Interpol-Trojaner (ukash) auf Windows XP-Rechner (32Bit)

Telepolis · 05.07.2014, 14:51

Code:

ATTFilter

ComboFix 14-07-03.01 - Administrator 05.07.2014  15:19:32.1.1 - x86
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system\WINSPOOL.DRV
.
c:\windows\system32\msgsvc.dll . . . ist infiziert!!
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-05 bis 2014-07-05  ))))))))))))))))))))))))))))))
.
.
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2002-12-31 110592]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
"WinampAgent"="c:\programme\Winamp\winampa.exe" [2007-10-10 36352]
"F-Secure Manager"="c:\programme\upc-cablecom security package\Common\FSM32.EXE" [2011-01-05 201384]
"F-Secure TNB"="c:\programme\upc-cablecom security package\FSGUI\TNBUtil.exe" [2011-01-05 1655464]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360]
.
c:\dokumente und einstellungen\Administrator\Startmenü\Programme\Autostart\
MyPC Backup.lnk - c:\_otl\MovedFiles\03102006_033854\C_Programme\MyPC Backup\MyPC Backup.exe [2013-9-20 1953320]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programme\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Programme\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30.05.2007 04:40 44240]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [30.05.2007 04:40 82120]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\programme\upc-cablecom security package\HIPS\drivers\fshs.sys [30.05.2007 04:39 70184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\programme\upc-cablecom security package\Anti-Virus\minifilter\fsgk.sys [30.05.2007 04:38 145856]
R3 FSORSPClient;F-Secure ORSP Client;c:\programme\upc-cablecom security package\ORSP Client\fsorsp.exe [30.05.2007 04:39 60352]
S2 BackupStack;Computer Backup (MyPC Backup);c:\programme\MyPC Backup\BackupStack.exe --> c:\programme\MyPC Backup\BackupStack.exe [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\programme\upc-cablecom security package\Anti-Virus\win2k\fsfilter.sys [30.05.2007 04:38 41896]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\programme\upc-cablecom security package\Anti-Virus\win2k\fsrec.sys [30.05.2007 04:38 27304]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2006-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 23:06]
.
2014-07-05 c:\windows\Tasks\User_Feed_Synchronization-{C2C6DB0C-E283-436B-94EE-42B51AF3DFB4}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
2013-08-03 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2013-03-09 21:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.google.ch/
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: c:\programme\upc-cablecom security package\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-07-05 15:31
Windows 5.1.2600 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1547161642-764733703-1343024091-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,0e,c9,e7,6d,a4,e4,4e,a8,b1,10,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,0e,c9,e7,6d,a4,e4,4e,a8,b1,10,\
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(904)
c:\programme\upc-cablecom security package\FSPS\program\FSLSP.DLL
.
- - - - - - - > 'explorer.exe'(352)
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\upc-cablecom security package\Anti-Virus\fsgk32st.exe
c:\programme\upc-cablecom security package\Common\FSMA32.EXE
c:\programme\upc-cablecom security package\Anti-Virus\FSGK32.EXE
c:\programme\upc-cablecom security package\Common\FSHDLL32.EXE
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\rundll32.exe
c:\programme\upc-cablecom security package\Anti-Virus\fssm32.exe
c:\programme\upc-cablecom security package\FWES\Program\fsdfwd.exe
c:\programme\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programme\upc-cablecom security package\Anti-Virus\fsav32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-05  15:37:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-05 13:37
.
Vor Suchlauf: 10 Verzeichnis(se), 48'667'291'648 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 48'693'858'304 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 9BD74C22EAC3D62045186B26BD4C7CB8
72B8CE41AF0DE751C946802B3ED844B4

Zitat:

Zitat von schrauber

Wundert dich noch irgendwas??

Warum ignorierst du seit 10 Jahren oder so WIndows Updates? Trittst du gerne als Malware Schleuder im Netz auf? Oder einfach nur Spass dran dein Geld online zu verschenken?

Wie eingangs bereits erwähnt, handelt es sich hierbei nicht um meinen Laptop. Es ist der meines Vaters, der ihn wohl 2x jährlich benutzt und in seinem fortgeschrittenen Alter leider mit Computer nicht wirklich zurechtkommt. Mich überraschen die mangelnden Updates nicht - Ich werde ihn explizit darauf aufmerksam machen und die Updates ggf. selbst durchführen.

schrauber · 06.07.2014, 11:01

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

S2 winmgmt; C:\DOKUME~1\ALLUSE~1\ANWEND~1\v03iqml.cpp [X]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Combofix löschen, neu laden, bitte nochmal laufen lassen.

Telepolis · 06.07.2014, 13:15

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:03-07-2014
Ran by Administrator at 2014-07-06 13:40:37 Run:1
Running from C:\FRST
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
S2 winmgmt; C:\DOKUME~1\ALLUSE~1\ANWEND~1\v03iqml.cpp [X]
*****************

winmgmt => Service restored successfully.


The system needed a reboot. 

==== End of Fixlog ====

Code:

ATTFilter

ComboFix 14-07-03.01 - Administrator 06.07.2014  14:00:42.2.1 - x86
Microsoft Windows XP Professional  5.1.2600.2.1252.41.1031.18.510.278 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infizierte Kopie von c:\windows\system32\msgsvc.dll wurde gefunden und desinfiziert 
Kopie von - c:\windows\erdnt\cache\msgsvc.dll wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-06 bis 2014-07-06  ))))))))))))))))))))))))))))))
.
.
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2002-12-31 110592]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
"WinampAgent"="c:\programme\Winamp\winampa.exe" [2007-10-10 36352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360]
.
c:\dokumente und einstellungen\Administrator\Startmenü\Programme\Autostart\
MyPC Backup.lnk - c:\_otl\MovedFiles\03102006_033854\C_Programme\MyPC Backup\MyPC Backup.exe [2013-9-20 1953320]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programme\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Programme\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
.
S2 BackupStack;Computer Backup (MyPC Backup);c:\programme\MyPC Backup\BackupStack.exe --> c:\programme\MyPC Backup\BackupStack.exe [?]
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 23:06]
.
2014-07-06 c:\windows\Tasks\User_Feed_Synchronization-{C2C6DB0C-E283-436B-94EE-42B51AF3DFB4}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
2014-07-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2013-03-09 21:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.google.ch/
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-07-06 14:11
Windows 5.1.2600 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1547161642-764733703-1343024091-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,0e,c9,e7,6d,a4,e4,4e,a8,b1,10,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,0e,c9,e7,6d,a4,e4,4e,a8,b1,10,\
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(2712)
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\igfxsrvc.exe
c:\programme\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-06  14:14:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-06 12:14
ComboFix2.txt  2014-07-05 13:37
.
Vor Suchlauf: 12 Verzeichnis(se), 49'575'481'344 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 49'569'128'448 Bytes frei
.
- - End Of File - - 632AE4A0AB780BEA3897DAEE5B91A412
72B8CE41AF0DE751C946802B3ED844B4

schrauber · 06.07.2014, 17:50

letzter Versuch:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Telepolis · 07.07.2014, 16:57

Code:

