dealply.exe / Rechner langsam / Windows-Update funktioniert nicht

rwsuchthilfe · 11.07.2013, 23:23

Hallo liebes Trojaner-Board-Team,

unser Rechner ist langsam, Windows-Updates funktionieren nicht und auf dem Desktop haben einige Dateien ein weißes Ausrufezeichen in rotem Kreis.

Folgendes brachte Malwarebytes als Ergebnis. Mehr haben wir noch nicht getan und bitten um Hilfe. Vielen lieben Dank Roland
___________

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.10.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: *** [Administrator]

Schutz: Aktiviert

10.07.2013 23:30:13
mbam-log-2013-07-10 (23-30-13).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 256599
Laufzeit: 25 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\is1972027439\dealply.exe (PUP.DealPly) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus · 11.07.2013, 23:27

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

rwsuchthilfe · 12.07.2013, 21:29

Hallo cosinus, wir haben wirklich noch einen alten Log auf dem Rechner, sorry, da habe ich nicht daran gedacht. Ich hoffe, das ist so eingestellt iO, da die album-Präsi nicht aufging.
Vielen Dank, dass Du Dich unserem Thema angenommen hast. Schönen Gruß Roland

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.07.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Wehkamp :: ***[Administrator]

07.12.2012 21:36:41
mbam-log-2012-12-08 (10-09-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 546493
Laufzeit: 7 Stunde(n), 30 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_XMLLookup (Hijacker.XMLLookup) -> Daten: hxxp://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> Daten: hxxp://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_intl (Hijacker.intl) -> Daten: hxxp://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 5
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|XMLLookup (Hijacker.XMLLookup) -> Bösartig: (hxxp://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Gut: (hxxp://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|Application (Hijacker.Application) -> Bösartig: (hxxp://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Gut: (hxxp://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|intl (Hijacker.intl) -> Bösartig: (hxxp://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Gut: (hxxp://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\PDFConverterSetup.exe (Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\ICReinstall\PDFConverterSetup.exe (Adware.InstallCore) -> Keine Aktion durchgeführt.

(Ende)

cosinus · 14.07.2013, 17:10

Die Logs bitte in CODE-Tags!!

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

rwsuchthilfe · 21.07.2013, 23:07

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Wehkamp (administrator) on 21-07-2013 23:47:54
Running from C:\Dokumente und Einstellungen\Wehkamp\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Check Point Software Technologies LTD) C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\IswSvc.exe
(Check Point Software Technologies) C:\Programme\CheckPoint\ZAForceField\ForceField.exe
(Bitberry Software) C:\Programme\FinalMediaPlayer\FMPCheckForUpdates.exe
(AVM Berlin) C:\Programme\avmwlanstick\WlanNetService.exe
() C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\WINDOWS\system32\cisvc.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(McAfee, Inc.) C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(McAfee, Inc.) C:\Programme\McAfee Online Backup\MOBKbackup.exe
(Clarus, Inc.) C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Wajam) C:\Programme\Wajam\Updater\WajamUpdater.exe
(VMware, Inc.) C:\Programme\VMware\VMware View\Client\bin\wsnm.exe
(McAfee, Inc.) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(McAfee, Inc.) C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe
(Canon Inc.) C:\Programme\Canon\CAL\CALMAIN.exe
(AVM Berlin) C:\Programme\avmwlanstick\FRITZWLANMini.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(CANON INC.) C:\Programme\Canon\MyPrinter\BJMyPrt.exe
(Logitech Inc.) C:\WINDOWS\Logi_MwX.Exe
(Citrix Systems, Inc.) C:\Programme\Citrix\ICA Client\concentr.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Check Point Software Technologies LTD) C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
(McAfee, Inc.) C:\Programme\McAfee.com\Agent\mcagent.exe
(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe
(Samsung Electronics Co., Ltd.) C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\KiesTrayAgent.exe
(Citrix Systems, Inc.) C:\Programme\Citrix\ICA Client\wfcrun32.exe
(Clarus, Inc.) C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe
(Samsung) C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\Kies.exe
(Samsung Electronics) C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\KiesAirMessage.exe
(Samsung) C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Mozilla Corporation) C:\Programme\Mozilla Thunderbird\thunderbird.exe
() C:\Programme\Canon\ImageBrowser EX\MFManager.exe
(McAfee, Inc.) C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe
(Clarus, Inc.) C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe
() D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
(Clarus, Inc.) C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
() C:\Programme\OpenIt\Open It!\openit.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
cui_exe] - C:\Programme\McAfee.com\Agent\mcagent.exe [1278648 2012-09-12] (McAfee, Inc.)
HKLM\...\Run: [ISW] - C:\Programme\CheckPoint\ZAForceField\ForceField.exe [738984 2012-08-30] (Check Point Software Technologies)
HKLM\...\Run: [DWQueuedReporting] - C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe [434080 2011-07-27] (Microsoft Corporation)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [KiesTrayAgent] - C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [KiesPDLR] - C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-11] (Samsung)
HKCU\...\Run: [Samsung Drive Manager] - C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe [5798008 2012-05-11] (Clarus, Inc.)
HKCU\...\Run: [KiesPreload] - C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\Kies.exe [966072 2012-10-11] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\KiesAirMessage.exe [580096 2012-10-09] (Samsung Electronics)
HKCU\...\Run: [] - C:\Dokumente und Einstellungen\Wehkamp\Desktop\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-11] (Samsung)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex [814472 2013-06-18] (Adobe Systems Incorporated)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Programme\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Samsung Drive Manager Real-Time.lnk
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe ()
Startup: C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme\Autostart\Mozilla Firefox.lnk
ShortcutTarget: Mozilla Firefox.lnk -> C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Startup: C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B0C30011D899D044&affID=119357&tt=150713_9127&tsp=4944
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B0C30011D899D044&affID=119357&tt=150713_9127&tsp=4944
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - DefaultScope {275D6EF9-3003-4EAD-B275-10A14013734A} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B0C30011D899D044&affID=119357&tt=150713_9127&tsp=4944
SearchScopes: HKCU - {275D6EF9-3003-4EAD-B275-10A14013734A} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {8EE63F8A-B20F-4D8C-87FD-2BA4D05F8E5F} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2611275
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)
BHO: SuperLyrics - {3F954646-744D-46D8-8E07-AEF2486FAB9F} - C:\Programme\SuperLyrics\sprlrcs.dll (Sven & Yorgen)
BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\ScriptSn.20120701165052.dll (McAfee, Inc.)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Programme\Wajam\IE\priam_bho.dll (Wajam)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Programme\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Programme\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1273263180016
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default
FF user.js: detected! => C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=B0C30011D899D044&affID=119357&tt=150713_9127&tsp=4944
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.spiegel.de
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @checkpoint.com/FFApi - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF Plugin: @mcafee.com/SAFFPlugin - C:\Programme\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\searchplugins\ADelta.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\searchplugins\delta.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF Extension: No Name - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: Babylon - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\ffxtlbr@babylon.com
FF Extension: Delta Toolbar - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\ffxtlbr@delta.com
FF Extension: Facemoods - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\ffxtlbr@Facemoods.com
FF Extension: Microsoft .NET Framework Assistant - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF Extension: searchy - C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Mozilla\Firefox\Profiles\ktylcosq.default\Extensions\searchy@searchy.xpi
FF Extension: Default - C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Programme\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Programme\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] C:\Programme\Gemeinsame Dateien\McAfee\SystemCore
FF Extension: McAfee ScriptScan for Firefox - C:\Programme\Gemeinsame Dateien\McAfee\SystemCore
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Programme\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Programme\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Programme\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [superlrcs@svenyor.net] C:\Programme\SuperLyrics\FF\
FF Extension: No Name - C:\Programme\SuperLyrics\FF\
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] C:\Programme\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: No Name - C:\Programme\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

