michael007 | 18.06.2013 23:06 | Hallo schrauber. Vielen Dank für die Hilfe!
Nachfolgend die FRST.txt und die Addition.txt
Wie von trojaner-board.de empfohlen, habe ich den Realnamen mit *** editiert.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-06-2013 02
Ran by *** (administrator) on 18-06-2013 22:43:33
Running from C:\Users\***\Farbar Recovery Scan Tool_180613
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\cobian Backup 10.0_191011\cbVSCService.exe
(REINER SCT) C:\windows\system32\cjpcsc.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney Business 5.0 Deutsche Bank Edition\ouservice\StarMoneyOnlineUpdate.exe
() C:\Program Files\T-Mobile-Internet-Manager_021211\AssistantServices.exe
() C:\Program Files\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\windows\service4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Luis Cobian, CobianSoft) C:\Program Files\cobian Backup 10.0_191011\Cobian.exe
() C:\Program Files\T-Mobile-Internet-Manager_021211\UIExec.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Luis Cobian, CobianSoft) C:\Program Files\cobian Backup 10.0_191011\cbInterface.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\windows\system32\hkcmd.exe
(Intel Corporation) C:\windows\system32\igfxtray.exe
(Intel Corporation) C:\windows\system32\igfxpers.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SFB\SmartRestarter.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\windows\system32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [10119784 2011-06-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe [1812264 2010-11-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] "C:\Program Files\ScahSoft Omnipage_191011\OpwareSE4.exe" [x]
HKLM\...\Run: [FreePDF Assistant] "C:\Program Files\FreePDF_XP\fpassist.exe" [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [Cobian Backup 10] "C:\Program Files\cobian Backup 10.0_191011\Cobian.exe" [421376 2010-09-23] (Luis Cobian, CobianSoft)
HKLM\...\Run: [UIExec] "C:\Program Files\T-Mobile-Internet-Manager_021211\UIExec.exe" [132608 2009-03-30] ()
HKLM\...\Run: [starter4g] C:\windows\starter4g.exe [160424 2010-04-30] (4G Systems GmbH & Co. KG)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [SMB50StarMoneyRunEntry] "C:\Program Files\StarMoney Business 5.0 Deutsche Bank Edition\app\oflagent.exe" [56976 2013-05-23] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM\...\Run: [TrayServer] C:\PROGRA~1\MAGIX\VIDEO_~1\TrayServer.exe [90112 2007-03-29] (MAGIX AG)
HKLM\...\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-11-11] (Google Inc.)
HKCU\...\Run: [defglogon] -autorun [x]
HKCU\...\Run: [winqn] -autorun [x]
HKCU\...\Run: [logonggdns] "C:\Users\***\AppData\Roaming\logonggdns.exe" -autorun [x]
MountPoints2: {4700721e-bdcd-11e2-aba8-90a4de9c2828} - D:\LaunchU3.exe
MountPoints2: {c3dc4716-3ea0-11e1-92ea-90a4de9c2828} - D:\autorun.exe
Startup: C:\ProgramData\Start Menu\Programs\Startup\Automatic Update-Agent.lnk
ShortcutTarget: Automatic Update-Agent.lnk -> C:\Program Files\T-Mobile\Communication Center\AutoUpdateSrv.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\db dialog updater.lnk
ShortcutTarget: db dialog updater.lnk -> C:\Program Files\db-dialog_201011\wiseupdt.EXE ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
ProxyServer: 46.231.14.49:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: No Name - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: t-mobile - {C6D89159-3467-4C2F-9918-3362DA57BCD2} - C:\PROGRA~1\T-Mobile\HOTSPO~1\TMOBIL~1.DLL ()
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\1xhf8l1d.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC-2.0.5_170213\VLC\npvlc.dll (VideoLAN)
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 cbVSCService; C:\Program Files\cobian Backup 10.0_191011\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian)
R2 cjpcsc; C:\windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files\StarMoney Business 5.0 Deutsche Bank Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 UI Assistant Service; C:\Program Files\T-Mobile-Internet-Manager_021211\AssistantServices.exe [241664 2009-03-30] ()
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
R2 WTGService; C:\Program Files\XSManager\WTGService.exe [329168 2010-04-12] ()
R2 XS Stick Service; C:\windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R2 ACEDRV09; C:\windows\system32\drivers\ACEDRV09.sys [110304 2012-05-05] (Protect Software GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-10-11] (Avira GmbH)
R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz)
R3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [103424 2012-01-17] (Mobile Connector)
S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2010-11-13] (ELAN Microelectronics Corp.)