ATTFilter

17:52:43.0305 0x082c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
17:52:47.0291 0x082c  ============================================================
17:52:47.0291 0x082c  Current date / time: 2014/07/07 17:52:47.0291
17:52:47.0291 0x082c  SystemInfo:
17:52:47.0291 0x082c  
17:52:47.0291 0x082c  OS Version: 5.1.2600 ServicePack: 2.0
17:52:47.0291 0x082c  Product type: Workstation
17:52:47.0291 0x082c  ComputerName: FDICAS01
17:52:47.0291 0x082c  UserName: Administrator
17:52:47.0291 0x082c  Windows directory: C:\WINDOWS
17:52:47.0291 0x082c  System windows directory: C:\WINDOWS
17:52:47.0291 0x082c  Processor architecture: Intel x86
17:52:47.0291 0x082c  Number of processors: 1
17:52:47.0291 0x082c  Page size: 0x1000
17:52:47.0291 0x082c  Boot type: Normal boot
17:52:47.0291 0x082c  ============================================================
17:52:55.0323 0x082c  KLMD registered as C:\WINDOWS\system32\drivers\00634834.sys
17:52:55.0543 0x082c  System UUID: {A40A33B6-D221-E1CE-1FBF-C4C47E2FCC3B}
17:52:56.0585 0x082c  Drive \Device\Harddisk0\DR0 - Size: 0xDFBDD4000 ( 55.94 Gb ), SectorSize: 0x200, Cylinders: 0x1C85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:52:56.0585 0x082c  Drive \Device\Harddisk1\DR2 - Size: 0x39AA7E800 ( 14.42 Gb ), SectorSize: 0x200, Cylinders: 0x759, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:52:56.0585 0x082c  ============================================================
17:52:56.0585 0x082c  \Device\Harddisk0\DR0:
17:52:56.0585 0x082c  MBR partitions:
17:52:56.0585 0x082c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FDB606
17:52:56.0585 0x082c  \Device\Harddisk1\DR2:
17:52:56.0585 0x082c  MBR partitions:
17:52:56.0585 0x082c  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1CD4D41
17:52:56.0585 0x082c  ============================================================
17:52:56.0615 0x082c  C: <-> \Device\Harddisk0\DR0\Partition1
17:52:56.0625 0x082c  ============================================================
17:52:56.0625 0x082c  Initialize success
17:52:56.0625 0x082c  ============================================================
17:53:23.0253 0x097c  ============================================================
17:53:23.0253 0x097c  Scan started
17:53:23.0253 0x097c  Mode: Manual; SigCheck; TDLFS; 
17:53:23.0253 0x097c  ============================================================
17:53:23.0253 0x097c  KSN ping started
17:53:37.0253 0x097c  KSN ping finished: true
17:53:38.0865 0x097c  ================ Scan system memory ========================
17:53:38.0875 0x097c  System memory - ok
17:53:38.0875 0x097c  ================ Scan services =============================
17:53:39.0016 0x097c  Abiosdsk - ok
17:53:39.0036 0x097c  abp480n5 - ok
17:53:39.0116 0x097c  [ 0F2D66D5F08EBE2F77BB904288DCF6F0, 5969A64B6995DCAF16F9A76BD1235472F76D71DFE629B956221D2C3D73EDF98A ] ac97intc        C:\WINDOWS\system32\drivers\ac97intc.sys
17:53:40.0728 0x097c  ac97intc - ok
17:53:40.0898 0x097c  [ 94B4741D2CF9ED38140B831293D1601A, 4630074BB5E071430B6C9905F495E958511C161BEB45624AB1C0B75AE0B615AB ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:53:41.0239 0x097c  ACPI - ok
17:53:41.0299 0x097c  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:53:41.0559 0x097c  ACPIEC - ok
17:53:41.0659 0x097c  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:53:41.0699 0x097c  AdobeFlashPlayerUpdateSvc - ok
17:53:41.0709 0x097c  adpu160m - ok
17:53:41.0770 0x097c  [ 1EE7B434BA961EF845DE136224C30FEC, 0216D2277B6B4AB9B0E47E093CEEAC2030EFB4B87BA048EA730E40119AA06444 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:53:42.0421 0x097c  aec - ok
17:53:42.0491 0x097c  [ 55E6E1C51B6D30E54335750955453702, 49BE694FB65F195A65EC631558BA599345C6641A6A5AA2F1053611B715F4677A ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:53:42.0591 0x097c  AFD - ok
17:53:42.0621 0x097c  Aha154x - ok
17:53:42.0641 0x097c  aic78u2 - ok
17:53:42.0651 0x097c  aic78xx - ok
17:53:42.0731 0x097c  [ 1AAB6C5F8376357CB9B16C38C42C4076, D6615A43C102817B7BF6CBD5A8097441FC5A7B00C03E0029B03D156C929574B1 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:53:42.0971 0x097c  Alerter - ok
17:53:43.0001 0x097c  [ 6596DD260FFDE1BDC994C1DF236307BB, 210D2742425FD1F82D2416340F96FC79324C7A739650620A57278881A00B98B6 ] ALG             C:\WINDOWS\System32\alg.exe
17:53:43.0182 0x097c  ALG - ok
17:53:43.0182 0x097c  AliIde - ok
17:53:43.0222 0x097c  amsint - ok
17:53:43.0332 0x097c  [ BECD5328E7869807D6557BE4FE60C72F, D022626970E68122CD3F67DAE71BAFA7A6EC7B3FAB7244D51096244C0E75E275 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:53:43.0532 0x097c  AppMgmt - ok
17:53:43.0552 0x097c  [ F0D692B0BFFB46E30EB3CEA168BBC49F, 745BE951F18C90FCD30C9A59BB861375C29FA49AF38D27EBFE4158FB7CAC86ED ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:53:43.0802 0x097c  Arp1394 - ok
17:53:43.0813 0x097c  asc - ok
17:53:43.0833 0x097c  asc3350p - ok
17:53:43.0843 0x097c  asc3550 - ok
17:53:44.0023 0x097c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:53:44.0033 0x097c  aspnet_state - ok
17:53:44.0073 0x097c  [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:53:44.0313 0x097c  AsyncMac - ok
17:53:44.0353 0x097c  [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:53:44.0544 0x097c  atapi - ok
17:53:44.0554 0x097c  Atdisk - ok
17:53:44.0574 0x097c  [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:53:44.0764 0x097c  Atmarpc - ok
17:53:44.0804 0x097c  [ E98B8250398F6637B335A76BA8DFB602, D54090C8E0D0D9AFAE17F5085275897A05D8FEB3FBB9B34C2EA056B70426388B ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:53:45.0004 0x097c  AudioSrv - ok
17:53:45.0044 0x097c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:53:45.0235 0x097c  audstub - ok
17:53:45.0285 0x097c  BackupStack - ok
17:53:45.0305 0x097c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:53:45.0545 0x097c  Beep - ok
17:53:45.0645 0x097c  [ 3A5E54A9AB96EF2D273B58136FB58EFE, 7905C688AA96FCA01C7A03934DA12284B290FFC569E594ACBA340E6DE2B8940B ] BITS            C:\WINDOWS\system32\qmgr.dll
17:53:46.0016 0x097c  BITS - ok
17:53:46.0096 0x097c  [ D8653DCD80CF2EBB333FC4FCC43A7DEF, AD8560B4B7893F72D1FDC2222AFFA80CFEA0CD1D75280DA588F32D83BAEE2B0F ] Browser         C:\WINDOWS\System32\browser.dll
17:53:46.0286 0x097c  Browser - ok
17:53:46.0316 0x097c  [ D24B8D1784C68A25060FFFBE8ED34B76, E96FBABDB2B24050DD963C0CF39980DFBADB4DCE03CF5DC1C7CB0AE72A644608 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:53:46.0536 0x097c  BthEnum - ok
17:53:46.0576 0x097c  [ 10355270BE12641B9764235DA39DCF0F, 325EECDF0B062BDF0CE76BC0B42885197315CFDEAF3336566B5EFCA0860FF0F0 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:53:46.0787 0x097c  BthPan - ok
17:53:46.0847 0x097c  [ 3A7A07B55ADC58E2001537EB6E0A980D, 3861E419DDCCDAFB58C656C5C34E1779D1C807DEEFEE3F57D894AF608458A203 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
17:53:46.0947 0x097c  BTHPORT - ok
17:53:47.0007 0x097c  [ 822D1875B12B6219CECE1D221349CEF4, BAE857650FE83B72B0FB0BF227EA1C9F9A9BF367EFAFCCAB675014CB95CF4F6C ] BthServ         C:\WINDOWS\System32\bthserv.dll
17:53:47.0167 0x097c  BthServ - ok
17:53:47.0197 0x097c  [ F06D4CB9918B462A84D9AC00027EFC30, 1F949DF5B768FB176A0203CD2C1260C15C7B4C5A3658230DA3BD7D8014614FD3 ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:53:47.0378 0x097c  BTHUSB - ok
17:53:47.0388 0x097c  catchme - ok
17:53:47.0428 0x097c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:53:47.0608 0x097c  cbidf2k - ok
17:53:47.0618 0x097c  cd20xrnt - ok
17:53:47.0638 0x097c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:53:47.0828 0x097c  Cdaudio - ok
17:53:47.0868 0x097c  [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:53:48.0049 0x097c  Cdfs - ok
17:53:48.0099 0x097c  [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:53:48.0269 0x097c  Cdrom - ok
17:53:48.0289 0x097c  Changer - ok
17:53:48.0319 0x097c  [ 234D52C63C67A8CF4AF9BECCE43BFB4A, 3050022FC88A0D61D823372DDFBFF3E97470DC08A6D65C96448DF215D3D0F2AD ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:53:48.0499 0x097c  CiSvc - ok
17:53:48.0549 0x097c  [ 0461868578D29DC18FB1C79933C5158A, B6B246E0C9B6FA4C6CFFB5C846C44A0933E7EE87BD91ED4267D4D7FD76201482 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:53:48.0730 0x097c  ClipSrv - ok
17:53:48.0820 0x097c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:53:48.0860 0x097c  clr_optimization_v2.0.50727_32 - ok
17:53:48.0900 0x097c  [ 4266BE808F85826AEDF3C64C1E240203, D1EF8B2C35C21BA122C44F8C55F57B2FA36D37B08A15CFCCE085A4810FAC1FF9 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:53:49.0090 0x097c  CmBatt - ok
17:53:49.0100 0x097c  CmdIde - ok
17:53:49.0200 0x097c  [ DF1B1A24BF52D0EBC01ED4ECE8979F50, 78C5E7BE2FFA6A0709F3095AB006C86E3991AFC9E9B5ABEC94C3E8DF2EA2169D ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:53:50.0172 0x097c  Compbatt - ok
17:53:50.0182 0x097c  COMSysApp - ok
17:53:50.0262 0x097c  Cpqarray - ok
17:53:50.0332 0x097c  [ 1A5F9DB98DF7955B4C7CBDBF2C638238, 91489B31024307D43FFCB0CB3FA5A5F92A6BD8B78FD032C640DB4C7C79B8A7CB ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:53:50.0562 0x097c  CryptSvc - ok
17:53:50.0572 0x097c  dac2w2k - ok
17:53:50.0592 0x097c  dac960nt - ok
17:53:50.0682 0x097c  [ D45BBCDDC74A1B0259A0C4B00C190D20, 61B4A8626752EA21B2DB966D82B86ADC21E5EABDC0C77AF4BE0930F4552681F3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:53:50.0883 0x097c  DcomLaunch - ok
17:53:50.0943 0x097c  [ 7C4D218F9017725589ADACAB82BEB0F8, A57F60FEA61ABBE13A1EEBD3CED7DD189D11840F7A88878883C3A36C6651D76F ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:53:51.0544 0x097c  Dhcp - ok
17:53:51.0554 0x097c  [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:53:51.0734 0x097c  Disk - ok
17:53:51.0744 0x097c  dmadmin - ok
17:53:51.0974 0x097c  [ 5789B83BA87FC84C3568CF86CACEF8CE, D4FF0E761BC83B07E129FB329599A82EE3BE8C0E23E95A11DB40B7BB9F6BB182 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:53:52.0415 0x097c  dmboot - ok
17:53:52.0445 0x097c  [ 084EB0A50A4F7B4705C8A57F234E5291, 1567AEE766660B58657B15BE477BD564B3A2426EE0DDABD9338B0B7D36C63EAA ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:53:52.0675 0x097c  dmio - ok
17:53:52.0695 0x097c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:53:52.0906 0x097c  dmload - ok
17:53:52.0946 0x097c  [ FA2D9D1A9F6B5A88D01E1685CE2378BA, F792078E8AD346F55A3DB77071AD12C50BE19C62A39F55026811EE68EC688D2E ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:53:53.0196 0x097c  dmserver - ok
17:53:53.0236 0x097c  [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:53:53.0456 0x097c  DMusic - ok
17:53:53.0516 0x097c  [ D1F5B71BBAEEE07B78980DBD878C0BC7, A6F1DECBFE34EC8429D4A5CCA4CFE235FD362944E6537899F8CFDF276A2DFBA4 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:53:53.0877 0x097c  Dnscache - ok
17:53:53.0877 0x097c  dpti2o - ok
17:53:53.0937 0x097c  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:53:54.0207 0x097c  drmkaud - ok
17:53:54.0318 0x097c  [ 98B46B331404A951CABAD8B4877E1276, DC683271BFF3BCC40D656E8190A4BA25E76B5876FE3C22C66ED789068C7017A7 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:53:54.0408 0x097c  E100B - ok
17:53:54.0458 0x097c  [ 877A4512CC9074D6954776AF47021766, 30A2A84B4BB29FF82451D5B8BFBBC7A25149DC2A664A8ECAFD3196893F56FC8E ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:53:54.0638 0x097c  ERSvc - ok
17:53:54.0708 0x097c  [ 65F6B774819BD727358157CEDEA67B8E, 050F7AC4B0C6D17574F374BDCF9A199437872C85E328530A49F500F69A1D7566 ] Eventlog        C:\WINDOWS\system32\services.exe
17:53:54.0858 0x097c  Eventlog - ok
17:53:54.0949 0x097c  [ D68ED3908C7A0DB446111D34AC40DC18, 9C5535D1CB3A717A267BAF8DD1EC43C76C70AAB1E61A94E0D4149B8C23B9F704 ] EventSystem     C:\WINDOWS\system32\es.dll