========================== Services (Whitelisted) =================

R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin)
R2 BrowserDefendert; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 CCALib8; C:\Programme\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.)
S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2011-02-08] (Google)
R2 IswSvc; C:\Programme\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-08-30] (Check Point Software Technologies)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McComponentHostService; C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Programme\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mcshield.exe [200816 2012-07-17] (McAfee, Inc.)
R2 mfefire; C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mfefire.exe [168368 2012-07-17] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [166320 2012-07-17] (McAfee, Inc.)
R2 MOBKbackup; C:\Programme\McAfee Online Backup\MOBKbackup.exe [229688 2010-04-13] (McAfee, Inc.)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-03-10] (Mozilla Foundation)
R2 MSK80Service; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 SZDrvSvc; C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe [19456 2012-05-11] (Clarus, Inc.)
R2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [2445880 2012-08-29] (Check Point Software Technologies LTD)
R2 WajamUpdater; C:\Programme\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)
R2 wsnm; C:\Programme\VMware\VMware View\Client\bin\wsnm.exe [151552 2009-07-02] (VMware, Inc.)
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4022528 2006-10-13] (Realtek Semiconductor Corp.)
R1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60480 2012-07-17] (McAfee, Inc.)
S3 CO_Mon; C:\WINDOWS\system32\Drivers\CO_Mon.sys [34304 2011-09-04] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20032 2011-03-02] (Devguru Co., Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2006-12-28] (AVM GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [146872 2012-04-20] (McAfee, Inc.)
R2 ISWKL; C:\Programme\CheckPoint\ZAForceField\ISWKL.sys [27056 2012-08-30] (Check Point Software Technologies)
S3 L8042PR2; C:\Windows\System32\Drivers\l8042pr2.sys [51729 2003-12-17] (Logitech, Inc.)
S3 LHidUsb; C:\Windows\System32\Drivers\LHidUsb.Sys [37887 2003-12-17] (Logitech, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 mdf16; C:\Programme\Clarus\Samsung Drive Manager\mdf16.sys [18288 2011-03-11] ()
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [127992 2012-07-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [230224 2012-07-17] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [61912 2012-07-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [360792 2012-07-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [554048 2012-07-17] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [92192 2012-07-17] (McAfee, Inc.)
R1 mfetdi2k; C:\Windows\System32\drivers\mfetdi2k.sys [91168 2012-07-17] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [54776 2010-04-13] (Mozy, Inc.)
R3 mvd23; C:\Programme\Clarus\Samsung Drive Manager\mvd23.sys [90944 2011-05-19] ()
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [526640 2012-08-29] (Check Point Software Technologies LTD)
R3 WSUSBDMAN; C:\Windows\System32\DRIVERS\WSUSBDMAN.sys [22016 2009-07-02] (VMware, Inc.)
S4 IntelIde; No ImagePath
U3 mfeavfk01; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-21 23:50 - 2013-07-21 23:50 - 00000000 ____D C:\592c57138d9faba2111d
2013-07-21 23:47 - 2013-07-21 23:47 - 00000000 ____D C:\FRST
2013-07-21 23:45 - 2013-07-21 23:45 - 01219874 _____ (Farbar) C:\Dokumente und Einstellungen\Wehkamp\Desktop\FRST.exe
2013-07-21 23:42 - 2013-07-21 23:42 - 01779363 _____ (Farbar) C:\Dokumente und Einstellungen\Wehkamp\Desktop\FRST64.exe
2013-07-17 23:53 - 2013-07-17 23:53 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Delta
2013-07-15 23:26 - 2013-07-21 23:24 - 00001182 _____ C:\WINDOWS\Tasks\Plus-HD-2.3-codedownloader.job
2013-07-15 23:26 - 2013-07-15 23:26 - 00000000 _____ C:\WINDOWS\system32\TempWmicBatchFile.bat
2013-07-15 23:22 - 2013-07-15 23:22 - 00000000 ____D C:\Programme\Delta
2013-07-15 23:22 - 2013-07-15 23:22 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme\BrowserDefender
2013-07-15 23:22 - 2013-07-15 23:22 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Zip Opener Packages
2013-07-15 23:21 - 2013-07-15 23:21 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme\Wajam
2013-07-15 23:19 - 2013-07-15 23:19 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\BabSolution
2013-07-15 23:18 - 2013-07-21 23:24 - 00001794 _____ C:\WINDOWS\Tasks\Plus-HD-2.3-firefoxinstaller.job
2013-07-15 23:18 - 2013-07-15 23:29 - 00000000 ____D C:\Programme\Plus-HD-2.3
2013-07-15 23:16 - 2013-07-15 23:23 - 00000000 ____D C:\Programme\Wajam
2013-07-15 23:15 - 2013-07-21 23:24 - 00000370 _____ C:\WINDOWS\Tasks\SuperLyrics Update.job
2013-07-15 23:14 - 2013-07-15 23:14 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-15 23:14 - 2013-07-15 23:14 - 00000000 ____D C:\Programme\SuperLyrics
2013-07-15 23:14 - 2013-07-15 23:14 - 00000000 ____D C:\Programme\OpenIt
2013-07-15 23:13 - 2013-07-15 23:13 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\DSite
2013-07-12 00:27 - 2013-07-12 00:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 00:43 - 2013-07-11 00:43 - 00012928 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 00:43 - 2013-07-11 00:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 00:41 - 2013-07-11 00:41 - 00005112 _____ C:\WINDOWS\KB2834904.log
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 00:39 - 2013-07-11 00:41 - 00004936 _____ C:\WINDOWS\KB2834886.log
2013-07-11 00:26 - 2013-07-11 00:44 - 00016671 _____ C:\WINDOWS\KB2850851.log
2013-07-11 00:24 - 2013-07-11 00:43 - 00009454 _____ C:\WINDOWS\KB2845187.log
2013-06-26 22:17 - 2013-07-04 23:37 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-06-24 23:05 - 2013-06-24 23:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2839229$

==================== One Month Modified Files and Folders =======

2013-07-21 23:51 - 2010-05-07 21:57 - 01115015 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-21 23:50 - 2013-07-21 23:50 - 00000000 ____D C:\592c57138d9faba2111d
2013-07-21 23:47 - 2013-07-21 23:47 - 00000000 ____D C:\FRST
2013-07-21 23:45 - 2013-07-21 23:45 - 01219874 _____ (Farbar) C:\Dokumente und Einstellungen\Wehkamp\Desktop\FRST.exe
2013-07-21 23:45 - 2010-05-07 22:03 - 00000000 ___HD C:\Dokumente und Einstellungen\Wehkamp\Desktop
2013-07-21 23:42 - 2013-07-21 23:42 - 01779363 _____ (Farbar) C:\Dokumente und Einstellungen\Wehkamp\Desktop\FRST64.exe
2013-07-21 23:26 - 2013-03-18 23:08 - 00000000 ____D C:\Programme\Mozilla Thunderbird
2013-07-21 23:25 - 2010-04-03 19:22 - 00276202 _____ C:\WINDOWS\system32\NvApps.xml
2013-07-21 23:24 - 2013-07-15 23:26 - 00001182 _____ C:\WINDOWS\Tasks\Plus-HD-2.3-codedownloader.job
2013-07-21 23:24 - 2013-07-15 23:18 - 00001794 _____ C:\WINDOWS\Tasks\Plus-HD-2.3-firefoxinstaller.job
2013-07-21 23:24 - 2013-07-15 23:15 - 00000370 _____ C:\WINDOWS\Tasks\SuperLyrics Update.job
2013-07-21 23:24 - 2011-01-08 15:25 - 00000374 _____ C:\WINDOWS\Tasks\Final Media Player Update Checker.job
2013-07-21 23:24 - 2010-05-07 22:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-07-21 23:24 - 2007-10-29 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-07-21 23:24 - 2006-01-01 01:12 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-07-21 23:24 - 2006-01-01 01:12 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-07-18 00:12 - 2010-05-07 22:01 - 00032510 _____ C:\WINDOWS\SchedLgU.Txt
2013-07-17 23:53 - 2013-07-17 23:53 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Delta
2013-07-17 23:22 - 2012-05-13 12:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-07-17 22:53 - 2011-08-09 23:02 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Eigene Dateien\Mein Steuer-Sparbuch Heute
2013-07-15 23:29 - 2013-07-15 23:18 - 00000000 ____D C:\Programme\Plus-HD-2.3
2013-07-15 23:26 - 2013-07-15 23:26 - 00000000 _____ C:\WINDOWS\system32\TempWmicBatchFile.bat
2013-07-15 23:23 - 2013-07-15 23:16 - 00000000 ____D C:\Programme\Wajam
2013-07-15 23:22 - 2013-07-15 23:22 - 00000000 ____D C:\Programme\Delta
2013-07-15 23:22 - 2013-07-15 23:22 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme\BrowserDefender
2013-07-15 23:22 - 2013-07-15 23:22 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\Zip Opener Packages
2013-07-15 23:22 - 2010-05-07 22:03 - 00000000 __RHD C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme
2013-07-15 23:22 - 2006-01-01 01:10 - 00000000 ___RD C:\Programme
2013-07-15 23:21 - 2013-07-15 23:21 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Startmenü\Programme\Wajam
2013-07-15 23:19 - 2013-07-15 23:19 - 00000000 ____D C:\Dokumente und Einstellungen\Wehkamp\Anwendungsdaten\BabSolution
2013-07-15 23:14 - 2013-07-15 23:14 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-15 23:14 - 2013-07-15 23:14 - 00000000 ____D C:\Programme\SuperLyrics
2013-07-15 23:14 - 2013-07-15 23:14 - 00000000 ____D C:\Programme\OpenIt
2013-07-15 23:14 - 2010-05-07 23:50 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Desktop
2013-07-15 23:13 - 2013-07-15 23:13 - 00000000 ____D C:\Dokumente und Einstellungen\***\Anwendungsdaten\DSite
2013-07-14 23:42 - 2010-05-08 01:26 - 00000138 _____ C:\WINDOWS\ODBC.INI
2013-07-14 23:20 - 2012-05-05 01:31 - 00000000 ____D C:\Programme\McAfee
2013-07-12 00:31 - 2013-07-12 00:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-11 00:54 - 2006-01-01 01:09 - 00173080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 00:44 - 2013-07-11 00:26 - 00016671 _____ C:\WINDOWS\KB2850851.log
2013-07-11 00:44 - 2006-01-01 01:10 - 02064966 _____ C:\WINDOWS\FaxSetup.log
2013-07-11 00:44 - 2006-01-01 01:10 - 01001147 _____ C:\WINDOWS\ocgen.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00951166 _____ C:\WINDOWS\tsoc.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00633244 _____ C:\WINDOWS\msmqinst.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00596125 _____ C:\WINDOWS\comsetup.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00363459 _____ C:\WINDOWS\netfxocm.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00361019 _____ C:\WINDOWS\ntdtcsetup.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00240973 _____ C:\WINDOWS\iis6.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00144640 _____ C:\WINDOWS\MedCtrOC.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00105263 _____ C:\WINDOWS\tabletoc.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00103773 _____ C:\WINDOWS\msgsocm.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00096378 _____ C:\WINDOWS\ocmsn.log
2013-07-11 00:44 - 2006-01-01 01:10 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-11 00:43 - 2013-07-11 00:43 - 00012928 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 00:43 - 2013-07-11 00:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 00:43 - 2013-07-11 00:24 - 00009454 _____ C:\WINDOWS\KB2845187.log
2013-07-11 00:43 - 2010-05-07 22:59 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-11 00:43 - 2010-05-07 22:28 - 00246657 _____ C:\WINDOWS\updspapi.log
2013-07-11 00:43 - 2006-01-01 01:10 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-11 00:41 - 2013-07-11 00:41 - 00005112 _____ C:\WINDOWS\KB2834904.log
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 00:41 - 2013-07-11 00:39 - 00004936 _____ C:\WINDOWS\KB2834886.log
2013-07-11 00:02 - 2006-01-01 02:03 - 00000000 ____D C:\WINDOWS\java
2013-07-10 23:19 - 2013-03-11 00:04 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-10 23:19 - 2012-12-07 22:29 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2013-07-06 23:50 - 2012-04-29 20:38 - 00000000 ____D C:\Programme\Mozilla Maintenance Service
2013-07-04 23:37 - 2013-06-26 22:17 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-06-24 23:05 - 2013-06-24 23:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2839229$
2013-06-24 23:05 - 2013-06-20 21:56 - 00011399 _____ C:\WINDOWS\KB2839229.log
2013-06-24 00:37 - 2010-05-07 22:58 - 75733144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2007-10-29 14:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2007-10-29 14:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2007-10-29 14:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2007-10-29 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2007-10-29 14:00] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2007-10-29 14:00] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2007-10-29 14:00] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Hallo Cosinus, vielen Dank für die Infos. Hatten es mit dem Tool aber irgendwie nicht hinbekommen, jetzt aber endlich erfolgreich geladen bekommen. Die Scan-Auswertung folgt noch, hoffe, das ist so, wie erwartet. Vielen Dank + schönen Gruß roland