R3 odysseyIM4; C:\Windows\System32\DRIVERS\odysseyIM4.sys [173056 2005-06-10] (Funk Software, Inc.)
S3 rsct_dev; C:\Windows\System32\DRIVERS\rsct_dev.sys [11776 2007-05-31] (REINER SCT)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2011-09-29] (Windows (R) 2003 DDK 3790 provider)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2010-10-07] (SAMSUNG ELECTRONICS)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R2 SSPORT; C:\windows\system32\Drivers\SSPORT.sys [5120 2009-03-02] (Samsung Electronics)
S1 rsct_bus; system32\DRIVERS\rsct_bus.sys [x]
U3 pxroapoc; \??\C:\Users\***\AppData\Local\Temp\pxroapoc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-18 22:43 - 2013-06-18 22:43 - 00000000 ____D C:\FRST
2013-06-18 22:39 - 2013-06-18 22:40 - 00000000 ____D C:\Users\***\Farbar Recovery Scan Tool_180613
2013-06-18 19:44 - 2013-06-18 20:02 - 00000000 ____D C:\Users\***\gmer 2.1.19163_180613
2013-06-18 19:42 - 2013-06-18 19:42 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-18 18:01 - 2013-06-18 18:33 - 00000000 ____D C:\Users\***\OTL_180613
2013-06-18 18:00 - 2013-06-18 18:00 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-18 17:58 - 2013-06-18 17:58 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-18 17:55 - 2013-06-18 17:58 - 00000000 ____D C:\Users\***\defogger_180613
2013-06-18 17:48 - 2013-06-18 17:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-17 15:05 - 2013-06-17 15:05 - 00001273 ____A C:\Users\***\Desktop\Scratch.lnk
2013-06-17 15:05 - 2013-06-17 15:05 - 00000000 ____D C:\Users\***\Documents\Scratch Projects
2013-06-17 15:02 - 2013-06-17 15:04 - 00000000 ____D C:\Program Files\Scratch 1.4_170613
2013-06-17 14:59 - 2013-06-17 14:59 - 00000000 ____D C:\170613
2013-06-12 22:12 - 2013-06-12 22:13 - 05800064 ____A (Igor Pavlov) C:\Users\***\Downloads\MailStoreHomeSetup-8.0.5.8779.exe
2013-06-12 22:04 - 2013-06-12 22:05 - 00000000 ____D C:\08-dat_120613
2013-06-12 14:14 - 2013-06-14 12:46 - 00000000 ___HD C:\Users\***\AppData\Roaming\D9E9F6B2
2013-06-12 11:44 - 2013-06-13 13:00 - 00000000 ___HD C:\Users\***\AppData\Roaming\Pjfe
2013-06-12 11:10 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 11:10 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 11:10 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 11:10 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 11:10 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 11:10 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 11:01 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 11:01 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 11:01 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 11:01 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 11:00 - 2013-05-17 03:26 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 11:00 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 11:00 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 11:00 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 11:00 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 11:00 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 10:03 - 2013-06-16 23:45 - 00000000 ____D C:\Users\***\AppData\Roaming\Rfybr
2013-06-12 05:59 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 05:59 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 05:59 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 05:59 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 05:59 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 05:59 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 05:59 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-12 05:59 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-12 05:59 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 05:59 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 05:59 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 05:57 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 23:10 - 2013-06-13 00:33 - 00000000 ____D C:\ProgramData\firebird
2013-06-11 23:02 - 2013-06-11 23:05 - 00000000 ____D C:\Program Files\MailStore-8.0.5.8779_110613
