )
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ColorZillaStats - {59F7FE53-2860-44B1-968A-E54E3E949A07} - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStats.dll (Alex Sirota)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKCU -Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @alternatiff.com/AlternaTIFF - C:\Programme\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: ColorZillaStats - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Mozilla\Firefox\Profiles\lzbe10s2.default\Extensions\stats@colorzilla.com
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Babylon ToolBar) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (AlternaTIFF) - C:\Programme\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
CHR Plugin: (Picasa) - C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (ColorZillaStats) - C:\DOKUME~1\Alex\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cgfambohdeocadlemmdceabhlgccijal\2.7.12_0
CHR Extension: (Chrome In-App Payments service) - C:\DOKUME~1\Alex\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR HKLM\...\Chrome\Extension: [cgfambohdeocadlemmdceabhlgccijal] - C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\CHROME\ColorZillaStats.crx
========================== Services (Whitelisted) =================
R2 AcPrfMgrSvc; C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [65536 2007-03-27] (Lenovo )
R2 AcSvc; C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe [180224 2007-03-27] (Lenovo )
R2 btwdins; C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe [266295 2007-02-27] (Broadcom Corporation.)
R2 ColorZillaStatsUpdater; C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ColorZillaStats\IE\ColorZillaStatsUpdater.exe [18432 2012-06-18] ()
R2 Diskeeper; C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe [622700 2006-05-23] (Diskeeper Corporation)
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [643072 2007-03-06] (Intel Corporation)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2007-01-04] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R2 IPSSVC; C:\Windows\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114144 2012-09-09] (Mozilla Foundation)
R2 MsMpSvc; c:\Programme\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-03-06] (Intel Corporation)
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-03-06] (Intel Corporation )
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
R2 SUService; c:\programme\lenovo\system update\suservice.exe [11776 2006-12-15] ( )
R2 ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [644672 2007-01-30] (Lenovo Group Limited)
R2 TSSCoreService; C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe [722496 2007-01-30] (IBM)
R2 TVT Backup Protection Service; C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe [569344 2007-02-08] ()
R2 TVT Backup Service; C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe [950272 2007-02-08] (Lenovo Group Limited)
R2 TVT Scheduler; c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [1118208 2007-02-08] (Lenovo Group Limited)
R2 tvtnetwk; C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056 2007-02-08] ()
R2 vpnagent; C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [537592 2012-08-03] (Cisco Systems, Inc.)
S3 WMConnectCDS; C:\Programme\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-08-03] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57256 2012-08-03] (Cisco Systems, Inc.)
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21425 2011-10-05] (Meetinghouse Data Communications)
R1 ANC; C:\Windows\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.)
R3 atmeltpm; C:\Windows\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [868042 2007-02-27] (Broadcom Corporation.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [67960 2007-01-24] (Broadcom Corporation.)
R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions)
R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions)
R2 DLADResN; C:\Windows\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions)
R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions)
R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions)
R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions)
R1 DLARTL_N; C:\Windows\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions)
R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions)
R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions)
R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions)
S3 G400; C:\Windows\System32\DRIVERS\G400m.sys [322432 2001-08-18] (Matrox Graphics Inc.)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [6016 2006-01-13] ()
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-03-18] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2204672 2007-03-28] (Intel Corporation)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2011-10-05] (Microsoft Corporation)
R2 PROCDD; C:\Windows\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation)
R2 smihlp; C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [11152 2007-03-14] (UPEK Inc.)