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-07-2013
Ran by *** at 2013-07-21 23:52:59
Running from C:\Dokumente und Einstellungen\***\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Amazon MP3-Downloader 1.0.9
Avery Wizard 3.1 (Version: 3.1.5)
AVM FRITZ!WLAN
Babylon toolbar on IE
BrowserDefender
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.5.0.3)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.1.6)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon MP560 series MP Drivers
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Digital Photo Professional 3.11 (Version: 3.11.30.3)
Canon Utilities EOS Sample Music (Version: 1.0.1.1)
Canon Utilities EOS Utility (Version: 2.11.3.0)
Canon Utilities ImageBrowser EX (Version: 1.1.0.18)
Canon Utilities My Printer
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.23.47)
Canon Utilities Picture Style Editor (Version: 1.10.2.0)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Citrix Online Plug-in - Web (Version: 12.0.3.6)
Citrix Online Plug-in (DV) (Version: 12.0.3.6)
Citrix Online Plug-in (HDX) (Version: 12.0.3.6)
Citrix Online Plug-in (USB) (Version: 12.0.3.6)
Citrix Online Plug-in (Web) (Version: 12.0.3.6)
Delta Chrome Toolbar
Delta toolbar   (Version: 1.8.21.5)
Die Sims Deluxe 
Exact Audio Copy 0.99pb5 (Version: 0.99pb5)
Facemoods Toolbar
Final Media Player 2010
FoxTab PDF Converter
Hotfix für Windows Media Player 11 (KB939683)
Hotfix für Windows XP (KB2158563) (Version: 1)
Hotfix für Windows XP (KB2443685) (Version: 1)
Hotfix für Windows XP (KB2570791) (Version: 1)
Hotfix für Windows XP (KB2633952) (Version: 1)
Hotfix für Windows XP (KB2756822) (Version: 1)
Hotfix für Windows XP (KB2779562) (Version: 1)
Hotfix für Windows XP (KB942288-v3) (Version: 3)
Hotfix für Windows XP (KB952287) (Version: 1)
Hotfix für Windows XP (KB961118) (Version: 1)
Hotfix für Windows XP (KB979306) (Version: 1)
Hotfix für Windows XP (KB981793) (Version: 1)
HotPotatoes v 6.3.0.4
Java Auto Updater (Version: 2.0.6.1)
Java(TM) 6 Update 29 (Version: 6.0.290)
Juniper Citrix Services Client (HKCU Version: 7.1.11.21451)
Juniper Networks Host Checker (HKCU Version: 7.1.11.21451)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
Juniper Networks, Inc. Setup Client (HKCU Version: 7.1.10.21853)
Logitech MouseWare 9.79.1 
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Internet Security (Version: 11.6.435)
McAfee Online Backup
McAfee Online Backup (Version: 1.16.4.0)
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
Mozilla Thunderbird 17.0.4 (x86 de) (Version: 17.0.4)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA nView Desktop Manager (Version: 6.14.10.12561)
Open It! (Version: 1.1.1)
PDFCreator (Version: 0.9.9)
pdfsam (HKCU Version: 2.2.0)
Picasa 3 (Version: 3.8)
PixelNet Software 4.12.1 (Version: 4.12.1)
Plus-HD-2.3 (Version: 1.27.153.8)
Realtek AC'97 Audio
Samsung Drive Manager (Version: 1.0.148)
Samsung Kies (Version: 2.0.0.11033_25)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.15.0)
Shared C Run-time for x86 (Version: 10.0.0)
Sicherheitsupdate für Microsoft Windows (KB2564958)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (Version: 1)
Sicherheitsupdate für Windows Media Player (KB2378111)
Sicherheitsupdate für Windows Media Player (KB2834904)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player (KB954155)
Sicherheitsupdate für Windows Media Player (KB968816)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows Media Player (KB975558)
Sicherheitsupdate für Windows Media Player (KB978695)
Sicherheitsupdate für Windows Media Player (KB979402)
Sicherheitsupdate für Windows Media Player 11 (KB954154)
Sicherheitsupdate für Windows XP (KB2079403) (Version: 1)
Sicherheitsupdate für Windows XP (KB2115168) (Version: 1)
Sicherheitsupdate für Windows XP (KB2121546) (Version: 1)
Sicherheitsupdate für Windows XP (KB2160329) (Version: 1)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1)
Sicherheitsupdate für Windows XP (KB2259922) (Version: 1)
Sicherheitsupdate für Windows XP (KB2279986) (Version: 1)
Sicherheitsupdate für Windows XP (KB2286198) (Version: 1)
Sicherheitsupdate für Windows XP (KB2296011) (Version: 1)
Sicherheitsupdate für Windows XP (KB2296199) (Version: 1)
Sicherheitsupdate für Windows XP (KB2347290) (Version: 1)
Sicherheitsupdate für Windows XP (KB2360937) (Version: 1)
Sicherheitsupdate für Windows XP (KB2387149) (Version: 1)
Sicherheitsupdate für Windows XP (KB2393802) (Version: 1)
Sicherheitsupdate für Windows XP (KB2412687) (Version: 1)
Sicherheitsupdate für Windows XP (KB2419632) (Version: 1)
Sicherheitsupdate für Windows XP (KB2423089) (Version: 1)
Sicherheitsupdate für Windows XP (KB2436673) (Version: 1)
Sicherheitsupdate für Windows XP (KB2440591) (Version: 1)
Sicherheitsupdate für Windows XP (KB2443105) (Version: 1)
Sicherheitsupdate für Windows XP (KB2476490) (Version: 1)
Sicherheitsupdate für Windows XP (KB2476687) (Version: 1)
Sicherheitsupdate für Windows XP (KB2478960) (Version: 1)
Sicherheitsupdate für Windows XP (KB2478971) (Version: 1)
Sicherheitsupdate für Windows XP (KB2479628) (Version: 1)
Sicherheitsupdate für Windows XP (KB2479943) (Version: 1)
Sicherheitsupdate für Windows XP (KB2481109) (Version: 1)
Sicherheitsupdate für Windows XP (KB2483185) (Version: 1)
Sicherheitsupdate für Windows XP (KB2485376) (Version: 1)
Sicherheitsupdate für Windows XP (KB2485663) (Version: 1)
Sicherheitsupdate für Windows XP (KB2503658) (Version: 1)
Sicherheitsupdate für Windows XP (KB2503665) (Version: 1)
Sicherheitsupdate für Windows XP (KB2506212) (Version: 1)
Sicherheitsupdate für Windows XP (KB2506223) (Version: 1)
Sicherheitsupdate für Windows XP (KB2507618) (Version: 1)
Sicherheitsupdate für Windows XP (KB2507938) (Version: 1)
Sicherheitsupdate für Windows XP (KB2508272) (Version: 1)
Sicherheitsupdate für Windows XP (KB2508429) (Version: 1)
Sicherheitsupdate für Windows XP (KB2509553) (Version: 1)
Sicherheitsupdate für Windows XP (KB2511455) (Version: 1)
Sicherheitsupdate für Windows XP (KB2524375) (Version: 1)
Sicherheitsupdate für Windows XP (KB2535512) (Version: 1)
Sicherheitsupdate für Windows XP (KB2536276) (Version: 1)
Sicherheitsupdate für Windows XP (KB2536276-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2544893) (Version: 1)
Sicherheitsupdate für Windows XP (KB2544893-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2555917) (Version: 1)
Sicherheitsupdate für Windows XP (KB2562937) (Version: 1)
Sicherheitsupdate für Windows XP (KB2566454) (Version: 1)
Sicherheitsupdate für Windows XP (KB2567053) (Version: 1)
Sicherheitsupdate für Windows XP (KB2567680) (Version: 1)
Sicherheitsupdate für Windows XP (KB2570222) (Version: 1)
Sicherheitsupdate für Windows XP (KB2570947) (Version: 1)
Sicherheitsupdate für Windows XP (KB2584146) (Version: 1)
Sicherheitsupdate für Windows XP (KB2585542) (Version: 1)
Sicherheitsupdate für Windows XP (KB2592799) (Version: 1)
Sicherheitsupdate für Windows XP (KB2598479) (Version: 1)
Sicherheitsupdate für Windows XP (KB2603381) (Version: 1)
Sicherheitsupdate für Windows XP (KB2618451) (Version: 1)
Sicherheitsupdate für Windows XP (KB2619339) (Version: 1)
Sicherheitsupdate für Windows XP (KB2620712) (Version: 1)
Sicherheitsupdate für Windows XP (KB2621440) (Version: 1)
Sicherheitsupdate für Windows XP (KB2624667) (Version: 1)
Sicherheitsupdate für Windows XP (KB2631813) (Version: 1)
Sicherheitsupdate für Windows XP (KB2633171) (Version: 1)
Sicherheitsupdate für Windows XP (KB2639417) (Version: 1)