2013-06-11 09:08 - 2013-06-13 08:50 - 00000000 ____D C:\120613
2013-06-11 09:05 - 2013-06-11 09:10 - 00000000 ____D C:\110613
2013-06-05 21:52 - 2013-06-05 21:52 - 04808816 ____A (FileZilla Project) C:\Users\***\Downloads\FileZilla_3.7.0.2_win32-setup.exe
2013-05-28 15:44 - 2013-05-28 15:45 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-05-28 15:44 - 2013-05-28 15:44 - 00001144 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-28 15:44 - 2013-05-28 15:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-27 13:40 - 2013-05-27 13:40 - 00000000 ____D C:\Users\***\AppData\Local\Tracker Software
2013-05-22 13:36 - 2013-05-22 13:36 - 00000000 ___HD C:\Users\***\Documents\Freemake_do_not_remove_this_folder635048266199573803
2013-05-22 12:06 - 2013-05-22 12:06 - 00002430 ____A C:\Users\***\Desktop\Free Video Dub.lnk
2013-05-22 12:05 - 2013-05-22 12:06 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
==================== One Month Modified Files and Folders ========
2013-06-18 22:43 - 2013-06-18 22:43 - 00000000 ____D C:\FRST
2013-06-18 22:40 - 2013-06-18 22:39 - 00000000 ____D C:\Users\***\Farbar Recovery Scan Tool_180613
2013-06-18 22:40 - 2011-10-17 14:56 - 00000000 ____D C:\users\***
2013-06-18 22:17 - 2011-11-11 17:35 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-18 21:59 - 2012-04-02 09:46 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 20:49 - 2011-07-18 13:52 - 00000000 ____D C:\12-doc_180711
2013-06-18 20:02 - 2013-06-18 19:44 - 00000000 ____D C:\Users\***\gmer 2.1.19163_180613
2013-06-18 19:42 - 2013-06-18 19:42 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-18 19:20 - 2011-07-26 04:16 - 01649273 ____A C:\Windows\WindowsUpdate.log
2013-06-18 19:18 - 2009-07-14 06:34 - 00016160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 19:18 - 2009-07-14 06:34 - 00016160 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 19:13 - 2011-11-11 17:35 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-18 19:10 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-18 19:10 - 2009-07-14 06:39 - 00082945 ____A C:\Windows\setupact.log
2013-06-18 19:09 - 2010-11-20 23:48 - 00045148 ____A C:\Windows\PFRO.log
2013-06-18 18:33 - 2013-06-18 18:01 - 00000000 ____D C:\Users\***\OTL_180613
2013-06-18 18:00 - 2013-06-18 18:00 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-18 17:58 - 2013-06-18 17:58 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-18 17:58 - 2013-06-18 17:55 - 00000000 ____D C:\Users\***\defogger_180613
2013-06-18 17:48 - 2013-06-18 17:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-17 19:46 - 2011-10-19 17:50 - 00000000 ____D C:\Users\***\AppData\Local\FreePDF_XP
2013-06-17 18:41 - 2011-07-21 12:18 - 00000000 ____D C:\60-sse_210711
2013-06-17 18:24 - 2012-09-24 14:31 - 00000000 ____D C:\Program Files\StarMoney Business 5.0 Deutsche Bank Edition
2013-06-17 15:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\NDF
2013-06-17 15:05 - 2013-06-17 15:05 - 00001273 ____A C:\Users\***\Desktop\Scratch.lnk
2013-06-17 15:05 - 2013-06-17 15:05 - 00000000 ____D C:\Users\***\Documents\Scratch Projects
2013-06-17 15:04 - 2013-06-17 15:02 - 00000000 ____D C:\Program Files\Scratch 1.4_170613
2013-06-17 14:59 - 2013-06-17 14:59 - 00000000 ____D C:\170613
2013-06-16 23:45 - 2013-06-12 10:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Rfybr
2013-06-14 12:46 - 2013-06-12 14:14 - 00000000 ___HD C:\Users\***\AppData\Roaming\D9E9F6B2
2013-06-13 23:13 - 2010-11-20 23:01 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-13 18:24 - 2011-07-18 13:56 - 00000000 ____D C:\39-pdf_150711
2013-06-13 13:00 - 2013-06-12 11:44 - 00000000 ___HD C:\Users\***\AppData\Roaming\Pjfe
2013-06-13 08:50 - 2013-06-11 09:08 - 00000000 ____D C:\120613
2013-06-13 00:33 - 2013-06-11 23:10 - 00000000 ____D C:\ProgramData\firebird
2013-06-12 22:13 - 2013-06-12 22:12 - 05800064 ____A (Igor Pavlov) C:\Users\***\Downloads\MailStoreHomeSetup-8.0.5.8779.exe
2013-06-12 22:05 - 2013-06-12 22:04 - 00000000 ____D C:\08-dat_120613
2013-06-12 21:16 - 2012-03-13 14:17 - 00007600 ____A C:\Users\***\AppData\Local\Resmon.ResmonCfg