17:53:55.0089 0x097c  EventSystem - ok
17:53:55.0149 0x097c  [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:53:55.0770 0x097c  Fastfat - ok
17:53:55.0850 0x097c  [ 521A4CB71CC419FDF60DB83E7308AE2B, 3F55DD438436983043CA344DDA1598A7E3ECF213F94C52D415070846273A0B08 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:53:56.0521 0x097c  FastUserSwitchingCompatibility - ok
17:53:56.0571 0x097c  [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
17:53:56.0741 0x097c  Fdc - ok
17:53:56.0791 0x097c  [ 9E9AF89F9B14AA6249065C309CE73BD8, AA2637F7E853AA6421465088307C8D6F97B05C4CBBD504F416F58FD17C53DE97 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:53:56.0951 0x097c  Fips - ok
17:53:56.0991 0x097c  [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
17:53:57.0142 0x097c  Flpydisk - ok
17:53:57.0202 0x097c  [ 3D234FB6D6EE875EB009864A299BEA29, 9FEB003BDE7900AECDE9F9FFE0ECD7079B460714B582B7EB8EDB89E7F4D1FE59 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:53:57.0783 0x097c  FltMgr - ok
17:53:57.0883 0x097c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:53:57.0903 0x097c  FontCache3.0.0.0 - ok
17:53:57.0933 0x097c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:53:58.0083 0x097c  Fs_Rec - ok
17:53:58.0123 0x097c  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:53:58.0303 0x097c  Ftdisk - ok
17:53:58.0313 0x097c  [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:53:58.0504 0x097c  Gpc - ok
17:53:58.0574 0x097c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
17:53:58.0594 0x097c  gupdate - ok
17:53:58.0614 0x097c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
17:53:58.0634 0x097c  gupdatem - ok
17:53:58.0694 0x097c  [ BA85BCF1A2BCF927C3600574173403E0, 0D0253BEA64FDF65DA03677BF8DEB3A8B2D6AF546EB22C439844DC008515CEBF ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:53:58.0844 0x097c  helpsvc - ok
17:53:58.0864 0x097c  HidServ - ok
17:53:58.0914 0x097c  [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:53:59.0074 0x097c  HidUsb - ok
17:53:59.0084 0x097c  hpn - ok
17:53:59.0115 0x097c  [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:53:59.0195 0x097c  HPZid412 - ok
17:53:59.0205 0x097c  [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:53:59.0265 0x097c  HPZipr12 - ok
17:53:59.0275 0x097c  [ 7AC43C38CA8FD7ED0B0A4466F753E06E, B4D44B366170D247E0145B9435CC678BEE2A2A42CFF7B485E077B3B582557B5A ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:53:59.0325 0x097c  HPZius12 - ok
17:53:59.0395 0x097c  [ 9F8B0F4276F618964FD118BE4289B7CD, 5E72367D731A99D3E13004D7070494365E2DBD4D8134445F35E889D9E046BBA7 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:53:59.0465 0x097c  HTTP - ok
17:53:59.0515 0x097c  [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2, C98F569BDB58ED430C069516F64AFE1DE91FEA4CDF2572CEED7FF904E45F4FEE ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:53:59.0866 0x097c  HTTPFilter - ok
17:53:59.0886 0x097c  i2omgmt - ok
17:53:59.0906 0x097c  i2omp - ok
17:53:59.0956 0x097c  [ 7C575018D0413440D75432A78B88C899, 064E0980C2D30ABB15BD4A20E0B0CC184B5E4FAB509307D91B4FB18973F6DD6F ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:54:00.0126 0x097c  i8042prt - ok
17:54:00.0196 0x097c  [ 06B7EF73BA5F302EECC294CDF7E19702, 5EF396D70D69F8E86A0FC7311E634A8360A99DDEC39054DC3018624A1497836E ] i81x            C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
17:54:00.0376 0x097c  i81x - ok
17:54:00.0977 0x097c  [ DA91F5385CFC8BA0F110F2FDE112B563, B20175A621476ADD31EA6C79278AE481B6DE99FC5F03E959BE3E93937B374557 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:54:01.0758 0x097c  ialm - ok
17:54:02.0009 0x097c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:54:02.0169 0x097c  idsvc - ok
17:54:02.0229 0x097c  [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:54:02.0519 0x097c  Imapi - ok
17:54:02.0590 0x097c  [ 57D7267A9ED91ECAF4336B08C9628FCA, 1742A2D620DA325B6FCFFAD0D0D9177A73A58A353BE1462F3FE63BBC51DB97D0 ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:54:02.0780 0x097c  ImapiService - ok
17:54:02.0790 0x097c  ini910u - ok
17:54:02.0830 0x097c  [ D63C33F65F6EBC732116403D88883B2D, F00E802BE7E15D14C09EFAB52F2E49BBE9C10448435AB5F06E3AFE544290C806 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
17:54:03.0000 0x097c  IntelIde - ok
17:54:03.0050 0x097c  [ C1C2CC1DA79C5EE10457EF0A3B8568C7, 7A37C349ADFCFAE86E679894F4E87A287712EF69D17BCC8B5C20C857E2B78B6A ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:54:03.0200 0x097c  intelppm - ok
17:54:03.0240 0x097c  [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:54:03.0401 0x097c  Ip6Fw - ok
17:54:03.0431 0x097c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:54:03.0601 0x097c  IpFilterDriver - ok
17:54:03.0611 0x097c  [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:54:03.0781 0x097c  IpInIp - ok
17:54:03.0831 0x097c  [ E2168CBC7098FFE963C6F23F472A3593, 93B60D02ACBDDCE78BD4020B9CE0C132A8DD28FC2266B2748A22717B93AFF7C9 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:54:04.0372 0x097c  IpNat - ok
17:54:04.0432 0x097c  [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:54:04.0602 0x097c  IPSec - ok
17:54:04.0632 0x097c  [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:54:04.0733 0x097c  IRENUM - ok
17:54:04.0753 0x097c  [ CE9B7AFDF0A3D7DD8D1487262316B959, 2843C253AC349818718FCCDC7832641AE3EE8E5B4879F1B76D180F23F8B00895 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:54:04.0913 0x097c  isapnp - ok
17:54:05.0033 0x097c  [ 0E410EDC8D0527801B899CF29E60597C, CF8BDCA6BF91BC33187B2D01BF378988AFCE821A70A4727500DAACC5C80EEBD6 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
17:54:05.0053 0x097c  JavaQuickStarterService - ok
17:54:05.0093 0x097c  [ B128FC0A5CD83F669D5DE4B58F77C7D6, 8DDC829084C2B5B7CCF0938BBB518C892E1CB6AEC6EF8CD13DE3C95255DBF84E ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:54:05.0243 0x097c  Kbdclass - ok
17:54:05.0293 0x097c  [ BA5DEDA4D934E6288C2F66CAF58D2562, 2250B75EEAD92CA56A1F8BB3F6523F9A5625676E38845A4DE0BFECE5EA17DBFA ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:54:05.0864 0x097c  kmixer - ok
17:54:05.0914 0x097c  [ 674D3E5A593475915DC6643317192403, EDE02BB88BEFDCB3E312087AFB5D91D8E9648C0F8599BD551FDC745DBA765819 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:54:05.0994 0x097c  KSecDD - ok
17:54:06.0064 0x097c  [ 2865FA4ED4471929881C053A6E5A85F6, 404D43B8733BA1EE21408301F1E813F838F95F39B3E364B930E85C3361AA100E ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
17:54:06.0665 0x097c  lanmanserver - ok
17:54:06.0755 0x097c  [ F716A6F5BABB6DA60C0532510AB52245, 15022609C28B13FFD6460FCF4D694B1561FDCE0DD48B82E5A01735DF9EB57CF0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:54:06.0816 0x097c  lanmanworkstation - ok
17:54:06.0836 0x097c  lbrtfdc - ok
17:54:06.0886 0x097c  [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C, 230F660122CA5AC16EC75C32A4CB807138E69EB68248E22DDAB98AEF0CB5AA69 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:54:07.0056 0x097c  LmHosts - ok
17:54:07.0096 0x097c  [ E5215AB942C5AC5F7EB0E54871D7A27C, D1F4B56B3358D07D544A891544B0C913B1F980FD0A5A14D33FE0263D20D1D988 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:54:07.0256 0x097c  Messenger - ok
17:54:07.0306 0x097c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:54:07.0487 0x097c  mnmdd - ok
17:54:07.0537 0x097c  [ BB2470D20405B272EA47CA5E18F1C58E, 25FBCD1B48E2AEACAB0437BFBD4A3584E76D30E957DFDF4554709C15970C6CC8 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:54:07.0717 0x097c  mnmsrvc - ok
17:54:07.0757 0x097c  [ 91A3DA4B12F6F1D760463A7F7857F748, 399667C23B346ABEDA39E385A45F66B22CF94611999CA50F6D6C57E83547501B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:54:07.0927 0x097c  Modem - ok
17:54:07.0957 0x097c  [ 71E15CA47FD947552054AFB28536268F, C53BED7E31CD006FFA5F9D6AEAA7574102F9E780D4C68541EEA34B07A9031D54 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:54:08.0147 0x097c  Mouclass - ok
17:54:08.0158 0x097c  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:54:08.0348 0x097c  mouhid - ok
17:54:08.0398 0x097c  [ 65653F3B4477F3C63E68A9659F85EE2E, 32A34B22A4C1F50A966F321FD228C6B85F0F0315ABF3D40FC416618E786A4024 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:54:08.0588 0x097c  MountMgr - ok
17:54:08.0658 0x097c  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:54:08.0688 0x097c  MozillaMaintenance - ok
17:54:08.0708 0x097c  mraid35x - ok
17:54:08.0748 0x097c  [ 46EDCC8F2DB2F322C24F48785CB46366, 0300EC19CAAEEC52001EBB7F3BE6DE314B42FE7F8BA072905070FEA75CC06E3B ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:54:08.0929 0x097c  MRxDAV - ok
17:54:09.0019 0x097c  [ FB6C89BB3CE282B08BDB1E3C179E1C39, 0558617DB859228332F4B7E44875AB3CDBA370E78C23BB5E80B159AAA7087B3E ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:54:09.0129 0x097c  MRxSmb - ok
17:54:09.0179 0x097c  [ D059F9C7752EF461476E83180DAA5C62, F20D18F24E8E66089028F1191D8FDEC46260C4453DF0D0CCB73DF2D0FDBBC7FE ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:54:09.0359 0x097c  MSDTC - ok
17:54:09.0389 0x097c  [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:54:09.0560 0x097c  Msfs - ok
17:54:09.0570 0x097c  MSIServer - ok
17:54:09.0610 0x097c  [ AE431A8DD3C1D0D0610CDBAC16057AD0, 8B3BCAC3DA71778DC8B863E6DEF10F02F65D1BDD3381802DDC0B2980F4F1FBB9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:54:09.0810 0x097c  MSKSSRV - ok
17:54:09.0840 0x097c  [ 13E75FEF9DFEB08EEDED9D0246E1F448, 69D4CF483753FF253431656E1CB680F6702375696F94E259729BD11C25004031 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:54:09.0990 0x097c  MSPCLOCK - ok
17:54:10.0010 0x097c  [ 1988A33FF19242576C3D0EF9CE785DA7, 9E1C07F364DA7EF0D859BB7A3A06F849A153722E27E872640120CC6855D9FC51 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:54:10.0160 0x097c  MSPQM - ok
17:54:10.0180 0x097c  [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:54:10.0341 0x097c  mssmbios - ok
17:54:10.0381 0x097c  [ 82035E0F41C2DD05AE41D27FE6CF7DE1, 6111D330E7ACB77E23EA6A9E001FC651DE1DC49D772DC6FDD3C4B8EDA57E1C7A ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:54:10.0531 0x097c  Mup - ok
17:54:10.0571 0x097c  [ 558635D3AF1C7546D26067D5D9B6959E, 8C1802908DF35E442575969D29F4B22019A2B3E4C309B8E193F98F75AE81F013 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:54:10.0751 0x097c  NDIS - ok
17:54:10.0791 0x097c  [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:54:10.0942 0x097c  NdisTapi - ok
17:54:10.0982 0x097c  [ 8D3CE6B579CDE8D37ACC690B67DC2106, B0C11C359B478EA66DA53DCAC2C44AB493C3C41C372AE28B7EF4EBD6E4FDE53D ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:54:11.0522 0x097c  Ndisuio - ok
17:54:11.0552 0x097c  [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:54:11.0723 0x097c  NdisWan - ok
17:54:11.0773 0x097c  [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:54:11.0933 0x097c  NDProxy - ok
17:54:11.0953 0x097c  [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:54:12.0103 0x097c  NetBIOS - ok
17:54:12.0123 0x097c  [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:54:12.0303 0x097c  NetBT - ok
17:54:12.0334 0x097c  [ F4EFF57254F565F39B6029150414A0D5, ADB4A797A25E7BD705A7FFCEEF15B681057748A7CEE19CC0B55F86446608752E ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:54:12.0504 0x097c  NetDDE - ok
17:54:12.0514 0x097c  [ F4EFF57254F565F39B6029150414A0D5, ADB4A797A25E7BD705A7FFCEEF15B681057748A7CEE19CC0B55F86446608752E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:54:12.0674 0x097c  NetDDEdsdm - ok
17:54:12.0714 0x097c  [ 183805EB05BCA5A1E4AAAED4D2BE3690, D1821D2F616F029C07D0727FF8EB0862374EE544F4A66567F0433E567AF2B85A ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:54:12.0874 0x097c  Netlogon - ok