Sicherheitsupdate für Windows XP (KB2641653) (Version: 1)
Sicherheitsupdate für Windows XP (KB2646524) (Version: 1)
Sicherheitsupdate für Windows XP (KB2647518) (Version: 1)
Sicherheitsupdate für Windows XP (KB2653956) (Version: 1)
Sicherheitsupdate für Windows XP (KB2655992) (Version: 1)
Sicherheitsupdate für Windows XP (KB2659262) (Version: 1)
Sicherheitsupdate für Windows XP (KB2660465) (Version: 1)
Sicherheitsupdate für Windows XP (KB2661637) (Version: 1)
Sicherheitsupdate für Windows XP (KB2676562) (Version: 1)
Sicherheitsupdate für Windows XP (KB2685939) (Version: 1)
Sicherheitsupdate für Windows XP (KB2686509) (Version: 1)
Sicherheitsupdate für Windows XP (KB2691442) (Version: 1)
Sicherheitsupdate für Windows XP (KB2695962) (Version: 1)
Sicherheitsupdate für Windows XP (KB2698365) (Version: 1)
Sicherheitsupdate für Windows XP (KB2705219) (Version: 1)
Sicherheitsupdate für Windows XP (KB2707511) (Version: 1)
Sicherheitsupdate für Windows XP (KB2709162) (Version: 1)
Sicherheitsupdate für Windows XP (KB2712808) (Version: 1)
Sicherheitsupdate für Windows XP (KB2718523) (Version: 1)
Sicherheitsupdate für Windows XP (KB2719985) (Version: 1)
Sicherheitsupdate für Windows XP (KB2723135) (Version: 1)
Sicherheitsupdate für Windows XP (KB2724197) (Version: 1)
Sicherheitsupdate für Windows XP (KB2727528) (Version: 1)
Sicherheitsupdate für Windows XP (KB2731847) (Version: 1)
Sicherheitsupdate für Windows XP (KB2753842) (Version: 1)
Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2757638) (Version: 1)
Sicherheitsupdate für Windows XP (KB2758857) (Version: 1)
Sicherheitsupdate für Windows XP (KB2761226) (Version: 1)
Sicherheitsupdate für Windows XP (KB2770660) (Version: 1)
Sicherheitsupdate für Windows XP (KB2778344) (Version: 1)
Sicherheitsupdate für Windows XP (KB2779030) (Version: 1)
Sicherheitsupdate für Windows XP (KB2780091) (Version: 1)
Sicherheitsupdate für Windows XP (KB2799494) (Version: 1)
Sicherheitsupdate für Windows XP (KB2802968) (Version: 1)
Sicherheitsupdate für Windows XP (KB2807986) (Version: 1)
Sicherheitsupdate für Windows XP (KB2813170) (Version: 1)
Sicherheitsupdate für Windows XP (KB2813345) (Version: 1)
Sicherheitsupdate für Windows XP (KB2820197) (Version: 1)
Sicherheitsupdate für Windows XP (KB2820917) (Version: 1)
Sicherheitsupdate für Windows XP (KB2829361) (Version: 1)
Sicherheitsupdate für Windows XP (KB2834886) (Version: 1)
Sicherheitsupdate für Windows XP (KB2839229) (Version: 1)
Sicherheitsupdate für Windows XP (KB2845187) (Version: 1)
Sicherheitsupdate für Windows XP (KB2850851) (Version: 1)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1)
Sicherheitsupdate für Windows XP (KB923789)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1)
Sicherheitsupdate für Windows XP (KB950760) (Version: 1)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1)
Sicherheitsupdate für Windows XP (KB951066) (Version: 1)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB951748) (Version: 1)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1)
Sicherheitsupdate für Windows XP (KB955069) (Version: 1)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1)
Sicherheitsupdate für Windows XP (KB956744) (Version: 1)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1)
Sicherheitsupdate für Windows XP (KB956803) (Version: 1)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1)
Sicherheitsupdate für Windows XP (KB958644) (Version: 1)
Sicherheitsupdate für Windows XP (KB958869) (Version: 1)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1)
Sicherheitsupdate für Windows XP (KB960225) (Version: 1)
Sicherheitsupdate für Windows XP (KB960803) (Version: 1)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1)
Sicherheitsupdate für Windows XP (KB961501) (Version: 1)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1)
Sicherheitsupdate für Windows XP (KB969947) (Version: 1)
Sicherheitsupdate für Windows XP (KB970238) (Version: 1)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1)
Sicherheitsupdate für Windows XP (KB971468) (Version: 1)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1)
Sicherheitsupdate für Windows XP (KB973354) (Version: 1)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1)
Sicherheitsupdate für Windows XP (KB975561) (Version: 1)
Sicherheitsupdate für Windows XP (KB975562) (Version: 1)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1)
Sicherheitsupdate für Windows XP (KB977816) (Version: 1)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1)
Sicherheitsupdate für Windows XP (KB978037) (Version: 1)
Sicherheitsupdate für Windows XP (KB978262) (Version: 1)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1)
Sicherheitsupdate für Windows XP (KB978601) (Version: 1)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1)
Sicherheitsupdate für Windows XP (KB979559) (Version: 1)
Sicherheitsupdate für Windows XP (KB979683) (Version: 1)
Sicherheitsupdate für Windows XP (KB979687) (Version: 1)
Sicherheitsupdate für Windows XP (KB980195) (Version: 1)
Sicherheitsupdate für Windows XP (KB980218) (Version: 1)
Sicherheitsupdate für Windows XP (KB980232) (Version: 1)
Sicherheitsupdate für Windows XP (KB980436) (Version: 1)
Sicherheitsupdate für Windows XP (KB981322) (Version: 1)
Sicherheitsupdate für Windows XP (KB981852) (Version: 1)
Sicherheitsupdate für Windows XP (KB981957) (Version: 1)
Sicherheitsupdate für Windows XP (KB981997) (Version: 1)
Sicherheitsupdate für Windows XP (KB982132) (Version: 1)
Sicherheitsupdate für Windows XP (KB982214) (Version: 1)
Sicherheitsupdate für Windows XP (KB982665) (Version: 1)
Sicherheitsupdate für Windows XP (KB982802) (Version: 1)
SuperLyrics
Turbo Lister 2 (Version: 2.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Zip Opener
Update für Microsoft Windows (KB971513)
Update für Windows Internet Explorer 8 (KB976662) (Version: 1)
Update für Windows Internet Explorer 8 (KB980182) (Version: 1)
Update für Windows Internet Explorer 8 (KB980302) (Version: 1)
Update für Windows XP (KB2141007) (Version: 1)
Update für Windows XP (KB2345886) (Version: 1)
Update für Windows XP (KB2467659) (Version: 1)
Update für Windows XP (KB2541763) (Version: 1)
Update für Windows XP (KB2607712) (Version: 1)
Update für Windows XP (KB2616676-v2) (Version: 2)
Update für Windows XP (KB2641690) (Version: 1)
Update für Windows XP (KB2661254-v2) (Version: 2)
Update für Windows XP (KB2718704) (Version: 1)
Update für Windows XP (KB2736233) (Version: 1)
Update für Windows XP (KB2749655) (Version: 1)
Update für Windows XP (KB951978) (Version: 1)
Update für Windows XP (KB955759) (Version: 1)
Update für Windows XP (KB967715) (Version: 1)
Update für Windows XP (KB968389) (Version: 1)
Update für Windows XP (KB971029) (Version: 1)
Update für Windows XP (KB971737) (Version: 1)
Update für Windows XP (KB973687) (Version: 1)
Update für Windows XP (KB973815) (Version: 1)
Update für Windows XP (KB980182) (Version: 1)
VC 9.0 Runtime (Version: 1.0.0)
VMware View Client (Version: 3.1.1.1212)
Wajam (Version: 1.80)
WebFldrs XP (Version: 9.50.7523)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows PowerShell(TM) 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031514)
WISO Steuer-Sparbuch 2011 (Version: 18.00.6928)
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303)
Zip Opener Packages
ZoneAlarm Firewall (Version: 10.2.078.000)
ZoneAlarm Free Firewall (Version: 10.2.074.000)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 10.2.078.000)
 