R1 TPHKDRV; C:\Windows\System32\DRIVERS\TPHKDRV.sys [17778 2006-10-23] (IBM Corporation)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwrif.sys [4442 2006-12-19] ()
R1 TSMAPIP; C:\Windows\System32\drivers\TSMAPIP.SYS [12848 2007-03-28] ()
R3 TVTPktFilter; C:\Windows\System32\DRIVERS\tvtpktfilter.sys [17664 2007-02-08] (Lenovo Group Limited)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 16:20 - 2013-09-10 16:19 - 00891144 _____ C:\Dokumente und Einstellungen\Alex\Desktop\SecurityCheck.exe
2013-09-10 09:00 - 2013-09-10 09:00 - 00000000 ____D C:\Programme\ESET
2013-09-09 17:38 - 2013-09-09 17:38 - 00050234 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Erhebung_DFG.odt
2013-09-07 19:35 - 2013-09-07 19:35 - 00001006 _____ C:\Dokumente und Einstellungen\Alex\Desktop\JRT.txt
2013-09-07 19:26 - 2013-09-07 19:26 - 00001842 _____ C:\Dokumente und Einstellungen\Alex\Desktop\AdwCleaner[S0].txt
2013-09-07 19:16 - 2013-09-07 19:19 - 00000000 ____D C:\AdwCleaner
2013-09-07 18:56 - 2013-09-07 17:42 - 00000470 _____ C:\Dokumente und Einstellungen\Alex\Desktop\defogger_disable.log
2013-09-07 18:47 - 2013-09-07 18:47 - 00000943 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Gmer.txt
2013-09-07 17:50 - 2013-09-07 19:41 - 00037719 _____ C:\Dokumente und Einstellungen\Alex\Desktop\FRST.txt
2013-09-07 17:50 - 2013-09-07 17:50 - 00059321 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Addition.txt
2013-09-07 17:45 - 2013-09-07 17:45 - 00000000 ____D C:\FRST
2013-09-07 16:12 - 2013-09-07 16:12 - 00008339 _____ C:\Dokumente und Einstellungen\Alex\Desktop\log_in_webmail_uni_koeln.odt
2013-09-06 13:51 - 2013-09-06 17:40 - 00014671 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Bibliotheque_Institut_de_France.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Eigene Dateien\adressen-archive-paris.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Desktop\adressen-archive-paris.odt
2013-09-05 22:48 - 2013-09-09 07:48 - 00017459 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brief_SEITA_Altadis_Archiv_Orleans.odt
2013-09-02 21:53 - 2013-09-07 08:45 - 00016893 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brainstorm_artes_jahrbuch_SoSe_2013.odt
2013-08-31 22:53 - 2013-08-31 22:54 - 00004491 _____ C:\WINDOWS\KB2834903-v2.log
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-13 23:56 - 2013-08-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 23:55 - 2013-08-13 23:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 23:54 - 2013-08-13 23:55 - 00013309 _____ C:\WINDOWS\KB2863058.log
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 20:08 - 2013-08-13 23:56 - 00018890 _____ C:\WINDOWS\KB2850869.log
2013-08-13 20:07 - 2013-08-13 23:56 - 00020616 _____ C:\WINDOWS\KB2859537.log
2013-08-13 20:06 - 2013-08-13 23:46 - 00109421 _____ C:\WINDOWS\KB2862772-IE7.log
==================== One Month Modified Files and Folders =======
2013-09-10 16:28 - 2011-10-05 15:30 - 02839040 _____ C:\WINDOWS\system32\TPAPSLOG.LOG
2013-09-10 16:23 - 2013-09-10 16:23 - 00001002 _____ C:\Dokumente und Einstellungen\Alex\Desktop\checkup_10_09.txt
2013-09-10 16:20 - 2012-09-04 19:49 - 00001206 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005UA.job
2013-09-10 16:19 - 2013-09-10 16:20 - 00891144 _____ C:\Dokumente und Einstellungen\Alex\Desktop\SecurityCheck.exe
2013-09-10 16:18 - 2013-04-13 08:45 - 00644477 _____ C:\WINDOWS\setupapi.log
2013-09-10 15:48 - 2011-12-11 12:04 - 00000244 _____ C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2013-09-10 11:20 - 2012-09-04 19:49 - 00001154 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1870837180-2808861349-3579745600-1005Core.job
2013-09-10 09:00 - 2013-09-10 09:00 - 00000000 ____D C:\Programme\ESET
2013-09-10 09:00 - 2006-01-25 15:09 - 00000000 ___RD C:\Programme
2013-09-10 08:56 - 2012-04-23 18:22 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Skype
2013-09-10 07:43 - 2006-01-27 04:16 - 01056541 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-10 07:36 - 2012-11-26 10:09 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Dropbox
2013-09-10 07:35 - 2012-11-26 10:13 - 00000000 ___RD C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Dropbox
2013-09-10 07:33 - 2012-10-02 08:26 - 00000386 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-09-10 07:33 - 2011-12-14 01:15 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2013-09-10 07:25 - 2011-10-05 15:26 - 00000316 _____ C:\WINDOWS\Tasks\PMTask.job