17:54:12.0924 0x097c  [ 1E5218FBE323C375B488318950E10FB4, EC74DCF23B4FD08FE15BE636B2E556399797A7960D313F57F7A9554E030F1D29 ] Netman          C:\WINDOWS\System32\netman.dll
17:54:13.0485 0x097c  Netman - ok
17:54:13.0615 0x097c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:54:13.0635 0x097c  NetTcpPortSharing - ok
17:54:13.0645 0x097c  [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC, AD1FD07DD9E745C29986C2A25E9EF80B93CBF0F47FCF76741DD6E9CC81C7D241 ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:54:13.0826 0x097c  NIC1394 - ok
17:54:13.0876 0x097c  [ 774274C487493452DF3B0126DBE7FF3B, B8CD8FB06E2CCB428E34885324C1B83BDD6DEF4BA4B30B7DE42D8DB211DDA9FC ] Nla             C:\WINDOWS\System32\mswsock.dll
17:54:13.0976 0x097c  Nla - ok
17:54:13.0996 0x097c  [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:54:14.0176 0x097c  Npfs - ok
17:54:14.0296 0x097c  [ 19A811EF5F1ED5C926A028CE107FF1AF, 97606850041DE4E568188FB28AA3D5B10A4E96DB9551A77BC3A17ED67D5D4474 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:54:14.0937 0x097c  Ntfs - ok
17:54:14.0967 0x097c  [ 183805EB05BCA5A1E4AAAED4D2BE3690, D1821D2F616F029C07D0727FF8EB0862374EE544F4A66567F0433E567AF2B85A ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:54:15.0108 0x097c  NtLmSsp - ok
17:54:15.0168 0x097c  [ 428AA946A8D9F32DBB4260C8E6E13377, EE5D259287CFDEA7A83D565702CCD7C1F91C376B1327E8BAFF2A3DEFE3BE763E ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:54:15.0388 0x097c  NtmsSvc - ok
17:54:15.0418 0x097c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:54:15.0588 0x097c  Null - ok
17:54:15.0638 0x097c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:54:15.0788 0x097c  NwlnkFlt - ok
17:54:15.0798 0x097c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:54:15.0949 0x097c  NwlnkFwd - ok
17:54:15.0959 0x097c  [ 0951DB8E5823EA366B0E408D71E1BA2A, EAF0E680BC476D8CEBAD0C21F2EDB958F333B731E8B131DA450D716FEC2C87B0 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:54:16.0129 0x097c  ohci1394 - ok
17:54:16.0169 0x097c  [ B2F17A2EDB5450E61973A037F63A595B, 21B5C7EC1FD0730BFA0D1390ECA744037344C020847615BBC3AA29E5169CA64F ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:54:16.0329 0x097c  Parport - ok
17:54:16.0329 0x097c  [ 3334430C29DC338092F79C38EF7B4CD0, B54989B46D77F124D66741A939FF2033F73854FC39AF13C8165D01203A94A94E ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:54:16.0489 0x097c  PartMgr - ok
17:54:16.0540 0x097c  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:54:16.0720 0x097c  ParVdm - ok
17:54:16.0740 0x097c  [ 6FB463E5B243FBD6F3D3C83F914D94FB, 9B259BC29C458463D56EC59BDE4C116AEDC4AEFC53690292071628E739BABDB6 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:54:16.0900 0x097c  PCI - ok
17:54:16.0910 0x097c  PCIDump - ok
17:54:16.0920 0x097c  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
17:54:17.0100 0x097c  PCIIde - ok
17:54:17.0130 0x097c  [ E2363F4C1DAFF89ABEE5F593E13D8A05, 92EDD9CE64BDA74EAB095077AE6A41ED4EBCE81694193DFCDDF158ECAEF3F96B ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:54:17.0301 0x097c  Pcmcia - ok
17:54:17.0301 0x097c  PDCOMP - ok
17:54:17.0321 0x097c  PDFRAME - ok
17:54:17.0331 0x097c  PDRELI - ok
17:54:17.0341 0x097c  PDRFRAME - ok
17:54:17.0361 0x097c  perc2 - ok
17:54:17.0371 0x097c  perc2hib - ok
17:54:17.0451 0x097c  [ 65F6B774819BD727358157CEDEA67B8E, 050F7AC4B0C6D17574F374BDCF9A199437872C85E328530A49F500F69A1D7566 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:54:17.0521 0x097c  PlugPlay - ok
17:54:17.0571 0x097c  [ 2D091A99624FB9E7EEF0A86D872EC0C3, 465C0772E23F7959EC71DCCFA3304E2E46FD31548AE37D7BA3DAAA59E6B561FD ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:54:17.0591 0x097c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:54:21.0527 0x097c  Detect skipped due to KSN trusted
17:54:21.0527 0x097c  Pml Driver HPZ12 - ok
17:54:21.0637 0x097c  [ 183805EB05BCA5A1E4AAAED4D2BE3690, D1821D2F616F029C07D0727FF8EB0862374EE544F4A66567F0433E567AF2B85A ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:54:21.0937 0x097c  PolicyAgent - ok
17:54:21.0947 0x097c  [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:54:22.0448 0x097c  PptpMiniport - ok
17:54:22.0458 0x097c  [ 183805EB05BCA5A1E4AAAED4D2BE3690, D1821D2F616F029C07D0727FF8EB0862374EE544F4A66567F0433E567AF2B85A ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:54:22.0678 0x097c  ProtectedStorage - ok
17:54:22.0708 0x097c  [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:54:22.0879 0x097c  PSched - ok
17:54:22.0899 0x097c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:54:23.0049 0x097c  Ptilink - ok
17:54:23.0089 0x097c  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:54:23.0239 0x097c  PxHelp20 - ok
17:54:23.0249 0x097c  ql1080 - ok
17:54:23.0259 0x097c  Ql10wnt - ok
17:54:23.0269 0x097c  ql12160 - ok
17:54:23.0289 0x097c  ql1240 - ok
17:54:23.0299 0x097c  ql1280 - ok
17:54:23.0329 0x097c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:54:23.0480 0x097c  RasAcd - ok
17:54:23.0530 0x097c  [ E3C6E87C1F84584A773D7C3DD205DBFF, E5F1FDCA1029170AFED8D5642E867F1F4A6F4F9894B099D5B3477140E3AFFDFE ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:54:23.0700 0x097c  RasAuto - ok
17:54:23.0740 0x097c  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:54:23.0910 0x097c  Rasl2tp - ok
17:54:23.0980 0x097c  [ FFC8343B35FB2DF01A5767748EFA5B58, 410128024F26FF5C1D7E1F7724B85980D10748C5546853CE0A2F7F8DF5C4CC41 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:54:24.0511 0x097c  RasMan - ok
17:54:24.0541 0x097c  [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:54:24.0711 0x097c  RasPppoe - ok
17:54:24.0721 0x097c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:54:24.0882 0x097c  Raspti - ok
17:54:24.0932 0x097c  [ 03B965B1CA47F6EF60EB5E51CB50E0AF, 56B0F5FC470385F2FF4E4573099C96772EDB985398859B9F7ACE0AA704BB47B7 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:54:25.0553 0x097c  Rdbss - ok
17:54:25.0573 0x097c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:54:25.0733 0x097c  RDPCDD - ok
17:54:25.0793 0x097c  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:54:25.0963 0x097c  rdpdr - ok
17:54:26.0013 0x097c  [ B54CD38A9EBFBF2B3561426E3FE26F62, 2BE75A68C598A2E162F09BCBA140909B9480A7E06A733B5D58673A172CAD8084 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:54:26.0594 0x097c  RDPWD - ok
17:54:26.0674 0x097c  [ AEC159942DF64A9890072D7BB1797762, 7AE6A4A521154875475205B2FEE07AE845EA4C930611C2D92BAE164E92BCB417 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:54:26.0844 0x097c  RDSessMgr - ok
17:54:26.0874 0x097c  [ AA56702E230860565CB8D43680F57F33, A2E3FE04335B988E1DEBF0AE717719B865E4A9807F916EACF64C114C49758FE1 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:54:27.0035 0x097c  redbook - ok
17:54:27.0095 0x097c  [ EBA80CDF25E02084857957E820004934, 54F0EC0C91F0F277A5946D5BB41D2C1738253509174A53A3B7FD6434067C8A13 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:54:27.0285 0x097c  RemoteAccess - ok
17:54:27.0335 0x097c  [ AE81CF7D7CFA79CD03E8FB99788A7E09, 8E5836CC42C923FA1AAD5D5E06F8E89B370ABA7E227D90705CAE39C17DE1E908 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:54:27.0746 0x097c  RemoteRegistry - ok
17:54:27.0766 0x097c  [ 99C4B74981A1413F142A3903130088CB, 46F17447F4E5C90AA726BE9076288D4726FB3E5B0AC5B57059452213F46C15CC ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:54:27.0986 0x097c  RFCOMM - ok
17:54:28.0036 0x097c  [ DA23F9F3F1B1871120F980A6879581AC, B8A582D639540CD23E5573504EE64A6AB2E27B7B31F2EB8398190F735D36B0F8 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:54:28.0256 0x097c  RpcLocator - ok
17:54:28.0316 0x097c  [ D45BBCDDC74A1B0259A0C4B00C190D20, 61B4A8626752EA21B2DB966D82B86ADC21E5EABDC0C77AF4BE0930F4552681F3 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
17:54:28.0437 0x097c  RpcSs - ok
17:54:28.0477 0x097c  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:54:28.0647 0x097c  RSVP - ok
17:54:28.0707 0x097c  [ 183805EB05BCA5A1E4AAAED4D2BE3690, D1821D2F616F029C07D0727FF8EB0862374EE544F4A66567F0433E567AF2B85A ] SamSs           C:\WINDOWS\system32\lsass.exe
17:54:28.0857 0x097c  SamSs - ok
17:54:28.0917 0x097c  [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57, F29B85D91EBE16BCB9E8D25F641C4C94E58B9D5F4C8F925A13601980404BAE0A ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:54:29.0078 0x097c  SCardSvr - ok
17:54:29.0148 0x097c  [ D5E73842F38E24457C63FEF8CEFFBE19, 3456F527AE8E89603E4842C1CB71E5D84CBB2CAA99C384BEAC46DA2436E515C5 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:54:29.0328 0x097c  Schedule - ok
17:54:29.0358 0x097c  [ D26E26EA516450AF9D072635C60387F4, C78D26B2E6343176EA9E09DD96CDAE108F832B7973FABF756D05E24392FEF388 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:54:29.0458 0x097c  Secdrv - ok
17:54:29.0548 0x097c  [ FED544B43903FB801B106F062110358A, 108739F6D260EE1FF3AD7392B7E3DCDE858EFA97ACDDE7A41F1F8E1AEA9D238A ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:54:29.0719 0x097c  seclogon - ok
17:54:29.0729 0x097c  [ AB74D986C1DD0D0C95B6AD37EC1E9F4F, 9A13D6357BBA9FD84E6DD727FF5475157D6243CC5DAEB85D11450DC928D51036 ] SENS            C:\WINDOWS\system32\sens.dll
17:54:29.0909 0x097c  SENS - ok
17:54:29.0949 0x097c  [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:54:30.0119 0x097c  serenum - ok
17:54:30.0149 0x097c  [ CD5B9995AFCDB466C9EFC048D167E3BE, C80F17BA17ACA8BCCE7C4230C2F076972254813FFFB9A0B71610EB7182D9F9FD ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:54:30.0299 0x097c  Serial - ok
17:54:30.0349 0x097c  [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:54:30.0520 0x097c  Sfloppy - ok
17:54:30.0580 0x097c  [ 9245420422E409A25C1410ACB4244060, 62523AA3B99CD20CABBC843744AD95A200959BAE3C485B75B9EABC71C57E8DD2 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:54:30.0780 0x097c  SharedAccess - ok
17:54:30.0810 0x097c  [ 521A4CB71CC419FDF60DB83E7308AE2B, 3F55DD438436983043CA344DDA1598A7E3ECF213F94C52D415070846273A0B08 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:54:31.0441 0x097c  ShellHWDetection - ok
17:54:31.0461 0x097c  Simbad - ok
17:54:31.0481 0x097c  Sparrow - ok
17:54:31.0491 0x097c  [ 0CE218578FFF5F4F7E4201539C45C78F, 2C87C8993C3B9CE3589262E178B2B12FF9F2D83E5E8C2B97648D7FA24E3BD985 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:54:32.0112 0x097c  splitter - ok
17:54:32.0132 0x097c  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F, 521257429493F31516EDE549869EFA4B7A262F6A69EA1E82A9C875456C10E702 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:54:32.0763 0x097c  Spooler - ok
17:54:32.0813 0x097c  [ E4200CB2F418D8FC4ACDD7E38C419D6A, 9F910E3C1E91FC13DD09F8791E98CEC11C17BEF8D7169483E8CA6FEC832CB8C4 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:54:33.0103 0x097c  sr - ok
17:54:33.0143 0x097c  [ 015F302C4CF961F20C3F98F3A7CA7917, E82996C372D3E4E25D9B622C6D79B60BFDAE1DABD251C1174E080FB74B92C083 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:54:33.0244 0x097c  srservice - ok
17:54:33.0324 0x097c  [ 7A4F147CC6B133F905F6E65E2F8669FB, 82E3C4F1A92D8D8129CC1CA07F516B537EA6A3B2EEDF47A2C32BEC7828A83A32 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:54:33.0404 0x097c  Srv - ok
17:54:33.0464 0x097c  [ 6FA03B462B2FFFE2627171B7FE73EE29, 8B5614500B1DC6DD077B5F47738DDAA1C8E88C3CCA049622B7FE548DB6A1EE0B ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:54:33.0594 0x097c  SSDPSRV - ok
17:54:33.0674 0x097c  [ 25E9B30AF1FA1B9AF1853577F39FF20B, 71B6EDBFDCD7F0272E9D4E96F52027819CCA18F538F5BB54EA3D947F6A5C09AE ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:54:34.0395 0x097c  stisvc - ok
17:54:34.0425 0x097c  [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:54:34.0565 0x097c  swenum - ok