==================== Restore Points  =========================

15-12-2012 00:10:17 Systemprüfpunkt
15-12-2012 00:17:28 Software Distribution Service 3.0
15-12-2012 12:33:57 Software Distribution Service 3.0
15-12-2012 22:31:20 Software Distribution Service 3.0
16-12-2012 00:11:28 Software Distribution Service 3.0
16-12-2012 23:15:32 Software Distribution Service 3.0
17-12-2012 23:22:03 Systemprüfpunkt
17-12-2012 23:31:31 Software Distribution Service 3.0
19-12-2012 23:39:08 Software Distribution Service 3.0
21-12-2012 07:24:38 Systemprüfpunkt
23-12-2012 22:22:27 Software Distribution Service 3.0
23-12-2012 23:14:40 Software Distribution Service 3.0
27-12-2012 22:44:13 Software Distribution Service 3.0
28-12-2012 23:11:17 Software Distribution Service 3.0
29-12-2012 23:14:07 Software Distribution Service 3.0
31-12-2012 07:36:28 Software Distribution Service 3.0
03-01-2013 21:53:05 Software Distribution Service 3.0
03-01-2013 23:28:09 Software Distribution Service 3.0
06-01-2013 23:54:25 Software Distribution Service 3.0
09-01-2013 08:04:56 Systemprüfpunkt
10-01-2013 00:21:10 Software Distribution Service 3.0
13-01-2013 22:33:54 Software Distribution Service 3.0
15-01-2013 18:43:07 Systemprüfpunkt
15-01-2013 21:13:40 Software Distribution Service 3.0
27-01-2013 22:38:58 Software Distribution Service 3.0
31-01-2013 21:50:59 Software Distribution Service 3.0
05-02-2013 22:37:10 Software Distribution Service 3.0
11-02-2013 19:08:36 Software Distribution Service 3.0
15-02-2013 16:41:16 Software Distribution Service 3.0
20-02-2013 21:50:09 Software Distribution Service 3.0
21-02-2013 20:33:29 Software Distribution Service 3.0
26-02-2013 22:01:17 Software Distribution Service 3.0
28-02-2013 21:29:21 Software Distribution Service 3.0
02-03-2013 20:45:02 Software Distribution Service 3.0
04-03-2013 21:50:31 Software Distribution Service 3.0
06-03-2013 21:38:56 Software Distribution Service 3.0
10-03-2013 20:36:01 Software Distribution Service 3.0
13-03-2013 22:41:26 Software Distribution Service 3.0
18-03-2013 21:08:23 Software Distribution Service 3.0
20-03-2013 13:17:26 Software Distribution Service 3.0
31-12-2005 23:20:12 Systemprüfpunkt
01-01-2006 02:00:41 Software Distribution Service 3.0
02-01-2006 02:53:56 Software Distribution Service 3.0
21-03-2013 20:33:42 Software Distribution Service 3.0
31-12-2005 23:18:26 Systemprüfpunkt
01-01-2006 02:00:27 Software Distribution Service 3.0
31-12-2005 23:12:42 Software Distribution Service 3.0
24-05-2013 07:35:20 Software Distribution Service 3.0
30-05-2013 20:38:20 Software Distribution Service 3.0
09-06-2013 20:50:28 Software Distribution Service 3.0
10-06-2013 05:28:31 Software Distribution Service 3.0
18-06-2013 20:43:38 Software Distribution Service 3.0
20-06-2013 19:50:32 Software Distribution Service 3.0
24-06-2013 20:54:17 Software Distribution Service 3.0
26-06-2013 19:17:57 Software Distribution Service 3.0
04-07-2013 21:37:05 Software Distribution Service 3.0
06-07-2013 21:54:01 Software Distribution Service 3.0
10-07-2013 20:56:38 Software Distribution Service 3.0
10-07-2013 22:27:56 Software Distribution Service 3.0
10-07-2013 22:56:41 Software Distribution Service 3.0
11-07-2013 22:12:53 Software Distribution Service 3.0
12-07-2013 20:07:43 Software Distribution Service 3.0
12-07-2013 21:32:16 Software Distribution Service 3.0
14-07-2013 21:01:52 Systemprüfpunkt
15-07-2013 20:37:39 Software Distribution Service 3.0
15-07-2013 23:03:09 Software Distribution Service 3.0
21-07-2013 21:28:26 Software Distribution Service 3.0

==================== Hosts content: ==========================

2007-10-29 14:00 - 2007-10-29 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Final Media Player Update Checker.job => C:\Programme\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\WINDOWS\Tasks\Plus-HD-2.3-codedownloader.job => C:\Programme\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe
Task: C:\WINDOWS\Tasks\Plus-HD-2.3-firefoxinstaller.job => C:\Programme\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe
Task: C:\WINDOWS\Tasks\SuperLyrics Update.job => C:\Programme\SuperLyrics\SuperLyricsUpdater.exe

==================== Faulty Device Manager Devices =============

Name: 1394-Netzwerkadapter
Description: 1394-Netzwerkadapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2013 11:52:57 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2840629, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:51:29 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2804577, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:49:19 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2736416, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:47:15 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2833940, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:37:35 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2844285, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:34:53 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2832411, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:33:26 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2729450, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:30:00 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2789643, P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.

Error: (07/21/2013 11:26:43 PM) (Source: crypt32) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.

Error: (07/21/2013 11:26:42 PM) (Source: crypt32) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.


System errors:
=============
Error: (07/21/2013 11:53:44 PM) (Source: Windows Update Agent) (User: )
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070641 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2007 suites (KB2687499)

Error: (07/21/2013 11:53:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{000C101C-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/21/2013 11:53:06 PM) (Source: Windows Update Agent) (User: )
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 SP1 unter Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2840629)

Error: (07/21/2013 11:52:55 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{000C101C-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/21/2013 11:51:37 PM) (Source: Windows Update Agent) (User: )
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 2.0 SP2 unter Windows Server 2003 und Windows XP x86 (KB2804577)

Error: (07/21/2013 11:51:26 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{000C101C-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/21/2013 11:50:11 PM) (Source: Windows Update Agent) (User: )
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070641 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2007 suites (KB2687311)

Error: (07/21/2013 11:50:06 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{000C101C-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/21/2013 11:49:32 PM) (Source: Windows Update Agent) (User: )
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 SP1 unter Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2736416)

Error: (07/21/2013 11:48:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{000C101C-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Microsoft Office Sessions:
=========================
Error: (12/06/2012 07:49:35 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1269 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/02/2012 02:00:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3438 seconds with 1320 seconds of active time.  This session ended with a crash.

Error: (09/22/2012 11:35:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2144 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (09/02/2012 01:27:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/24/2012 11:52:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14341 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (08/17/2012 07:48:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13715 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (11/24/2011 10:19:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 656 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (09/28/2010 08:23:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14400 seconds with 1320 seconds of active time.  This session ended with a crash.

Error: (09/28/2010 00:30:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34092 seconds with 12180 seconds of active time.  This session ended with a crash.

Error: (09/10/2010 07:06:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9094 seconds with 2940 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 69%
Total physical RAM: 2047.48 MB
Available physical RAM: 625.15 MB
Total Pagefile: 3939.73 MB
Available Pagefile: 2068.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:84.26 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:127.99 GB) (Free:35.45 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 44CF44CE)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149 GB) (Disk ID: C43C40C9)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 22.07.2013, 00:31

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

rwsuchthilfe · 22.07.2013, 22:44

Hallo Cosinus, danke für die Antwort. Habe auf Deinen GMER-Link geklickt, leider lädt der wohl nicht das runter, was er soll.

Nachdem ich nach dem Download die Verbindung getrennt habe und das Programm vom Desktop starte, funktioniert es nicht. Bringt immer folgenden Hinweis: [0248] the connection failed. If you do not have Internet acces at this time, try to complete the installation later....

Da Du extra geschrieben hast, nach Download Internet trennen, bin ich mir jetzt unsicher und warte auf DEine Antwort, schönen Gruß + vielen Dnak rw

cosinus · 22.07.2013, 23:13

Downloade GMER mal von da => Gmer - Download - Filepony

rwsuchthilfe · 24.07.2013, 23:35

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.23.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: *** [administrator]

23.07.2013 23:42:52
mbar-log-2013-07-23 (23-42-52).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 265178
Time elapsed: 1 hour(s), 57 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\is357113909\plus-hd-2-3_DE.exe (Heuristics.Shuriken) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Hallo Cosinus, 1 Fund wurde gelöscht, im zweiten Anlauf hat mbar nichts mehr gefunden. Sicherlich ist es jetzt noch nicht beendet, oder? Warum habe ich eigentlich an den meisten Dateien diese Ausrufezeichen im roten Kreis und was hat das zu bedeuten? Schönen Gruß + Dank Roland

cosinus · 25.07.2013, 04:19

Das ist nur in TMP
Aber ich vermisse das Log von GMER

rwsuchthilfe · 25.07.2013, 20:50

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-23 05:53:40
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 WDC_WD1600JB-00REA0 rev.20.00K20 149,05GB
Running: gmer_2.1.19163.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\ugdyqpoc.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwConnectPort [0xB48062F4]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreateFile [0xB48005CA]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreateKey [0xB481F7E6]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreatePort [0xB4806A80]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreateProcess [0xB481A0B4]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreateProcessEx [0xB481A4A2]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreateSection [0xB4823952]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwCreateWaitablePort [0xB4806BB6]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwDeleteFile [0xB48011E0]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwDeleteKey [0xB4821098]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwDeleteValueKey [0xB4820A0E]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwDuplicateObject [0xB4818FF0]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwLoadDriver [0xB47FBE88]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwLoadKey [0xB48219F0]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwLoadKey2 [0xB4821BF8]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwMapViewOfSection [0xB4823CBA]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwOpenFile [0xB4800DF2]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwOpenProcess [0xB481C3BC]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwOpenThread [0xB481BFE6]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwProtectVirtualMemory [0xB48302F6]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwRenameKey [0xB4822986]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwReplaceKey [0xB48222BC]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwRequestWaitReplyPort [0xB4805EC4]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwRestoreKey [0xB4823358]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSecureConnectPort [0xB480659C]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSetInformationFile [0xB48015A4]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSetInformationObject [0xB48301E2]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSetSecurityObject [0xB4822EC6]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSetSystemInformation [0xB47FB648]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSetValueKey [0xB48201CE]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwSystemDebugControl [0xB481B10A]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwTerminateProcess [0xB481AE86]
SSDT            \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                           ZwUnloadDriver [0xB47FC29C]

Code            mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                    ZwOpenProcess [0xB7E5AEF4]
Code            mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                    ZwOpenThread [0xB7E5AF08]
Code            mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                    NtOpenProcess
Code            mfehidk.sys (McAfee Link Driver/McAfee, Inc.)                                                                                    NtOpenThread