2013-06-12 19:30 - 2011-10-20 12:04 - 00002267 ____A C:\Users\Public\Desktop\CDBurnerXP.lnk
2013-06-12 19:24 - 2011-10-19 21:31 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2013-06-12 19:08 - 2011-07-18 13:53 - 00000000 ____D C:\21-html_150711
2013-06-12 11:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-12 11:02 - 2011-10-18 17:05 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 06:59 - 2012-04-02 09:46 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-12 06:59 - 2011-10-18 09:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-11 23:05 - 2013-06-11 23:02 - 00000000 ____D C:\Program Files\MailStore-8.0.5.8779_110613
2013-06-11 09:10 - 2013-06-11 09:05 - 00000000 ____D C:\110613
2013-06-10 09:16 - 2011-11-04 11:30 - 00000000 ____D C:\90-jpg_full_180711
2013-06-08 13:42 - 2013-06-12 11:10 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 13:40 - 2013-06-12 11:10 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 13:40 - 2013-06-12 11:10 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 13:40 - 2013-06-12 11:10 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 13:40 - 2013-06-12 11:10 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 13:13 - 2013-06-12 11:10 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-05 21:53 - 2013-04-15 08:58 - 00000000 ____D C:\Program Files\FileZilla-3.6.0.2._150413
2013-06-05 21:52 - 2013-06-05 21:52 - 04808816 ____A (FileZilla Project) C:\Users\***\Downloads\FileZilla_3.7.0.2_win32-setup.exe
2013-06-03 21:17 - 2011-07-18 13:53 - 00000000 ____D C:\18-gif_180711
2013-06-01 12:50 - 2011-07-18 13:58 - 00000000 ____D C:\54-rtf_150711
2013-05-28 15:45 - 2013-05-28 15:44 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-05-28 15:44 - 2013-05-28 15:44 - 00001144 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-28 15:44 - 2013-05-28 15:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-28 14:59 - 2011-07-18 13:57 - 00000000 ____D C:\51-pst_180711
2013-05-27 13:40 - 2013-05-27 13:40 - 00000000 ____D C:\Users\***\AppData\Local\Tracker Software
2013-05-24 21:56 - 2012-05-22 10:08 - 00000000 ____D C:\ProgramData\Lexware
2013-05-24 15:06 - 2011-12-14 21:08 - 00002226 ____A C:\Users\Public\Desktop\Steuer-Spar-Erklärung 2012.lnk
2013-05-22 13:36 - 2013-05-22 13:36 - 00000000 ___HD C:\Users\***\Documents\Freemake_do_not_remove_this_folder635048266199573803
2013-05-22 12:06 - 2013-05-22 12:06 - 00002430 ____A C:\Users\***\Desktop\Free Video Dub.lnk
2013-05-22 12:06 - 2013-05-22 12:05 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-05-22 12:05 - 2012-12-31 20:35 - 00000000 ____D C:\Program Files\FreeVideoDub 2.0.18.430_220513
2013-05-22 12:05 - 2011-10-21 10:09 - 00000000 ____D C:\Users\***\AppData\Roaming\DVDVideoSoft
2013-05-20 16:22 - 2012-10-22 10:06 - 00000000 ____D C:\Users\***\AppData\Roaming\Audacity
2013-05-20 16:19 - 2012-10-22 12:35 - 00000000 ____D C:\05-aup_221012
Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-13 17:11
==================== End Of Log ============================ --- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-06-2013 02
Ran by *** at 2013-06-18 22:45:50 Run:
Running from C:\Users\***\Farbar Recovery Scan Tool_180613
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
???? ??? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
„Windows Live Essentials“ (Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (Version: 15.4.3502.0922)
AAVUpdateManager (Version: 18.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Photoshop 4.0 LE
Alice Greenfingers
ArcSoft PhotoStudio 5.5
Atheros Client Installation Program (Version: 9.0)
Audacity 2.0.2 (Version: 2.0.2)
Avira Free Antivirus (Version: 12.1.9.1236)
BatteryLifeExtender (Version: 1.0.11)
bcTester 4.9 (de) (Version: 4.9.0)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
CamStudio
CanoScan Toolbox Ver4.9
CDBurnerXP (Version: 4.5.1.4003)
CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
ChargeableUSB (Version: 1.0.0.0)
Cobian Backup 10
Communication Center (Version: 2.5)
cyberJack Base Components (Version: 6.10.0)