17:54:34.0606 0x097c  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:54:34.0756 0x097c  swmidi - ok
17:54:34.0766 0x097c  SwPrv - ok
17:54:34.0776 0x097c  symc810 - ok
17:54:34.0786 0x097c  symc8xx - ok
17:54:34.0806 0x097c  sym_hi - ok
17:54:34.0816 0x097c  sym_u3 - ok
17:54:34.0836 0x097c  [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:54:35.0016 0x097c  sysaudio - ok
17:54:35.0046 0x097c  [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC, 23CC1826F15748A4F6A38979F18CED3DE299BB3973C10CD4DACBFD1C7BF6030C ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:54:35.0206 0x097c  SysmonLog - ok
17:54:35.0277 0x097c  [ 427D7EB3B453347082C8F4B370065D60, 1F8581227FA821C3DFFB9CFAE05731DEE2881A8FED553F40BAD3D562D443CC12 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:54:35.0927 0x097c  TapiSrv - ok
17:54:36.0018 0x097c  [ 2A5554FC5B1E04E131230E3CE035C3F9, 97CD31598A95BAF227BD4763AE721DCBF2E7BBB951E95F33B56C94C3B1D7CF4A ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:54:36.0148 0x097c  Tcpip - ok
17:54:36.0198 0x097c  [ 38D437CF2D98965F239B0ABCD66DCB0F, CC497A25C7AC1FF1E07CEE25FB0C5A5E6C4005C1CB244601FE620884A5C26506 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:54:36.0358 0x097c  TDPIPE - ok
17:54:36.0378 0x097c  [ ED0580AF02502D00AD8C4C066B156BE9, 41AA6C88CF48CAF0DA8E374F37E74206E4F558332075304A28983D04E08B3154 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:54:36.0528 0x097c  TDTCP - ok
17:54:36.0558 0x097c  [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:54:36.0729 0x097c  TermDD - ok
17:54:36.0799 0x097c  [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA, 1EF2C45FCD1EAAC431D1079BCFC6D3DA7756ECA9BDA1B26BADD2E8E101F1EB2F ] TermService     C:\WINDOWS\System32\termsrv.dll
17:54:36.0989 0x097c  TermService - ok
17:54:37.0029 0x097c  [ 521A4CB71CC419FDF60DB83E7308AE2B, 3F55DD438436983043CA344DDA1598A7E3ECF213F94C52D415070846273A0B08 ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:54:37.0670 0x097c  Themes - ok
17:54:37.0710 0x097c  [ 58708746B8267033E5CF2B29659E7F74, F1AD45CE811A7BFC77124CC36AE7E46AD09651BEF484B42A01D4F7B82884566D ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:54:37.0830 0x097c  TlntSvr - ok
17:54:37.0840 0x097c  TosIde - ok
17:54:37.0880 0x097c  [ A34E894201D66E380E1FA96FE11B587E, 1A6A39492FCE3F63FB422F4C6C525B8DE39C38D8AD220E23D1194FD9B31C9B6F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:54:38.0040 0x097c  TrkWks - ok
17:54:38.0071 0x097c  [ 12F70256F140CD7D52C58C7048FDE657, F2E3E645AA713A520452F5E17513D258D3900E93F65013551FC2B542BFA15BB3 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:54:38.0421 0x097c  Udfs - ok
17:54:38.0431 0x097c  ultra - ok
17:54:38.0481 0x097c  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
17:54:38.0531 0x097c  UMWdf - ok
17:54:38.0621 0x097c  [ CED744117E91BDC0BEB810F7D8608183, 8D429F6B4A206D82C3BB18C7675B6C3910D5A1CB892F5D07EA8E8080D729AD07 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:54:39.0392 0x097c  Update - ok
17:54:39.0453 0x097c  [ 855790C1BACED245A6B210AF430ED17B, B621A6FB9C07B6030ABB2631612D2048D3A6C98BF06347D0B5BBD24F45348874 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:54:40.0123 0x097c  upnphost - ok
17:54:40.0154 0x097c  [ A99F867E76CFDAA28EE305B93F70E84F, 410063EE60AE2322633A3E1169896405D6892A1623EF4E89113A0A6F8A191991 ] UPS             C:\WINDOWS\System32\ups.exe
17:54:40.0314 0x097c  UPS - ok
17:54:40.0334 0x097c  [ BFFD9F120CC63BCBAA3D840F3EEF9F79, 0183D82E341473200FB1A05F6ABBBA3F2BD635654F49599E4CEB3E6394A33D36 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:54:40.0484 0x097c  usbccgp - ok
17:54:40.0514 0x097c  [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:54:40.0674 0x097c  usbehci - ok
17:54:40.0714 0x097c  [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:54:40.0905 0x097c  usbhub - ok
17:54:40.0925 0x097c  [ A42369B7CD8886CD7C70F33DA6FCBCF5, EEDAA16F906A2F8FF40009ED10243F66A5CCE878111F1001DA6060A42DD79047 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:54:41.0075 0x097c  usbprint - ok
17:54:41.0085 0x097c  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85, E40B73D4E2417F4874D155885C86E4FB44557324616AABD84EFE6C4751DCC46B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:54:41.0255 0x097c  usbscan - ok
17:54:41.0275 0x097c  [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:54:41.0435 0x097c  USBSTOR - ok
17:54:41.0505 0x097c  [ F8FD1400092E23C8F2F31406EF06167B, AE93C83BA1966535AFA3E72D6F69156B7E56F021A6808EC8DA44C7E7D506D7E5 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:54:41.0666 0x097c  usbuhci - ok
17:54:41.0696 0x097c  [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:54:41.0856 0x097c  VgaSave - ok
17:54:41.0866 0x097c  ViaIde - ok
17:54:41.0916 0x097c  [ D6888520FF56D72A50437E371CA25FC9, 54B7E24E750A2E0CE1AD6ADAB69C9CF19F7A9FD774A9D96A255C9D47AB0642B4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:54:42.0076 0x097c  VolSnap - ok
17:54:42.0156 0x097c  [ 6635ECBF0D8090DC3A452D0D072B5D5B, 4FC0E170AF3E9999F0818E8CDDC4CD51073638CC915E191E3BBFB4D5AEC29563 ] VSS             C:\WINDOWS\System32\vssvc.exe
17:54:42.0297 0x097c  VSS - ok
17:54:42.0547 0x097c  [ 3954C568365DF72BB06061BF96F79878, 9521DF14C58496F3465EB266208C0A3546F4A6FB5355BF7CBABF3EAB48DEFBA2 ] w29n51          C:\WINDOWS\system32\DRIVERS\w29n51.sys
17:54:42.0897 0x097c  w29n51 - ok
17:54:42.0978 0x097c  [ C6D874CD2A5B83CD11CDEBD28A638584, C38969D6F648EB03565F4A505F7E15EBF8D6A0564757E4DA7C6397CBF79FFA8A ] W32Time         C:\WINDOWS\system32\w32time.dll
17:54:43.0188 0x097c  W32Time - ok
17:54:43.0228 0x097c  [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:54:43.0428 0x097c  Wanarp - ok
17:54:43.0448 0x097c  WDICA - ok
17:54:43.0699 0x097c  [ EFD235CA22B57C81118C1AEB4798F1C1, 16EE95A1D51F318224152492FB1663D96E61EC1706E85AE820CD023CBA1CF1F3 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:54:44.0360 0x097c  wdmaud - ok
17:54:44.0410 0x097c  [ 879ECB9A5F14A03960B84EDB7207A051, 1F7B9296BA8DD0DF4DB595A0F1DB2C7A504930BE2CE07FC196401E450F063A8B ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:54:45.0121 0x097c  WebClient - ok
17:54:45.0221 0x097c  [ DA2DADB42916E59C6E4BBA593BCCDA73, E86B7C169ABC78F23D7D4BC5705E9861BE4840DF7064C08B8460B16179D8DF6C ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:54:45.0401 0x097c  winmgmt - ok
17:54:45.0471 0x097c  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
17:54:45.0501 0x097c  WmdmPmSN - ok
17:54:45.0601 0x097c  [ 80D811741505365B79CBDB1254D5C98B, 8E719A79FD6F8B81222E54968564A55799DE9614A34769A9B7E6160F885C93B5 ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:54:45.0792 0x097c  Wmi - ok
17:54:45.0852 0x097c  [ 042A78FCD1ADFB0FBA9865D55C6F5CC1, 1BB88E17059B9DA690480BDEDBB236BCB1CD7C45BEEB81607FD564B545A4AC04 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:54:46.0032 0x097c  WmiApSrv - ok
17:54:46.0072 0x097c  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:54:46.0262 0x097c  WS2IFSL - ok
17:54:46.0312 0x097c  [ BD3561AAE748150CF51C2CA876449EA7, 19A088627E763080074F5323B0EE2F9778B27D24685312EF0C33B8091588F767 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:54:46.0493 0x097c  wscsvc - ok
17:54:46.0533 0x097c  [ 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6, C43900F2EC0843C6017A99BCE6B057FBD463587D15532F4E4D8DB514A5AE99C7 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:54:46.0693 0x097c  wuauserv - ok
17:54:46.0753 0x097c  [ EB52B74A5DAADC2CCA68B3E7D81007E6, 0DB7D4BAE9187C37FF2D949A425514EF2345CF7482A9CE18EB625569EE537E34 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:54:47.0474 0x097c  WZCSVC - ok
17:54:47.0534 0x097c  [ 8302DE1C64618D72346DD0034DBC5D9B, D5CBD3058BD6C0F282928BEC993C741028DB72FF51562B5E7DE70EF71BF67E2F ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:54:47.0704 0x097c  xmlprov - ok
17:54:47.0734 0x097c  ================ Scan global ===============================
17:54:47.0774 0x097c  [ 1B91BAC6996731EE8925F58205DCB016, EF70A2F227F8D1837B1253DB8BB24DFEC5BF4A425A51A11473A831B2E6DE3915 ] C:\WINDOWS\system32\basesrv.dll
17:54:47.0835 0x097c  [ 317DF8980138FB91AE03E95757F4D0E9, 29D019C9DB357156CCC7A6BF8BC25C9117B0CA248FC3ECF06AB318B44AE52ABA ] C:\WINDOWS\system32\winsrv.dll
17:54:47.0915 0x097c  [ 317DF8980138FB91AE03E95757F4D0E9, 29D019C9DB357156CCC7A6BF8BC25C9117B0CA248FC3ECF06AB318B44AE52ABA ] C:\WINDOWS\system32\winsrv.dll
17:54:47.0965 0x097c  [ 65F6B774819BD727358157CEDEA67B8E, 050F7AC4B0C6D17574F374BDCF9A199437872C85E328530A49F500F69A1D7566 ] C:\WINDOWS\system32\services.exe
17:54:47.0965 0x097c  [ Global ] - ok
17:54:47.0975 0x097c  ================ Scan MBR ==================================
17:54:48.0005 0x097c  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:54:48.0405 0x097c  \Device\Harddisk0\DR0 - ok
17:54:48.0425 0x097c  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR2
17:54:48.0596 0x097c  \Device\Harddisk1\DR2 - ok
17:54:48.0606 0x097c  ================ Scan VBR ==================================
17:54:48.0616 0x097c  [ E6D44191F066F2634764A32CC289209D ] \Device\Harddisk0\DR0\Partition1
17:54:48.0616 0x097c  \Device\Harddisk0\DR0\Partition1 - ok
17:54:48.0626 0x097c  [ E2A38F77ECB8FA483CE0B9E929E58768 ] \Device\Harddisk1\DR2\Partition1
17:54:48.0636 0x097c  \Device\Harddisk1\DR2\Partition1 - ok
17:54:48.0636 0x097c  ================ Scan generic autorun ======================
17:54:48.0646 0x097c  BluetoothAuthenticationAgent - ok
17:54:48.0696 0x097c  [ FA680935110ECE1BF93E9AADEBDC865B, 33F36D626BF480DA885FC462FAD73FA359FE80D6BFF1F50EF2AFB16292D2CAED ] C:\WINDOWS\system32\igfxtray.exe
17:54:48.0756 0x097c  igfxtray - ok
17:54:48.0786 0x097c  [ FBC32DBF9E460E9CAA516BBABB730925, D0C4B1FD3BC06CFBEBF7A7C27F73F1D8F6860D5FBF76F28C7E77F41A2D913294 ] C:\WINDOWS\system32\hkcmd.exe
17:54:48.0826 0x097c  igfxhkcmd - ok
17:54:48.0876 0x097c  [ F302148C7BD644206181E208E7C31447, A0EE23F32FFF75E69D91BD33633491987EA8AD1ECFA7C1FE9D971A620242F8EC ] C:\WINDOWS\system32\igfxpers.exe
17:54:48.0936 0x097c  igfxpers - ok
17:54:49.0036 0x097c  [ 926A397334FE426A6C7657096FE681DB, 6C620221464E55DD1FA1C9661A15A369A180E0B73FA0BE92B9CD3A539D031928 ] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
17:54:49.0076 0x097c  HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
17:54:59.0381 0x097c  HP Software Update ( UnsignedFile.Multi.Generic ) - warning
17:54:59.0381 0x097c  Force sending object to P2P due to detect: C:\Programme\HP\HP Software Update\HPWuSchd2.exe
17:55:02.0536 0x097c  Object send P2P result: true
17:55:05.0029 0x097c  [ 98A078F838A70F84E1BD490D7C7675F4, 8FDE679868958682FEAB801CBD1914F945B824CFCE2C957D8AB51C66F171966B ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
17:55:05.0089 0x097c  SunJavaUpdateSched - ok
17:55:05.0190 0x097c  [ 7DEFF8426E7B2EFEF67F9D94D55A67FC, C3C7149AA3E142FABC3A06150FB35EC9688E0211924BC8D36FBB59422D512B7C ] C:\Programme\Winamp\winampa.exe
17:55:05.0210 0x097c  WinampAgent - detected UnsignedFile.Multi.Generic ( 1 )
17:55:07.0633 0x097c  Detect skipped due to KSN trusted
17:55:07.0633 0x097c  WinampAgent - ok
17:55:07.0643 0x097c  Waiting for KSN requests completion. In queue: 1
17:55:08.0644 0x097c  Waiting for KSN requests completion. In queue: 1
17:55:09.0706 0x097c  Win FW state via NFM: enabled
17:55:12.0079 0x097c  ============================================================
17:55:12.0079 0x097c  Scan finished
17:55:12.0079 0x097c  ============================================================
17:55:12.0099 0x0974  Detected object count: 1
17:55:12.0099 0x0974  Actual detected object count: 1
17:55:22.0565 0x0974  HP Software Update ( UnsignedFile.Multi.Generic ) - skipped by user
17:55:22.0565 0x0974  HP Software Update ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber · 08.07.2014, 09:34