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 24DC                                                                                             80501D38 12 Bytes  [80, 6A, 80, B4, B4, A0, 81, ...]
.text           ntkrnlpa.exe!ZwCallbackReturn + 25A8                                                                                             80501E04 12 Bytes  [88, BE, 7F, B4, F0, 19, 82, ...]
PAGE            ntkrnlpa.exe!NtOpenProcess                                                                                                       805C1512 5 Bytes  JMP B7E5AEF8 mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE            ntkrnlpa.exe!NtOpenThread                                                                                                        805C179E 5 Bytes  JMP B7E5AF0C mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                                         section is writeable [0xB6D9D380, 0x566445, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] ntdll.dll!NtAccessCheckByType                                           7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] ntdll.dll!NtImpersonateClientOfPort                                     7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] ntdll.dll!NtSetInformationProcess                                       7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] kernel32.dll!OpenProcess                                                7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] kernel32.dll!SetUnhandledExceptionFilter                                7C8449CD 5 Bytes  JMP 209F37DD C:\Programme\CheckPoint\ZAForceField\Plugins\ISWDMP.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] ADVAPI32.dll!ImpersonateNamedPipeClient                                 77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] ADVAPI32.dll!SetThreadToken                                             77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\ForceField.exe[168] USER32.dll!DefDlgProcW + 56E                                            7E3742A8 5 Bytes  JMP 20CB9270 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] ntdll.dll!NtAccessCheckByType                                 7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] ntdll.dll!NtImpersonateClientOfPort                           7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] ntdll.dll!NtSetInformationProcess                             7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] kernel32.dll!LoadLibraryA                                     7C801D7B 5 Bytes  JMP 62418360 C:\Programme\Gemeinsame Dateien\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] kernel32.dll!LoadLibraryW                                     7C80AEEB 5 Bytes  JMP 62418460 C:\Programme\Gemeinsame Dateien\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] kernel32.dll!OpenProcess                                      7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] ADVAPI32.dll!ImpersonateNamedPipeClient                       77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] ADVAPI32.dll!SetThreadToken                                   77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] USER32.dll!FindWindowA                                        7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe[204] USER32.dll!FindWindowW                                        7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cidaemon.exe[320] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] ntdll.dll!NtAccessCheckByType                                           7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] ntdll.dll!NtImpersonateClientOfPort                                     7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] ntdll.dll!NtSetInformationProcess                                       7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] kernel32.dll!OpenProcess                                                7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] ADVAPI32.dll!ImpersonateNamedPipeClient                                 77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] ADVAPI32.dll!SetThreadToken                                             77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] USER32.dll!FindWindowA                                                  7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe[408] USER32.dll!FindWindowW                                                  7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] ntdll.dll!NtAccessCheckByType                                                                       7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] ntdll.dll!NtImpersonateClientOfPort                                                                 7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] ntdll.dll!NtSetInformationProcess                                                                   7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] kernel32.dll!OpenProcess                                                                            7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] ADVAPI32.dll!ImpersonateNamedPipeClient                                                             77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] ADVAPI32.dll!SetThreadToken                                                                         77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] USER32.dll!FindWindowA                                                                              7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Explorer.EXE[476] USER32.dll!FindWindowW                                                                              7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] ntdll.dll!NtAccessCheckByType                                                               7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] ntdll.dll!NtImpersonateClientOfPort                                                         7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] ntdll.dll!NtSetInformationProcess                                                           7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] kernel32.dll!OpenProcess                                                                    7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] ADVAPI32.dll!ImpersonateNamedPipeClient                                                     77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] ADVAPI32.dll!SetThreadToken                                                                 77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] USER32.dll!FindWindowA                                                                      7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\mfevtps.exe[700] USER32.dll!FindWindowW                                                                      7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] ntdll.dll!NtAccessCheckByType                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] ntdll.dll!NtImpersonateClientOfPort                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] ntdll.dll!NtSetInformationProcess                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] kernel32.dll!OpenProcess                                       7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] ADVAPI32.dll!ImpersonateNamedPipeClient                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] ADVAPI32.dll!SetThreadToken                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] USER32.dll!FindWindowA                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe[704] USER32.dll!FindWindowW                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\winlogon.exe[780] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\services.exe[824] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] ntdll.dll!NtAccessCheckByType                                                                 7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] ntdll.dll!NtImpersonateClientOfPort                                                           7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] ntdll.dll!NtSetInformationProcess                                                             7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] ADVAPI32.dll!ImpersonateNamedPipeClient                                                       77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] ADVAPI32.dll!SetThreadToken                                                                   77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] USER32.dll!FindWindowA                                                                        7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\lsass.exe[836] USER32.dll!FindWindowW                                                                        7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] ntdll.dll!NtAccessCheckByType                                                               7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] ntdll.dll!NtImpersonateClientOfPort                                                         7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] ntdll.dll!NtSetInformationProcess                                                           7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] kernel32.dll!OpenProcess                                                                    7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] ADVAPI32.dll!ImpersonateNamedPipeClient                                                     77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] ADVAPI32.dll!SetThreadToken                                                                 77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] USER32.dll!FindWindowA                                                                      7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\nvsvc32.exe[992] USER32.dll!FindWindowW                                                                      7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] ntdll.dll!NtAccessCheckByType                                             7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] ntdll.dll!NtImpersonateClientOfPort                                       7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] ntdll.dll!NtSetInformationProcess                                         7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] kernel32.dll!OpenProcess                                                  7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] ADVAPI32.dll!ImpersonateNamedPipeClient                                   77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] ADVAPI32.dll!SetThreadToken                                               77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] USER32.dll!FindWindowA                                                    7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Online Backup\MOBKbackup.exe[1076] USER32.dll!FindWindowW                                                    7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1092] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\svchost.exe[1188] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] ntdll.dll!NtAccessCheckByType                                                               7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] ntdll.dll!NtImpersonateClientOfPort                                                         7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] ntdll.dll!NtSetInformationProcess                                                           7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] kernel32.dll!OpenProcess                                                                    7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] ADVAPI32.dll!ImpersonateNamedPipeClient                                                     77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] ADVAPI32.dll!SetThreadToken                                                                 77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] USER32.dll!FindWindowA                                                                      7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\ctfmon.exe[1316] USER32.dll!FindWindowW                                                                      7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1352] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] ntdll.dll!NtAccessCheckByType                                                                      7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] ntdll.dll!NtImpersonateClientOfPort                                                                7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] ntdll.dll!NtSetInformationProcess                                                                  7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] kernel32.dll!OpenProcess                                                                           7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] USER32.dll!FindWindowA                                                                             7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] USER32.dll!FindWindowW                                                                             7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] ADVAPI32.dll!ImpersonateNamedPipeClient                                                            77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\SOUNDMAN.EXE[1360] ADVAPI32.dll!SetThreadToken                                                                        77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1468] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] ntdll.dll!NtAccessCheckByType                                                 7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] ntdll.dll!NtImpersonateClientOfPort                                           7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] ntdll.dll!NtSetInformationProcess                                             7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] kernel32.dll!OpenProcess                                                      7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] ADVAPI32.dll!ImpersonateNamedPipeClient                                       77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] ADVAPI32.dll!SetThreadToken                                                   77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] USER32.dll!FindWindowA                                                        7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\WlanNetService.exe[1596] USER32.dll!FindWindowW                                                        7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] ntdll.dll!NtAccessCheckByType                                                                7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] ntdll.dll!NtImpersonateClientOfPort                                                          