CyberLink YouCam (Version: 2.0.3911)
D3DX10 (Version: 15.4.2368.0902)
db dialog (Version: 3.4)
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Network Manager (Version: 4.4.7)
Easy Resolution Manager (Version: 1.1.0)
Easy SpeedUp Manager (Version: 2.1.1.1)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.11)
ETDWare PS/2-X86 8.0.7.2_WHQL (Version: 8.0.7.2)
Fast Booting SW (Version: 1.8.0.0)
FileZilla Client 3.7.0.2 (Version: 3.7.0.2)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
FLV Player 2.0, build 24 (Version: 2.0, build 24)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Free Video Dub version 2.0.18.430 (Version: 2.0.18.430)
Free YouTube to MP3 Converter version 3.10.11.923
Freemake Video Converter Version 3.2.1 (Version: 3.2.1)
FreePDF (Remove only)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
GPL Ghostscript (Version: 9.04)
HotSpot Locator 1.1
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2117)
Intel(R) Rapid Storage Technology (Version: 10.1.0.1008)
Jalbum 8.0
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 2 (Version: 1.6.0.20)
JavaFX 2.1.1 (Version: 2.1.1)
Lexware Elster (Version: 13.04.00.0113)
Lexware financial office 2012 (Version: 16.54.00.0302)
Lexware Info Service (Version: 2.80.00.0007)
MAGIX Foto Clinic 5.5 5.5.31.0 (D) (Version: 5.5.31.0)
MAGIX Foto Manager 2007 4.1.1.75 (D) (Version: 4.1.1.75)
MAGIX Goya burnR 2.3.1.3 (D) (Version: 2.3.1.3)
MAGIX Music Manager 2007 8.1.1.108 (D) (Version: 8.1.1.108)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Video deluxe 2007 2008 PLUS 7.0.0.25 (D) (Version: 7.0.0.25)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.32)
Manual CanoScan LiDE 25
Marvell Miniport Driver (Version: 11.29.1.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2000 Premium (Version: 9.00.2816)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft Smart Card Base Components
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XML Parser (Version: 8.0.7820.0)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Odyssey (Version: 4.0.0.1972)
Option GT HSDPA driver suite
'Option PC Cards driver package'
PDF-XChange Viewer (Version: 2.5.201.0)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (Version: 6.0.1.6400)
REALTEK PCIE Wireless LAN Software (Version: 0136.10.0325)
RedMon - Redirection Port Monitor
RENESIS® Player Browser Plugins (Version: 1.1.1)
Revo Uninstaller 1.94 (Version: 1.94)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Samsung ML-2010 Series
Samsung Recovery Solution 4 (Version: 4.0.0.6)
Samsung Support Center (Version: 1.1.24)
Samsung Update Plus (Version: 2.0)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Scratch (Version: 1.4.0.0)
Servicepack Datumsaktualisierung (Version: 1.00.00.0005)
smartMate light
SPRx32 CT-API und PC/SC Treiber
StarMoney (Version: 3.0.2.50)
StarMoney (Version: 3.0.4.48)
StarMoney Business 5.0 Deutsche Bank Edition (Version: 5.0)
Steuer-Spar-Erklärung 2007 (Version: 12.03)
Steuer-Spar-Erklärung 2008 (Version: 13.02.0000)
Steuer-Spar-Erklärung 2009 (Version: 14.01.0000)
Steuer-Spar-Erklärung 2010 (Version: 15.15)
Steuer-Spar-Erklärung 2011 (Version: 16.17)
Steuer-Spar-Erklärung 2012 (Version: 17.13)
Steuer-Spar-Erklärung 2013 (Version: 18.09)
The KMPlayer (remove only) (Version: 3.5.0.81)
T-Mobile Internet Manager 03 (Version: 1.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
User Guide (Version: 1.3)
VLC media player 2.0.5 (Version: 2.0.5)
WebSign Basiskomponeten
WIDCOMM Bluetooth Software (Version: 6.3.0.6200)
Winamp (Version: 5.63 )
Windows Live ?? ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3508.1109)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live fotoattelu galerija (Version: 15.4.3502.0922)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Foto-galerija (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
XSManager (Version: 3.0)
Zattoo4 4.0.5 (Version: 4.0.5)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
==================== Restore Points =========================
24-05-2013 12:59:44 Steuer-Spar-Erklärung 2012 wurde installiert.