2013-09-10 07:24 - 2013-03-13 01:07 - 00000498 _____ C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job
2013-09-10 07:23 - 2011-10-05 15:31 - 00017616 _____ C:\TPHKLOCK.TXT
2013-09-10 07:23 - 2007-03-02 14:15 - 00025304 _____ C:\WINDOWS\system32\PROCDB.INI
2013-09-10 07:23 - 2007-03-02 14:15 - 00000480 _____ C:\WINDOWS\system32\IPSCtrl.INI
2013-09-10 07:23 - 2006-01-27 04:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-10 07:23 - 2006-01-26 19:12 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-10 07:23 - 2006-01-26 19:12 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-10 00:11 - 2012-09-01 07:10 - 03997696 _____ C:\WINDOWS\system32\config\ACVPN.evt
2013-09-10 00:11 - 2011-12-11 12:03 - 00000190 ___SH C:\Dokumente und Einstellungen\Alex\ntuser.ini
2013-09-10 00:11 - 2011-12-11 12:03 - 00000000 ____D C:\Dokumente und Einstellungen\Alex
2013-09-10 00:11 - 2006-01-27 04:25 - 00032168 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-09 20:14 - 2013-03-23 19:05 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Desktop\Workshop_mit_Pascal
2013-09-09 18:00 - 2013-03-13 01:07 - 00000474 _____ C:\WINDOWS\Tasks\SpeedyPC Registration3.job
2013-09-09 17:38 - 2013-09-09 17:38 - 00050234 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Erhebung_DFG.odt
2013-09-09 17:05 - 2012-09-09 18:29 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-09-09 08:52 - 2011-12-11 12:03 - 00000000 ___RD C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Eigene Bilder
2013-09-09 07:48 - 2013-09-05 22:48 - 00017459 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brief_SEITA_Altadis_Archiv_Orleans.odt
2013-09-08 00:00 - 2011-10-05 15:42 - 00000000 ____D C:\SWSHARE
2013-09-07 19:41 - 2013-09-07 17:50 - 00037719 _____ C:\Dokumente und Einstellungen\Alex\Desktop\FRST.txt
2013-09-07 19:35 - 2013-09-07 19:35 - 00001006 _____ C:\Dokumente und Einstellungen\Alex\Desktop\JRT.txt
2013-09-07 19:26 - 2013-09-07 19:26 - 00001842 _____ C:\Dokumente und Einstellungen\Alex\Desktop\AdwCleaner[S0].txt
2013-09-07 19:19 - 2013-09-07 19:16 - 00000000 ____D C:\AdwCleaner
2013-09-07 18:47 - 2013-09-07 18:47 - 00000943 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Gmer.txt
2013-09-07 17:50 - 2013-09-07 17:50 - 00059321 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Addition.txt
2013-09-07 17:45 - 2013-09-07 17:45 - 00000000 ____D C:\FRST
2013-09-07 17:42 - 2013-09-07 18:56 - 00000470 _____ C:\Dokumente und Einstellungen\Alex\Desktop\defogger_disable.log
2013-09-07 16:12 - 2013-09-07 16:12 - 00008339 _____ C:\Dokumente und Einstellungen\Alex\Desktop\log_in_webmail_uni_koeln.odt
2013-09-07 08:45 - 2013-09-02 21:53 - 00016893 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Brainstorm_artes_jahrbuch_SoSe_2013.odt
2013-09-06 17:40 - 2013-09-06 13:51 - 00014671 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Bibliotheque_Institut_de_France.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Eigene Dateien\adressen-archive-paris.odt
2013-09-06 10:45 - 2013-09-06 10:45 - 00010423 _____ C:\Dokumente und Einstellungen\Alex\Desktop\adressen-archive-paris.odt
2013-09-06 08:52 - 2012-08-11 12:32 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-09-04 17:26 - 2012-09-04 19:50 - 00002364 _____ C:\Dokumente und Einstellungen\Alex\Desktop\Google Chrome.lnk
2013-09-02 22:48 - 2006-01-27 04:14 - 00068876 _____ C:\WINDOWS\wmsetup.log
2013-09-01 07:43 - 2012-01-12 15:20 - 00000000 ____D C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Citavi 3
2013-08-31 22:54 - 2013-08-31 22:53 - 00004491 _____ C:\WINDOWS\KB2834903-v2.log
2013-08-31 22:54 - 2006-01-26 19:09 - 01439000 _____ C:\WINDOWS\iis6.log
2013-08-31 22:54 - 2006-01-26 19:09 - 01303787 _____ C:\WINDOWS\FaxSetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00632005 _____ C:\WINDOWS\ocgen.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00605556 _____ C:\WINDOWS\tsoc.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00440118 _____ C:\WINDOWS\comsetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00404998 _____ C:\WINDOWS\msmqinst.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00264481 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00228811 _____ C:\WINDOWS\netfxocm.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00092078 _____ C:\WINDOWS\MedCtrOC.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00071498 _____ C:\WINDOWS\ocmsn.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00066449 _____ C:\WINDOWS\tabletoc.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00065296 _____ C:\WINDOWS\msgsocm.log