7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] ntdll.dll!NtSetInformationProcess                                                            7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] kernel32.dll!OpenProcess                                                                     7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] USER32.dll!FindWindowA                                                                       7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] USER32.dll!FindWindowW                                                                       7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] ADVAPI32.dll!ImpersonateNamedPipeClient                                                      77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\cisvc.exe[1640] ADVAPI32.dll!SetThreadToken                                                                  77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\IswSvc.exe[1724] kernel32.dll!OpenProcess                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZAForceField\IswSvc.exe[1724] USER32.dll!DefDlgProcW + 56E                                               7E3742A8 5 Bytes  JMP 20CB9270 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\spoolsv.exe[1784] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\svchost.exe[1832] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] ntdll.dll!NtAccessCheckByType                                                           7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] ntdll.dll!NtImpersonateClientOfPort                                                     7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] ntdll.dll!NtSetInformationProcess                                                       7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] kernel32.dll!OpenProcess                                                                7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] ADVAPI32.dll!ImpersonateNamedPipeClient                                                 77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] ADVAPI32.dll!SetThreadToken                                                             77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] USER32.dll!FindWindowA                                                                  7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Java\jre6\bin\jqs.exe[1848] USER32.dll!FindWindowW                                                                  7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] ntdll.dll!NtAccessCheckByType                                    7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] ntdll.dll!NtImpersonateClientOfPort                              7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] ntdll.dll!NtSetInformationProcess                                7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] kernel32.dll!OpenProcess                                         7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] ADVAPI32.dll!ImpersonateNamedPipeClient                          77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] ADVAPI32.dll!SetThreadToken                                      77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] USER32.dll!FindWindowA                                           7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe[1920] USER32.dll!FindWindowW                                           7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] ntdll.dll!NtAccessCheckByType                                      7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] ntdll.dll!NtImpersonateClientOfPort                                7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] ntdll.dll!NtSetInformationProcess                                  7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] kernel32.dll!OpenProcess                                           7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] ADVAPI32.dll!ImpersonateNamedPipeClient                            77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] ADVAPI32.dll!SetThreadToken                                        77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] USER32.dll!FindWindowA                                             7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe[1992] USER32.dll!FindWindowW                                             7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] ntdll.dll!NtAccessCheckByType                                       7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] ntdll.dll!NtImpersonateClientOfPort                                 7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] ntdll.dll!NtSetInformationProcess                                   7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] kernel32.dll!OpenProcess                                            7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] ADVAPI32.dll!ImpersonateNamedPipeClient                             77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] ADVAPI32.dll!SetThreadToken                                         77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] USER32.dll!FindWindowA                                              7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2016] USER32.dll!FindWindowW                                              7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] ntdll.dll!NtAccessCheckByType                                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] ntdll.dll!NtImpersonateClientOfPort                                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] ntdll.dll!NtSetInformationProcess                                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] kernel32.dll!OpenProcess                                                       7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] USER32.dll!FindWindowA                                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] USER32.dll!FindWindowW                                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] ADVAPI32.dll!ImpersonateNamedPipeClient                                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Wajam\Updater\WajamUpdater.exe[2192] ADVAPI32.dll!SetThreadToken                                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\taskmgr.exe[2220] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] ntdll.dll!NtAccessCheckByType                                          7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] ntdll.dll!NtImpersonateClientOfPort                                    7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] ntdll.dll!NtSetInformationProcess                                      7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] kernel32.dll!OpenProcess                                               7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] USER32.dll!FindWindowA                                                 7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] USER32.dll!FindWindowW                                                 7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] ADVAPI32.dll!ImpersonateNamedPipeClient                                77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\VMware\VMware View\Client\bin\wsnm.exe[2240] ADVAPI32.dll!SetThreadToken                                            77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] ntdll.dll!NtAccessCheckByType                               7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] ntdll.dll!NtImpersonateClientOfPort                         7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] ntdll.dll!NtSetInformationProcess                           7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] kernel32.dll!OpenProcess                                    7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] ADVAPI32.dll!ImpersonateNamedPipeClient                     77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] ADVAPI32.dll!SetThreadToken                                 77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] USER32.dll!FindWindowA                                      7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mcshield.exe[2308] USER32.dll!FindWindowW                                      7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] ntdll.dll!NtAccessCheckByType                                7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] ntdll.dll!NtImpersonateClientOfPort                          7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] ntdll.dll!NtSetInformationProcess                            7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] kernel32.dll!OpenProcess                                     7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] ADVAPI32.dll!ImpersonateNamedPipeClient                      77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] ADVAPI32.dll!SetThreadToken                                  77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] USER32.dll!FindWindowA                                       7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\mfefire.exe[2372] USER32.dll!FindWindowW                                       7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] ntdll.dll!NtAccessCheckByType                                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] ntdll.dll!NtImpersonateClientOfPort                                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] ntdll.dll!NtSetInformationProcess                                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] kernel32.dll!OpenProcess                                                       7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] USER32.dll!FindWindowA                                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] USER32.dll!FindWindowW                                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] ADVAPI32.dll!ImpersonateNamedPipeClient                                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\wfcrun32.exe[2652] ADVAPI32.dll!SetThreadToken                                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] ntdll.dll!NtAccessCheckByType                                                     7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] ntdll.dll!NtImpersonateClientOfPort                                               7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] ntdll.dll!NtSetInformationProcess                                                 7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] kernel32.dll!OpenProcess                                                          7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] USER32.dll!FindWindowA                                                            7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] USER32.dll!FindWindowW                                                            7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] ADVAPI32.dll!ImpersonateNamedPipeClient                                           77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\MyPrinter\BJMyPrt.exe[2892] ADVAPI32.dll!SetThreadToken                                                       77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] ntdll.dll!NtAccessCheckByType                                                 7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] ntdll.dll!NtImpersonateClientOfPort                                           7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] ntdll.dll!NtSetInformationProcess                                             7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] kernel32.dll!OpenProcess                                                      7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] ADVAPI32.dll!ImpersonateNamedPipeClient                                       77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] ADVAPI32.dll!SetThreadToken                                                   77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] USER32.dll!FindWindowA                                                        7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\CheckPoint\ZoneAlarm\zatray.exe[2992] USER32.dll!FindWindowW                                                        7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] ntdll.dll!NtAccessCheckByType                                                                      7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] ntdll.dll!NtImpersonateClientOfPort                                                                7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] ntdll.dll!NtSetInformationProcess                                                                  7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] kernel32.dll!OpenProcess                                                                           7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] USER32.dll!FindWindowA                                                                             7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] USER32.dll!FindWindowW                                                                             7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] ADVAPI32.dll!ImpersonateNamedPipeClient                                                            77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\Logi_MwX.Exe[3084] ADVAPI32.dll!SetThreadToken                                                                        77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] ntdll.dll!NtAccessCheckByType                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] ntdll.dll!NtImpersonateClientOfPort                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] ntdll.dll!NtSetInformationProcess                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] kernel32.dll!OpenProcess                                       7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] USER32.dll!FindWindowA                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] USER32.dll!FindWindowW                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] ADVAPI32.dll!ImpersonateNamedPipeClient                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\Drive Manager.exe[3112] ADVAPI32.dll!SetThreadToken                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] ntdll.dll!NtAccessCheckByType                                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] ntdll.dll!NtImpersonateClientOfPort                                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] ntdll.dll!NtSetInformationProcess                                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] kernel32.dll!OpenProcess                                                       7C813499 5 Bytes  JMP 20CB846C
Rest in Teil 2 wg. Größe