24-05-2013 17:08:58 Windows Update
28-05-2013 13:08:30 Revo Uninstaller's restore point - Mozilla Firefox 21.0 (x86 de)
28-05-2013 13:22:58 Revo Uninstaller's restore point - Mozilla Firefox 21.0 (x86 de)
29-05-2013 00:59:00 Windows Update
04-06-2013 18:12:10 Windows Update
07-06-2013 23:41:35 Windows Update
11-06-2013 07:05:01 Windows Update
12-06-2013 08:59:22 Windows Update
12-06-2013 20:06:10 Revo Uninstaller's restore point - MailStore Home 8.0.5.8779
==================== Scheduled Tasks (whitelisted) =============
Task: {12AA74FB-AA36-495B-8507-B9079F869DE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-11] (Google Inc.)
Task: {13AAD1AF-D075-4BD9-9A19-A8329BA6BE25} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {19056CAD-90EA-4ACB-84FF-8CD0D65BC044} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {21999BFF-6B17-4C02-9CA5-01EED812EE39} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {389B1777-C122-46F3-A6EC-858A28BFAF7E} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {435B9152-E045-49A0-9802-3FE20CDF60B2} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-02-07] (SAMSUNG Electronics)
Task: {45CA727A-4521-4F60-85FD-B8935D9D878E} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {466303E5-0805-44EC-8595-C63AFDEA3A21} - System32\Tasks\ChkWiz4VistaWin7 => C:\Sysprep\ChkWiz4VistaWin7.exe [] ()
Task: {57D541CE-9229-4AA6-B25E-3A7CF4771DBF} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {5BE3FF7F-E536-4ADB-A1E8-C5F61BEBBEA3} - System32\Tasks\{CC2B23F6-F504-4E31-8C45-2F45E8D3887B} => D:\setup.exe [] ()
Task: {5D128131-133D-44BA-AAE0-BF4E6F9EAAB5} - System32\Tasks\{A631CC1C-2406-49FB-8EC4-5BD9A65B4014} => C:\Program Files\AqFinance\AqFinance-0.9.100beta-Setup.exe [2012-09-20] (Martin Preuss)
Task: {67FA9649-111A-4C53-B4F7-07301BC82D53} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SFB\SmartRestarter.exe [2010-06-03] (Samsung Electronics Co., Ltd.)
Task: {70EADF9A-5485-4ED7-97F5-879363B7F031} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {8176C892-B6BC-4F13-9358-C624A7822110} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe [] ()
Task: {9F764301-640E-4B52-B52C-13E6C45D1D1F} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {A568F745-808D-46CF-94C3-EE6949370B2C} - System32\Tasks\{52B0256F-C2CD-4ACE-AD74-497CAE8D95C1} => C:\Program Files\AqFinance\AqFinance-0.9.100beta-Setup.exe [2012-09-20] (Martin Preuss)
Task: {AC8DE7C8-AEE0-44F4-B06B-9667FF756D78} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-06-08] (Samsung Electronics Co., Ltd.)
Task: {AEE2E35B-1C6B-4203-8DDF-47E69B2BFD1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-11] (Google Inc.)