2013-08-31 22:54 - 2006-01-26 19:09 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2013-08-31 13:46 - 2006-01-27 03:01 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-14 07:28 - 2006-01-26 15:19 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-14 00:17 - 2013-07-13 16:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 00:08 - 2011-12-14 13:29 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 00:01 - 2006-01-26 19:09 - 01171086 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-13 23:56 - 2013-08-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 23:56 - 2013-08-13 20:08 - 00018890 _____ C:\WINDOWS\KB2850869.log
2013-08-13 23:56 - 2013-08-13 20:07 - 00020616 _____ C:\WINDOWS\KB2859537.log
2013-08-13 23:56 - 2006-01-26 19:09 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-08-13 23:55 - 2013-08-13 23:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 23:55 - 2013-08-13 23:54 - 00013309 _____ C:\WINDOWS\KB2863058.log
2013-08-13 23:55 - 2011-10-05 15:21 - 00137776 _____ C:\WINDOWS\system32\TZLog.log
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 23:54 - 2013-08-13 23:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 23:54 - 2006-01-27 19:21 - 00223863 _____ C:\WINDOWS\updspapi.log
2013-08-13 23:46 - 2013-08-13 20:06 - 00109421 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-13 23:46 - 2011-10-05 15:23 - 00000000 ____D C:\WINDOWS\system32\de-de
Files to move or delete:
====================
C:\DOKUME~1\Alex\LOKALE~1\Temp\20111211112712437jniverify.dll
C:\DOKUME~1\Alex\LOKALE~1\Temp\20120709125921765jniverify.dll
C:\DOKUME~1\Alex\LOKALE~1\Temp\FlashPlayerUpdate.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\jre-6u32-windows-i586-iftw.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\jre-7u25-windows-i586-iftw.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\pdf24-creator-update.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\Quarantine.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SHSetup.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SkypeSetup.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\sqlite3.exe
C:\DOKUME~1\Alex\LOKALE~1\Temp\SymLCSVC.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-01-27 03:01] - [2008-04-14 08:52] - 1036800 ____N (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0513024 ____N (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0014336 ____N (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-01-27 03:01] - [2009-02-09 13:21] - 0111104 ____N (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2006-01-27 03:00] - [2008-04-14 08:52] - 0580096 ____N (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-01-27 03:01] - [2008-04-14 08:53] - 0026624 ____N (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-01-27 03:01] - [2008-04-14 08:22] - 0053760 ____N (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.07.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.11 Alex :: LENOVO-80D7E2D4 [Administrator] 10.09.2013 16:29:56 MBAM_10_9.txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 243035 Laufzeit: 1 Stunde(n), 5 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Dokumente und Einstellungen\Alex\Eigene Dateien\Downloads\iLividSetup-r400-n-bc.exe (PUP.Optional.Bandoo) -> Keine Aktion durchgeführt. C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Temp\InstallShare14830\bab_setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. (Ende) |
|
10.09.2013, 20:02
| #6 |
| /// the machine /// TB-Ausbilder | Windows XP: 2 infizierte Dateien nach Malwarebytes Scan Java, Adobe und Firefox updaten. Das eine ist in den Temps, das andere ein Installer, einfach beides löschen lassen mit MBAM, bei einem erneuten Scan sollte alles gut sein. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. alles gut?
__________________ --> Windows XP: 2 infizierte Dateien nach Malwarebytes Scan |
|
| Themen zu Windows XP: 2 infizierte Dateien nach Malwarebytes Scan |
| 4d36e972-e325-11ce-bfc1-08002be10318, adobe, bildschirm, browser, computer, desktop, error, farbar, farbar recovery scan tool, festplatte, firefox, flash player, google, iexplore.exe, infizierte, monitor, mozilla, msiinstaller, object, plug-in, registry, rundll, scan, schutz, security, software, storm, system error, temp, windows, windows xp |
Linear-Darstellung