rwsuchthilfe · 25.07.2013, 20:52

Code:

ATTFilter

Teil 2:
C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] ADVAPI32.dll!ImpersonateNamedPipeClient                                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] ADVAPI32.dll!SetThreadToken                                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] USER32.dll!FindWindowA                                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\avmwlanstick\FRITZWLANMini.exe[3220] USER32.dll!FindWindowW                                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] ntdll.dll!NtAccessCheckByType            7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] ntdll.dll!NtImpersonateClientOfPort      7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] ntdll.dll!NtSetInformationProcess        7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] kernel32.dll!OpenProcess                 7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] USER32.dll!FindWindowA                   7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] USER32.dll!FindWindowW                   7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] ADVAPI32.dll!ImpersonateNamedPipeClient  77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           D:\Dokumente und Einstellungen\Roland\Eigene Dateien\Sparbuch\2012\mshaktuell.exe[3248] ADVAPI32.dll!SetThreadToken              77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] ntdll.dll!NtAccessCheckByType                                        7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] ntdll.dll!NtImpersonateClientOfPort                                  7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] ntdll.dll!NtSetInformationProcess                                    7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] kernel32.dll!OpenProcess                                             7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] ADVAPI32.dll!ImpersonateNamedPipeClient                              77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] ADVAPI32.dll!SetThreadToken                                          77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] USER32.dll!FindWindowA                                               7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\ABRTMon.exe[3356] USER32.dll!FindWindowW                                               7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] ntdll.dll!NtAccessCheckByType                                                            7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] ntdll.dll!NtImpersonateClientOfPort                                                      7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] ntdll.dll!NtSetInformationProcess                                                        7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] kernel32.dll!OpenProcess                                                                 7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] ADVAPI32.dll!ImpersonateNamedPipeClient                                                  77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] ADVAPI32.dll!SetThreadToken                                                              77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] USER32.dll!FindWindowA                                                                   7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Messenger\msmsgs.exe[3392] USER32.dll!FindWindowW                                                                   7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] ntdll.dll!NtAccessCheckByType                                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] ntdll.dll!NtImpersonateClientOfPort                                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] ntdll.dll!NtSetInformationProcess                                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] kernel32.dll!OpenProcess                                                       7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] USER32.dll!FindWindowA                                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] USER32.dll!FindWindowW                                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] ADVAPI32.dll!ImpersonateNamedPipeClient                                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Citrix\ICA Client\concentr.exe[3468] ADVAPI32.dll!SetThreadToken                                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] ntdll.dll!NtAccessCheckByType                                                                  7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] ntdll.dll!NtImpersonateClientOfPort                                                            7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] ntdll.dll!NtSetInformationProcess                                                              7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] kernel32.dll!OpenProcess                                                                       7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] USER32.dll!FindWindowA                                                                         7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] USER32.dll!FindWindowW                                                                         7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] ADVAPI32.dll!ImpersonateNamedPipeClient                                                        77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\System32\alg.exe[3508] ADVAPI32.dll!SetThreadToken                                                                    77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] ntdll.dll!NtAccessCheckByType                                                           7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] ntdll.dll!NtImpersonateClientOfPort                                                     7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] ntdll.dll!NtSetInformationProcess                                                       7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] kernel32.dll!OpenProcess                                                                7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] ADVAPI32.dll!ImpersonateNamedPipeClient                                                 77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] ADVAPI32.dll!SetThreadToken                                                             77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] USER32.dll!FindWindowA                                                                  7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Canon\CAL\CALMAIN.exe[3568] USER32.dll!FindWindowW                                                                  7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] ntdll.dll!NtAccessCheckByType                                                             7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] ntdll.dll!NtImpersonateClientOfPort                                                       7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] ntdll.dll!NtSetInformationProcess                                                         7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] kernel32.dll!OpenProcess                                                                  7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] USER32.dll!FindWindowA                                                                    7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] USER32.dll!FindWindowW                                                                    7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] ADVAPI32.dll!ImpersonateNamedPipeClient                                                   77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\rundll32.exe[3668] ADVAPI32.dll!SetThreadToken                                                               77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] ntdll.dll!NtAccessCheckByType                                    7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] ntdll.dll!NtImpersonateClientOfPort                              7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] ntdll.dll!NtSetInformationProcess                                7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] kernel32.dll!OpenProcess                                         7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] USER32.dll!FindWindowA                                           7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] USER32.dll!FindWindowW                                           7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] ADVAPI32.dll!ImpersonateNamedPipeClient                          77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe[3676] ADVAPI32.dll!SetThreadToken                                      77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] ntdll.dll!NtAccessCheckByType                                          7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] ntdll.dll!NtImpersonateClientOfPort                                    7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] ntdll.dll!NtSetInformationProcess                                      7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] kernel32.dll!OpenProcess                                               7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] USER32.dll!FindWindowA                                                 7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] USER32.dll!FindWindowW                                                 7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] ADVAPI32.dll!ImpersonateNamedPipeClient                                77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE[3712] ADVAPI32.dll!SetThreadToken                                            77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] ntdll.dll!NtAccessCheckByType                        7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] ntdll.dll!NtImpersonateClientOfPort                  7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] ntdll.dll!NtSetInformationProcess                    7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] kernel32.dll!OpenProcess                             7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] USER32.dll!FindWindowA                               7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] USER32.dll!FindWindowW                               7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] ADVAPI32.dll!ImpersonateNamedPipeClient              77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\Kies\KiesTrayAgent.exe[3720] ADVAPI32.dll!SetThreadToken                          77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] ntdll.dll!NtAccessCheckByType                                 7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] ntdll.dll!NtImpersonateClientOfPort                           7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] ntdll.dll!NtSetInformationProcess                             7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] kernel32.dll!OpenProcess                                      7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] ADVAPI32.dll!ImpersonateNamedPipeClient                       77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] ADVAPI32.dll!SetThreadToken                                   77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] USER32.dll!FindWindowA                                        7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[3836] USER32.dll!FindWindowW                                        7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] ntdll.dll!NtAccessCheckByType                                                             7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] ntdll.dll!NtImpersonateClientOfPort                                                       7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] ntdll.dll!NtSetInformationProcess                                                         7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] kernel32.dll!OpenProcess                                                                  7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] USER32.dll!FindWindowA                                                                    7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] USER32.dll!FindWindowW                                                                    7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!ImpersonateNamedPipeClient                                                   77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\RUNDLL32.EXE[3844] ADVAPI32.dll!SetThreadToken                                                               77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] ntdll.dll!NtAccessCheckByType                                       7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] ntdll.dll!NtImpersonateClientOfPort                                 7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] ntdll.dll!NtSetInformationProcess                                   7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] kernel32.dll!OpenProcess                                            7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] USER32.dll!FindWindowA                                              7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] USER32.dll!FindWindowW                                              7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] ADVAPI32.dll!ImpersonateNamedPipeClient                             77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\Clarus\Samsung Drive Manager\SZDrvMon.exe[3968] ADVAPI32.dll!SetThreadToken                                         77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wscntfy.exe[4116] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] ntdll.dll!NtAccessCheckByType                                                              7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] ntdll.dll!NtImpersonateClientOfPort                                                        7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] ntdll.dll!NtSetInformationProcess                                                          7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] kernel32.dll!OpenProcess                                                                   7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] ADVAPI32.dll!ImpersonateNamedPipeClient                                                    77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] ADVAPI32.dll!SetThreadToken                                                                77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] USER32.dll!FindWindowA                                                                     7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\WINDOWS\system32\wuauclt.exe[4204] USER32.dll!FindWindowW                                                                     7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] ntdll.dll!NtAccessCheckByType                            7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] ntdll.dll!NtImpersonateClientOfPort                      7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] ntdll.dll!NtSetInformationProcess                        7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] kernel32.dll!OpenProcess                                 7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] USER32.dll!FindWindowA                                   7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] USER32.dll!FindWindowW                                   7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] ADVAPI32.dll!ImpersonateNamedPipeClient                  77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Dokumente und Einstellungen\***\Desktop\gmer_2.1.19163.exe[4396] ADVAPI32.dll!SetThreadToken                              77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] ntdll.dll!NtAccessCheckByType                                                    7C91CE8E 5 Bytes  JMP 20CB8791 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] ntdll.dll!NtImpersonateClientOfPort                                              7C91D3FE 5 Bytes  JMP 20CB8D58 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] ntdll.dll!NtSetInformationProcess                                                7C91DC9E 5 Bytes  JMP 20CB89AB C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] kernel32.dll!OpenProcess                                                         7C813499 5 Bytes  JMP 20CB846C C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] ADVAPI32.dll!ImpersonateNamedPipeClient                                          77DA7426 5 Bytes  JMP 20CB8E5D C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] ADVAPI32.dll!SetThreadToken                                                      77DAF193 5 Bytes  JMP 20CB9036 C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] USER32.dll!FindWindowA                                                           7E3782E1 5 Bytes  JMP 20CB828F C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text           C:\Programme\McAfee.com\Agent\mcagent.exe[4940] USER32.dll!FindWindowW                                                           7E37C9C3 5 Bytes  JMP 20CB825A C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                           mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                           MOBK.sys (Mozy Change Monitor Filter Driver/Mozy, Inc.)

Device          \Driver\Tcpip \Device\Ip                                                                                                         vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                         mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

Device          \Driver\Tcpip \Device\Tcp                                                                                                        vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                        mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

Device          \Driver\Tcpip \Device\Udp                                                                                                        vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                        mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

Device          \Driver\Tcpip \Device\RawIp                                                                                                      vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                      mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

Device          \Driver\Tcpip \Device\IPMULTICAST                                                                                                vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

---- EOF - GMER 2.1 ----

cosinus · 25.07.2013, 21:08

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

rwsuchthilfe · 25.07.2013, 22:45

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Microsoft Windows XP x86
Ran by *** on 25.07.2013 at 23:09:09,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] wajamupdater 
Successfully deleted: [Service] wajamupdater 
Successfully stopped: [Service] webcake desktop updater 
Successfully deleted: [Service] webcake desktop updater 



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{39cb8175-e224-4446-8746-00566302df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4d076ab4-7562-427a-b5d2-bd96e19dee56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{261dd098-8a3e-43d4-87aa-63324fa897d8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{291bccc1-6890-484a-89d3-318c928dac1b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4fcb4630-2a1c-4aa1-b422-345e8dc8a6de}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{826d7151-8d99-434b-8540-082b8c2ae556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{86838207-681d-469d-9511-d0dcc6f19f9b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{98889811-442d-49dd-99d7-dc866be87dbc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b8276a94-891d-453c-9ff3-715c042a2575}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{c1af5fa5-852c-4c90-812e-a7f75e011d87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{df84e609-c3a4-49cb-a160-61767daf8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e97a663b-81a6-49c5-a6d3-bcb05ba1de26}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{ffb9adcb-8c79-4c29-81d3-74d46a93d370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{44c3c1db-2127-433c-98ec-4c9412b5fc3a}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{4d5132dd-bb2b-4249-b5e0-d145a8c982e1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{706d4a4b-184a-4434-b331-296b07493d2d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{8be10f21-185f-4ca0-b789-9921674c3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{94c0b25d-3359-4b10-b227-f96a77db773f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{b0b75fba-7288-4fd3-a9eb-7ee27fa65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{b173667f-8395-4317-8dd6-45ad1fe00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{b32672b3-f656-46e0-b584-fe61c0bb6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{bfe569f7-646c-4512-969b-9be3e580d393}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c2434722-5c85-4ca0-ba69-1b67e7ab3d68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c2996524-2187-441f-a398-cd6cb6b3d020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{e047e227-5342-4d94-80f7-cfb154bf55bd}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{e3f79be9-24d4-4f4d-8c13-df2c9899f82e}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{e77eef95-3e83-4bb8-9c0d-4a5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{11549fe4-7c5a-4c17-9fc3-56fc5162a994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{39cb8175-e224-4446-8746-00566302df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{6e8bf012-2c85-4834-b10a-1b31af173d70}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\crossrider
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{98889811-442d-49dd-99d7-dc866be87dbc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{98889811-442d-49dd-99d7-dc866be87dbc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{c1af5fa5-852c-4c90-812e-a7f75e011d87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.escrtsrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.escrtsrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.xtrnl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.xtrnl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2611275
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F954646-744D-46D8-8E07-AEF2486FAB9F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}



~~~ Files

Successfully deleted: [File] C:\WINDOWS\tasks\SuperLyrics Update.job
Successfully deleted: [File] C:\WINDOWS\prefetch\SUPERLYRICSUPDATER.EXE-14CB5BE9.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\***\Anwendungsdaten\babylon"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\***\Anwendungsdaten\babylontoolbar"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\***\Anwendungsdaten\delta"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\***\Anwendungsdaten\dsite"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\***\Anwendungsdaten\facemoods.com"
Successfully deleted: [Folder] "C:\Programme\babylontoolbar"
Successfully deleted: [Folder] "C:\Programme\delta"
Successfully deleted: [Folder] "C:\Programme\facemoods.com"
Successfully deleted: [Folder] "C:\Programme\superlyrics"
Successfully deleted: [Folder] "C:\Programme\wajam"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.07.2013 at 23:18:12,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 25.07.2013, 22:50

Was ist mit den anderen Logs?

22.07.2013, 23:13	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	dealply.exe / Rechner langsam / Windows-Update funktioniert nicht Downloade GMER mal von da => Gmer - Download - Filepony __________________ Logfiles bitte immer in CODE-Tags posten

25.07.2013, 04:19	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	dealply.exe / Rechner langsam / Windows-Update funktioniert nicht Das ist nur in TMP Aber ich vermisse das Log von GMER __________________ Logfiles bitte immer in CODE-Tags posten

25.07.2013, 22:50	#15
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	dealply.exe / Rechner langsam / Windows-Update funktioniert nicht Was ist mit den anderen Logs? __________________ Logfiles bitte immer in CODE-Tags posten

dealply.exe / Rechner langsam / Windows-Update funktioniert nicht

Log-Analyse und Auswertung: dealply.exe / Rechner langsam / Windows-Update funktioniert nicht