Task: {B1226612-7E0B-41A6-80E0-5F0752240A27} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {C4F1D3DC-782A-41A4-AD70-6BCDB6B53BBC} - System32\Tasks\{48B2666E-66F1-462D-BFC1-F327077BEB8C} => C:\Program Files\AqFinance\program\initial\bin\aqfinance.exe [2011-07-03] ()
Task: {CA537438-2E27-4C1F-8D26-45CEAA41C2C3} - System32\Tasks\{E1497134-AC6C-4365-8B61-A33FFCF5819D} => C:\Program Files\AqFinance\program\initial\bin\aqfinance.exe [2011-07-03] ()
Task: {D96D718C-E872-42EA-80CF-F533C67F8CF0} - System32\Tasks\{956ABD87-073D-4486-A41C-16385B136E69} => C:\Program Files\AqFinance\program\initial\bin\aqbanking-cli.exe [] ()
Task: {F623BB0F-E7EE-4669-BC38-24FDC8A96392} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
==================== Faulty Device Manager Devices =============
Name: Broadcom 802.11n-Netzwerkadapter
Description: Broadcom 802.11n-Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2013 09:32:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_StiSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xc0000120
ID des fehlerhaften Prozesses: 0x174
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_StiSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_StiSvc1
Pfad des fehlerhaften Moduls: svchost.exe_StiSvc2
Berichtskennung: svchost.exe_StiSvc3
Error: (06/18/2013 08:04:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012288
ID des fehlerhaften Prozesses: 0x5d8
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3
Error: (06/18/2013 07:59:45 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012288
ID des fehlerhaften Prozesses: 0x1400
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3
Error: (06/18/2013 07:45:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc
Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c9789
ID des fehlerhaften Prozesses: 0xbc0
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (06/18/2013 07:10:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/18/2013 03:30:07 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f2db68fa-e3dc-4650-b334-be53f7363df3}
Error: (06/18/2013 01:30:55 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f2db68fa-e3dc-4650-b334-be53f7363df3}
Error: (06/17/2013 11:30:09 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f2db68fa-e3dc-4650-b334-be53f7363df3}
Error: (06/17/2013 08:29:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 08:25:47 PM) (Source: Application Hang) (User: )
Description: Programm freepdf.exe, Version 4.0.0.42 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1398
Startzeit: 01ce6b82a48994f9
Endzeit: 16
Anwendungspfad: C:\Program Files\FreePDF_XP\freepdf.exe
Berichts-ID:
System errors:
=============
Error: (06/18/2013 09:32:35 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/18/2013 09:32:05 PM) (Source: SCardSvr) (User: )
Description: Das Gerät ist nicht angeschlossen.REINER SCT cyberJack pinpad/e-com USB 52GET_STATEXX XX XX XX
Error: (06/18/2013 09:30:04 PM) (Source: SCardSvr) (User: )
Description: Das Gerät ist nicht angeschlossen.REINER SCT cyberJack pinpad/e-com USB 52
Error: (06/18/2013 09:30:04 PM) (Source: SCardSvr) (User: )
Description: Das Gerät ist nicht angeschlossen.
Error: (06/18/2013 09:30:04 PM) (Source: SCardSvr) (User: )
Description: Das Gerät ist nicht angeschlossen.REINER SCT cyberJack pinpad/e-com USB 52POWER01 00 00 00
Error: (06/18/2013 09:30:04 PM) (Source: SCardSvr) (User: )
Description: Das Gerät ist nicht angeschlossen.REINER SCT cyberJack pinpad/e-com USB 52POWER01 00 00 00
Error: (06/18/2013 09:30:04 PM) (Source: SCardSvr) (User: )
Description: Das Gerät erkennt den Befehl nicht.REINER SCT cyberJack pinpad/e-com USB 52POWER01 00 00 00
Error: (06/18/2013 07:15:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (06/18/2013 07:10:41 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
rsct_bus
tcpipBM
Error: (06/18/2013 07:10:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 2037.3 MB
Available physical RAM: 798.42 MB
Total Pagefile: 4074.59 MB
Available Pagefile: 2721.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:277.99 GB) (Free:73.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: CD3D43EB)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=278 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- --- |