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Telepolis · 08.07.2014, 13:42

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.07.2014
Suchlauf-Zeit: 14:17:48
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.08.04
Rootkit Datenbank: v2014.07.07.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows XP Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Administrator

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 257585
Verstrichene Zeit: 9 Min, 25 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [68ac8b12bebd84b2aacb189dba48c13f], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1547161642-764733703-1343024091-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [8d87e7b60378290ddb99853005fdb947], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 08/07/2014 um 14:29:41
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 2 (32 bits)
# Benutzername : Administrator - FDICAS01
# Gestartet von : C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : BackupStack

***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\systweak

***** [ Browser ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1326 octets] - [08/07/2014 14:29:08]
AdwCleaner[S0].txt - [1251 octets] - [08/07/2014 14:29:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1311 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 08.07.2014 at 14:31:30.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mozilla\firefox\profiles\zve2x5zb.default\minidumps [1 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.07.2014 at 14:36:16.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014 01
Ran by Administrator (administrator) on FDICAS01 on 08-07-2014 14:36:46
Running from C:\Dokumente und Einstellungen\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 6
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
() C:\Programme\Winamp\winampa.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2006-02-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [WinampAgent] => C:\Programme\Winamp\winampa.exe [36352 2007-10-10] ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Programme\TVUPlayer\npTVUAx.dll No File
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-01-26]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2012-09-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-19]

========================== Services (Whitelisted) =================

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2013-08-03] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2013-08-03] (Google Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [153584 2012-09-15] (Sun Microsystems, Inc.)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-01-26] (Mozilla Foundation)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2002-12-31] ()
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2210048 2006-03-22] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-08 14:36 - 2014-07-08 14:37 - 00009963 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.txt
2014-07-08 14:36 - 2014-07-08 14:36 - 00001066 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.txt
2014-07-08 14:36 - 2014-07-08 14:36 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST-OlderVersion
2014-07-08 14:31 - 2014-07-08 14:31 - 00001391 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\AdwCleaner[S0].txt
2014-07-08 14:31 - 2014-07-08 14:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 14:29 - 2014-07-08 14:29 - 00000000 ____D () C:\AdwCleaner
2014-07-08 14:28 - 2014-07-08 14:28 - 00001439 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\mbam.txt
2014-07-08 14:17 - 2014-07-08 14:19 - 00004035 _____ () C:\WINDOWS\KB944338-v2.log
2014-07-08 13:55 - 2014-07-08 13:56 - 00033984 _____ () C:\WINDOWS\ie8Uninst.log
2014-07-08 13:47 - 2014-07-08 13:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IECompatCache
2014-07-08 13:28 - 2014-07-08 14:17 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 13:28 - 2014-07-08 13:28 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-08 13:28 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-08 13:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-08 13:26 - 2014-07-08 14:36 - 01074688 _____ (Farbar) C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe
2014-07-08 13:26 - 2014-07-08 13:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Dokumente und Einstellungen\Administrator\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-08 13:26 - 2014-07-08 13:23 - 01016261 _____ (Thisisu) C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.exe
2014-07-08 13:26 - 2014-07-08 13:22 - 01346519 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner_3.214.exe
2014-07-07 17:58 - 2014-07-07 17:58 - 17938608 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-07 17:52 - 2014-07-07 17:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Administrator\Desktop\tdsskiller.exe
2014-07-06 14:14 - 2014-07-06 14:14 - 00006289 _____ () C:\ComboFix.txt
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2014-07-06 13:44 - 2014-07-05 14:29 - 05213907 ____R (Swearware) C:\Dokumente und Einstellungen\Administrator\Desktop\ComboFix.exe
2014-07-05 15:58 - 2014-07-05 15:58 - 06403664 _____ () C:\WINDOWS\fsmsiuninstall.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00001262 _____ () C:\WINDOWS\fsdgunst.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00000768 _____ () C:\WINDOWS\daasunin.LOG
2014-07-05 15:57 - 2014-07-05 15:57 - 00017796 _____ () C:\WINDOWS\FSAUA_UN.LOG
2014-07-05 15:56 - 2014-07-05 15:58 - 00619239 _____ () C:\WINDOWS\FSUNINST.log
2014-07-05 15:56 - 2014-07-05 15:58 - 00102495 _____ () C:\WINDOWS\uninstaller.log
2014-07-05 15:56 - 2014-07-05 15:56 - 00001651 _____ () C:\WINDOWS\FSPSUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001630 _____ () C:\WINDOWS\FSASWUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001259 _____ () C:\WINDOWS\FSGEMINST.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00000110 _____ () C:\WINDOWS\FSAVES_inst.log
2014-07-05 15:00 - 2006-03-21 21:06 - 00000211 _____ () C:\Boot.bak
2014-07-05 15:00 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2014-07-05 14:59 - 2014-07-05 15:00 - 00000000 _RSHD () C:\cmdcons
2014-07-05 14:45 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-05 14:45 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-05 14:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe

==================== One Month Modified Files and Folders =======

2014-07-08 14:37 - 2014-07-08 14:36 - 00009963 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.txt
2014-07-08 14:37 - 2006-03-21 21:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp
2014-07-08 14:36 - 2014-07-08 14:36 - 00001066 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.txt
2014-07-08 14:36 - 2014-07-08 14:36 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST-OlderVersion
2014-07-08 14:36 - 2014-07-08 13:26 - 01074688 _____ (Farbar) C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe
2014-07-08 14:36 - 2006-03-11 23:53 - 00000000 ____D () C:\FRST
2014-07-08 14:32 - 2006-03-21 21:11 - 01049821 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-08 14:31 - 2014-07-08 14:31 - 00001391 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\AdwCleaner[S0].txt
2014-07-08 14:31 - 2014-07-08 14:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 14:30 - 2013-03-09 02:16 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2014-07-08 14:30 - 2006-03-21 21:17 - 00032600 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-08 14:30 - 2006-03-21 21:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-08 14:30 - 2006-03-21 08:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-08 14:30 - 2006-03-21 08:35 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-08 14:29 - 2014-07-08 14:29 - 00000000 ____D () C:\AdwCleaner
2014-07-08 14:29 - 2006-03-21 21:18 - 00000300 ___SH () C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2014-07-08 14:28 - 2014-07-08 14:28 - 00001439 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\mbam.txt
2014-07-08 14:19 - 2014-07-08 14:17 - 00004035 _____ () C:\WINDOWS\KB944338-v2.log
2014-07-08 14:18 - 2007-10-25 10:53 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-07-08 14:17 - 2014-07-08 13:28 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 13:58 - 2006-03-21 21:18 - 00000783 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
2014-07-08 13:57 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\Help
2014-07-08 13:56 - 2014-07-08 13:55 - 00033984 _____ () C:\WINDOWS\ie8Uninst.log
2014-07-08 13:56 - 2013-03-09 02:03 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-07-08 13:56 - 2006-03-21 08:33 - 01160825 _____ () C:\WINDOWS\iis6.log
2014-07-08 13:56 - 2006-03-21 08:33 - 00481294 _____ () C:\WINDOWS\tsoc.log
2014-07-08 13:56 - 2006-03-21 08:33 - 00357013 _____ () C:\WINDOWS\comsetup.log
2014-07-08 13:56 - 2006-03-21 08:33 - 00214743 _____ () C:\WINDOWS\ntdtcsetup.log
2014-07-08 13:56 - 2006-03-21 08:33 - 00057999 _____ () C:\WINDOWS\ocmsn.log
2014-07-08 13:56 - 2006-03-21 08:33 - 00053189 _____ () C:\WINDOWS\tabletoc.log
2014-07-08 13:56 - 2006-03-21 08:33 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-07-08 13:55 - 2007-10-24 18:43 - 00101037 _____ () C:\WINDOWS\updspapi.log
2014-07-08 13:55 - 2006-03-21 08:33 - 01044105 _____ () C:\WINDOWS\FaxSetup.log
2014-07-08 13:55 - 2006-03-21 08:33 - 00501704 _____ () C:\WINDOWS\ocgen.log
2014-07-08 13:55 - 2006-03-21 08:33 - 00323810 _____ () C:\WINDOWS\msmqinst.log
2014-07-08 13:55 - 2006-03-21 08:33 - 00183651 _____ () C:\WINDOWS\netfxocm.log
2014-07-08 13:55 - 2006-03-21 08:33 - 00072462 _____ () C:\WINDOWS\MedCtrOC.log
2014-07-08 13:55 - 2006-03-21 08:33 - 00052474 _____ () C:\WINDOWS\msgsocm.log
2014-07-08 13:47 - 2014-07-08 13:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IECompatCache
2014-07-08 13:47 - 2006-03-21 21:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator
2014-07-08 13:45 - 2012-09-15 21:37 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2014-07-08 13:45 - 2006-03-21 08:33 - 00000000 ___RD () C:\Programme
2014-07-08 13:28 - 2014-07-08 13:28 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-08 13:28 - 2006-03-21 08:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-07-08 13:23 - 2014-07-08 13:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Dokumente und Einstellungen\Administrator\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-08 13:23 - 2014-07-08 13:26 - 01016261 _____ (Thisisu) C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.exe
2014-07-08 13:22 - 2014-07-08 13:26 - 01346519 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner_3.214.exe
2014-07-07 17:58 - 2014-07-07 17:58 - 17938608 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-07 17:58 - 2012-09-15 21:48 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-07 17:58 - 2012-09-15 21:48 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-07 17:58 - 2012-09-15 21:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-07 17:52 - 2002-12-31 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-07 17:50 - 2014-07-07 17:52 - 04181856 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Administrator\Desktop\tdsskiller.exe
2014-07-06 14:37 - 2006-03-21 21:17 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme
2014-07-06 14:36 - 2006-03-21 21:17 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
2014-07-06 14:14 - 2014-07-06 14:14 - 00006289 _____ () C:\ComboFix.txt
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2006-03-12 21:57 - 00000000 ____D () C:\Qoobox
2014-07-06 14:11 - 2006-03-12 21:56 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-06 14:11 - 2002-12-31 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-07-06 13:43 - 2013-03-09 00:53 - 00029754 _____ () C:\WINDOWS\setupapi.log
2014-07-05 16:00 - 2007-05-30 04:38 - 00000000 ____D () C:\Programme\upc-cablecom security package
2014-07-05 15:58 - 2014-07-05 15:58 - 06403664 _____ () C:\WINDOWS\fsmsiuninstall.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00001262 _____ () C:\WINDOWS\fsdgunst.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00000768 _____ () C:\WINDOWS\daasunin.LOG
2014-07-05 15:58 - 2014-07-05 15:56 - 00619239 _____ () C:\WINDOWS\FSUNINST.log
2014-07-05 15:58 - 2014-07-05 15:56 - 00102495 _____ () C:\WINDOWS\uninstaller.log
2014-07-05 15:58 - 2007-05-30 04:38 - 83828102 _____ () C:\WINDOWS\FSISU.log
2014-07-05 15:58 - 2007-05-30 04:38 - 01424501 _____ () C:\WINDOWS\FSDEPH.log
2014-07-05 15:58 - 2007-05-30 04:38 - 00007834 _____ () C:\WINDOWS\FSGKIAIN.log
2014-07-05 15:58 - 2007-05-30 04:38 - 00003445 _____ () C:\WINDOWS\FSLDIN.LOG
2014-07-05 15:58 - 2007-05-30 04:38 - 00000595 _____ () C:\WINDOWS\HELPINST.LOG
2014-07-05 15:57 - 2014-07-05 15:57 - 00017796 _____ () C:\WINDOWS\FSAUA_UN.LOG
2014-07-05 15:57 - 2007-05-30 04:38 - 00027265 _____ () C:\WINDOWS\fsavunin.log
2014-07-05 15:57 - 2007-05-30 04:38 - 00000860 _____ () C:\WINDOWS\FSGUIINS.LOG
2014-07-05 15:57 - 2007-05-30 04:38 - 00000665 _____ () C:\WINDOWS\fstnbins.LOG
2014-07-05 15:57 - 2007-05-30 04:07 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\f-secure
2014-07-05 15:56 - 2014-07-05 15:56 - 00001651 _____ () C:\WINDOWS\FSPSUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001630 _____ () C:\WINDOWS\FSASWUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001259 _____ () C:\WINDOWS\FSGEMINST.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00000110 _____ () C:\WINDOWS\FSAVES_inst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00027509 _____ () C:\WINDOWS\fwesinst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00025211 _____ () C:\WINDOWS\FSSSINST.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00020116 _____ () C:\WINDOWS\fwinst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00010200 _____ () C:\WINDOWS\FSSCINST.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00000798 _____ () C:\WINDOWS\fsgadget.log
2014-07-05 15:55 - 2007-10-24 20:51 - 00000000 ____D () C:\Programme\cablecom
2014-07-05 15:33 - 2006-03-21 08:33 - 01063910 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-05 15:30 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\system
2014-07-05 15:00 - 2014-07-05 14:59 - 00000000 _RSHD () C:\cmdcons
2014-07-05 15:00 - 2006-03-21 09:31 - 00000327 __RSH () C:\boot.ini
2014-07-05 14:29 - 2014-07-06 13:44 - 05213907 ____R (Swearware) C:\Dokumente und Einstellungen\Administrator\Desktop\ComboFix.exe

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 09.07.2014, 11:24

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Telepolis · 09.07.2014, 16:14

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=19ccd5b91e9ebb4cb2d762c0c36f1660
# engine=19097
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-09 03:04:57
# local_time=2014-07-09 05:04:57 (+0100, Westeuropäische Sommerzeit)
# country="Switzerland"
# lang=1031
# osver=5.1.2600 NT Service Pack 2
# scanned=28024
# found=10
# cleaned=0
# scan_time=1574
sh=34676E6CB0465F4B432083126341F23B8FEC7B64 ft=1 fh=395457a12514583a vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="C:\drivers\programs\zlsSetup_70_483_000_de.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe"
sh=05D1FBAE47FFB1A39403EE387299761F992729BD ft=1 fh=57162ae374b3de1e vn="Variante von Win32/Kryptik.BWTD Trojaner" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Dokumente und Einstellungen\All Users\Anwendungsdaten\v03iqml.cpp"
sh=A39C55E362199542330244B280735468B730D9E2 ft=1 fh=349dd8a04a8f8b58 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\Advanced System Protector\AdvancedSystemProtector.exe"
sh=22D2DDD066089C7CE3D77251A17EE75198A1342B ft=1 fh=da73685930070287 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\Advanced System Protector\AspManager.exe"
sh=866698A8AC36996FDF5AB67F502FEA5955C7C450 ft=1 fh=181b648461105be7 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\Advanced System Protector\filetypehelper.exe"
sh=70F105875DE6420CEDC5674F3F3C0ED9D4BE5728 ft=1 fh=43fda2c9df0909f5 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\Advanced System Protector\scandll.dll"
sh=29537B5D9E0B9006067890E1D21D0CE6F22E8A99 ft=1 fh=6e7ef67f604e413f vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\RegClean Pro\Cloud_Backup_Setup.exe"
sh=EE0DBC090D6FC9DA0D0A84516D8D34BF1F96E196 ft=1 fh=44b5db033c27eea0 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\RegClean Pro\Cloud_Backup_Setup_Intl.exe"
sh=4F2D43FFB1775DFE2101529769637B9741E2D473 ft=1 fh=7bf72ba7e7e381f9 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\_OTL\MovedFiles\03102006_033854\C_Programme\RegClean Pro\systweakasp.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.85  
 Windows XP Service Pack 2 x86   
 Out of date service pack!! 
 Internet Explorer 6 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 35  
 Java 2 Runtime Environment, SE v1.4.2_15 
 Java version out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player 	13.0.0.214 Flash Player out of Date!  
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014 01
Ran by Administrator (administrator) on FDICAS01 on 09-07-2014 17:07:59
Running from C:\Dokumente und Einstellungen\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 6
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
() C:\Programme\Winamp\winampa.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2006-02-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [WinampAgent] => C:\Programme\Winamp\winampa.exe [36352 2007-10-10] ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Programme\TVUPlayer\npTVUAx.dll No File
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-01-26]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2012-09-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-19]

========================== Services (Whitelisted) =================

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2013-08-03] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2013-08-03] (Google Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [153584 2012-09-15] (Sun Microsystems, Inc.)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-01-26] (Mozilla Foundation)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2002-12-31] ()
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2210048 2006-03-22] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981350$
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971961$
2014-07-08 14:45 - 2014-07-08 14:46 - 00006604 _____ () C:\WINDOWS\KB971961.log
2014-07-08 14:45 - 2014-07-08 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB944338-v2$
2014-07-08 14:36 - 2014-07-09 17:08 - 00010020 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.txt
2014-07-08 14:36 - 2014-07-08 14:36 - 00001066 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.txt
2014-07-08 14:31 - 2014-07-08 14:31 - 00001391 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\AdwCleaner[S0].txt
2014-07-08 14:31 - 2014-07-08 14:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 14:29 - 2014-07-08 14:29 - 00000000 ____D () C:\AdwCleaner
2014-07-08 14:28 - 2014-07-08 14:28 - 00001439 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\mbam.txt
2014-07-08 14:17 - 2014-07-08 14:45 - 00011478 _____ () C:\WINDOWS\KB944338-v2.log
2014-07-08 13:55 - 2014-07-08 13:56 - 00033984 _____ () C:\WINDOWS\ie8Uninst.log
2014-07-08 13:47 - 2014-07-08 13:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IECompatCache
2014-07-08 13:28 - 2014-07-08 14:17 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 13:28 - 2014-07-08 13:28 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-08 13:28 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-08 13:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-08 13:26 - 2014-07-08 14:36 - 01074688 _____ (Farbar) C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe
2014-07-08 13:26 - 2014-07-08 13:23 - 01016261 _____ (Thisisu) C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.exe
2014-07-08 13:26 - 2014-07-08 13:22 - 01346519 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner_3.214.exe
2014-07-07 17:58 - 2014-07-09 16:58 - 17938608 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-07 17:52 - 2014-07-07 17:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Administrator\Desktop\tdsskiller.exe
2014-07-06 14:14 - 2014-07-06 14:14 - 00006289 _____ () C:\ComboFix.txt
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2014-07-06 13:44 - 2014-07-05 14:29 - 05213907 ____R (Swearware) C:\Dokumente und Einstellungen\Administrator\Desktop\ComboFix.exe
2014-07-05 15:58 - 2014-07-05 15:58 - 06403664 _____ () C:\WINDOWS\fsmsiuninstall.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00001262 _____ () C:\WINDOWS\fsdgunst.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00000768 _____ () C:\WINDOWS\daasunin.LOG
2014-07-05 15:57 - 2014-07-05 15:57 - 00017796 _____ () C:\WINDOWS\FSAUA_UN.LOG
2014-07-05 15:56 - 2014-07-05 15:58 - 00619239 _____ () C:\WINDOWS\FSUNINST.log
2014-07-05 15:56 - 2014-07-05 15:58 - 00102495 _____ () C:\WINDOWS\uninstaller.log
2014-07-05 15:56 - 2014-07-05 15:56 - 00001651 _____ () C:\WINDOWS\FSPSUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001630 _____ () C:\WINDOWS\FSASWUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001259 _____ () C:\WINDOWS\FSGEMINST.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00000110 _____ () C:\WINDOWS\FSAVES_inst.log
2014-07-05 15:00 - 2006-03-21 21:06 - 00000211 _____ () C:\Boot.bak
2014-07-05 15:00 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2014-07-05 14:59 - 2014-07-05 15:00 - 00000000 _RSHD () C:\cmdcons
2014-07-05 14:45 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-05 14:45 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-05 14:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe

==================== One Month Modified Files and Folders =======

2014-07-09 17:08 - 2014-07-08 14:36 - 00010020 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.txt
2014-07-09 17:08 - 2006-03-21 21:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp
2014-07-09 17:08 - 2006-03-11 23:53 - 00000000 ____D () C:\FRST
2014-07-09 17:06 - 2006-03-21 21:11 - 01084937 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-09 17:06 - 2006-03-21 08:33 - 00000000 ___RD () C:\Programme
2014-07-09 16:58 - 2014-07-07 17:58 - 17938608 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-09 16:58 - 2012-09-15 21:48 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-09 16:58 - 2012-09-15 21:48 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-09 16:58 - 2012-09-15 21:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-09 16:35 - 2013-03-09 02:16 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2014-07-09 16:35 - 2006-03-21 08:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-09 16:35 - 2006-03-21 08:35 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-09 16:34 - 2006-03-21 21:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-09 16:30 - 2006-03-21 21:18 - 00000300 ___SH () C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2014-07-09 16:30 - 2006-03-21 21:17 - 00032600 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-09 16:19 - 2002-12-31 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981350$
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971961$
2014-07-08 14:46 - 2014-07-08 14:45 - 00006604 _____ () C:\WINDOWS\KB971961.log
2014-07-08 14:46 - 2013-03-09 02:17 - 00047956 _____ () C:\WINDOWS\KB980195.log
2014-07-08 14:46 - 2007-10-25 10:53 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-07-08 14:46 - 2006-03-21 08:33 - 01180600 _____ () C:\WINDOWS\iis6.log
2014-07-08 14:46 - 2006-03-21 08:33 - 01062656 _____ () C:\WINDOWS\FaxSetup.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00510452 _____ () C:\WINDOWS\ocgen.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00489757 _____ () C:\WINDOWS\tsoc.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00363121 _____ () C:\WINDOWS\comsetup.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00329368 _____ () C:\WINDOWS\msmqinst.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00218448 _____ () C:\WINDOWS\ntdtcsetup.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00186900 _____ () C:\WINDOWS\netfxocm.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00073737 _____ () C:\WINDOWS\MedCtrOC.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00059025 _____ () C:\WINDOWS\ocmsn.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00054122 _____ () C:\WINDOWS\tabletoc.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00053401 _____ () C:\WINDOWS\msgsocm.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-07-08 14:46 - 2006-03-21 08:33 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-07-08 14:45 - 2014-07-08 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB944338-v2$
2014-07-08 14:45 - 2014-07-08 14:17 - 00011478 _____ () C:\WINDOWS\KB944338-v2.log
2014-07-08 14:39 - 2013-03-09 00:53 - 00034406 _____ () C:\WINDOWS\setupapi.log
2014-07-08 14:36 - 2014-07-08 14:36 - 00001066 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.txt
2014-07-08 14:36 - 2014-07-08 13:26 - 01074688 _____ (Farbar) C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe
2014-07-08 14:31 - 2014-07-08 14:31 - 00001391 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\AdwCleaner[S0].txt
2014-07-08 14:31 - 2014-07-08 14:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 14:29 - 2014-07-08 14:29 - 00000000 ____D () C:\AdwCleaner
2014-07-08 14:28 - 2014-07-08 14:28 - 00001439 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\mbam.txt
2014-07-08 14:17 - 2014-07-08 13:28 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 13:58 - 2006-03-21 21:18 - 00000783 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
2014-07-08 13:57 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\Help
2014-07-08 13:56 - 2014-07-08 13:55 - 00033984 _____ () C:\WINDOWS\ie8Uninst.log
2014-07-08 13:56 - 2013-03-09 02:03 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-07-08 13:55 - 2007-10-24 18:43 - 00101037 _____ () C:\WINDOWS\updspapi.log
2014-07-08 13:47 - 2014-07-08 13:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IECompatCache
2014-07-08 13:47 - 2006-03-21 21:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator
2014-07-08 13:45 - 2012-09-15 21:37 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2014-07-08 13:28 - 2014-07-08 13:28 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-08 13:28 - 2006-03-21 08:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-07-08 13:23 - 2014-07-08 13:26 - 01016261 _____ (Thisisu) C:\Dokumente und Einstellungen\Administrator\Desktop\JRT.exe
2014-07-08 13:22 - 2014-07-08 13:26 - 01346519 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner_3.214.exe
2014-07-07 17:50 - 2014-07-07 17:52 - 04181856 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Administrator\Desktop\tdsskiller.exe
2014-07-06 14:37 - 2006-03-21 21:17 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme
2014-07-06 14:36 - 2006-03-21 21:17 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
2014-07-06 14:14 - 2014-07-06 14:14 - 00006289 _____ () C:\ComboFix.txt
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2006-03-12 21:57 - 00000000 ____D () C:\Qoobox
2014-07-06 14:11 - 2006-03-12 21:56 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-06 14:11 - 2002-12-31 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-07-05 16:00 - 2007-05-30 04:38 - 00000000 ____D () C:\Programme\upc-cablecom security package
2014-07-05 15:58 - 2014-07-05 15:58 - 06403664 _____ () C:\WINDOWS\fsmsiuninstall.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00001262 _____ () C:\WINDOWS\fsdgunst.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00000768 _____ () C:\WINDOWS\daasunin.LOG
2014-07-05 15:58 - 2014-07-05 15:56 - 00619239 _____ () C:\WINDOWS\FSUNINST.log
2014-07-05 15:58 - 2014-07-05 15:56 - 00102495 _____ () C:\WINDOWS\uninstaller.log
2014-07-05 15:58 - 2007-05-30 04:38 - 83828102 _____ () C:\WINDOWS\FSISU.log
2014-07-05 15:58 - 2007-05-30 04:38 - 01424501 _____ () C:\WINDOWS\FSDEPH.log
2014-07-05 15:58 - 2007-05-30 04:38 - 00007834 _____ () C:\WINDOWS\FSGKIAIN.log
2014-07-05 15:58 - 2007-05-30 04:38 - 00003445 _____ () C:\WINDOWS\FSLDIN.LOG
2014-07-05 15:58 - 2007-05-30 04:38 - 00000595 _____ () C:\WINDOWS\HELPINST.LOG
2014-07-05 15:57 - 2014-07-05 15:57 - 00017796 _____ () C:\WINDOWS\FSAUA_UN.LOG
2014-07-05 15:57 - 2007-05-30 04:38 - 00027265 _____ () C:\WINDOWS\fsavunin.log
2014-07-05 15:57 - 2007-05-30 04:38 - 00000860 _____ () C:\WINDOWS\FSGUIINS.LOG
2014-07-05 15:57 - 2007-05-30 04:38 - 00000665 _____ () C:\WINDOWS\fstnbins.LOG
2014-07-05 15:57 - 2007-05-30 04:07 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\f-secure
2014-07-05 15:56 - 2014-07-05 15:56 - 00001651 _____ () C:\WINDOWS\FSPSUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001630 _____ () C:\WINDOWS\FSASWUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001259 _____ () C:\WINDOWS\FSGEMINST.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00000110 _____ () C:\WINDOWS\FSAVES_inst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00027509 _____ () C:\WINDOWS\fwesinst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00025211 _____ () C:\WINDOWS\FSSSINST.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00020116 _____ () C:\WINDOWS\fwinst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00010200 _____ () C:\WINDOWS\FSSCINST.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00000798 _____ () C:\WINDOWS\fsgadget.log
2014-07-05 15:55 - 2007-10-24 20:51 - 00000000 ____D () C:\Programme\cablecom
2014-07-05 15:33 - 2006-03-21 08:33 - 01063910 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-05 15:30 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\system
2014-07-05 15:00 - 2014-07-05 14:59 - 00000000 _RSHD () C:\cmdcons
2014-07-05 15:00 - 2006-03-21 09:31 - 00000327 __RSH () C:\boot.ini
2014-07-05 14:29 - 2014-07-06 13:44 - 05213907 ____R (Swearware) C:\Dokumente und Einstellungen\Administrator\Desktop\ComboFix.exe

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Zitat:

Zitat von schrauber

und ein frisches FRST log bitte. Noch Probleme?

Auf den ersten Blick sind grunds. keine Probleme mehr vorhanden - Sprich, der Interpol-Sperrbildschirm taucht nicht mehr auf. Ich hoffe die restlichen, gemäss den einzelnen Logs vorhandenen, Schädlingsprogramme krieg' ich noch weg.

Anschliessend werd' ich natürlich alle relevanten Updates noch durchführen (Windows-Updates, Java et al.).

Sonst noch was, das ich beachten/unternehmen müsste?

schrauber · 10.07.2014, 13:49

Mach jetzt alle Updates inkl SP3, dann ein frisches FRST log bitte.

Telepolis · 12.07.2014, 13:05

- Windows Updates durchgeführt (114 Stk.)
- Service Pack 3 installiert
- Aufgrund dessen, dass der Support für Win XP im April 2014 eingestellt worden ist, kann ich nun meine legale Win XP Kopie nicht verifizieren lassen (WGA)
- FRST stürzt nun jeweils kurz vor Schluss ab ("keine Rückmeldung), Screen bleibt beim letzten Scan hängen. Anbei das File, das FRST noch dennoch erstellt:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-07-2014
Ran by Administrator (administrator) on FDICAS01 on 12-07-2014 13:21:09
Running from C:\Dokumente und Einstellungen\Administrator\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
() C:\Programme\Winamp\winampa.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgwdsvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Check Point Software Technologies, Ltd.) C:\Programme\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(AVG Technologies CZ, s.r.o.) C:\Programme\AVG\AVG2014\avgemcx.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\HP\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
() C:\Programme\Java\j2re1.4.2_15\bin\jusched.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2006-02-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WinampAgent] => C:\Programme\Winamp\winampa.exe [36352 2007-10-10] ()
HKLM\...\Run: [AVG_UI] => C:\Programme\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ZoneAlarm] => C:\Programme\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - DefaultScope {5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1404919090164
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default
FF DefaultSearchEngine: Search By ZoneAlarm
FF SearchEngineOrder.1: Search By ZoneAlarm
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: www.google.ch
FF Keyword.URL: hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&gu=a5bda5a1c91347a59e77a056c5d29c7b&tu=10G9y00Er1D20F0&sku=&tstsId=&ver=&&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Programme\TVUPlayer\npTVUAx.dll No File
FF user.js: detected! => C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF SearchPlugin: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: zonealarm.com - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\zve2x5zb.default\Extensions\ffxtlbr@zonealarm.com [2014-07-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-19]

========================== Services (Whitelisted) =================

U2 AVGIDSAgent; C:\Programme\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Programme\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2013-08-03] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2013-08-03] (Google Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-07-12] (Oracle Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-07-09] (Mozilla Foundation)
U2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]
S2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Programme\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

R3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
R1 Vsdatant; C:\WINDOWS\System32\vsdatant.sys [534024 2014-05-30] (Check Point Software Technologies Ltd.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2210048 2006-03-22] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-12 13:13 - 2014-07-12 13:22 - 00012245 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.txt
2014-07-12 13:12 - 2014-07-12 13:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-07-12 13:12 - 2014-07-12 13:11 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-07-12 13:12 - 2014-07-12 13:11 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-07-12 13:12 - 2014-07-12 13:11 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-07-12 13:12 - 2014-07-12 13:11 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-07-12 13:12 - 2014-07-12 13:11 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-07-12 13:10 - 2014-07-12 13:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java Web Start
2014-07-12 12:33 - 2014-07-12 12:33 - 00000783 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
2014-07-12 12:32 - 2014-07-12 12:59 - 00000238 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2014-07-12 12:32 - 2014-07-12 12:59 - 00000232 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2014-07-12 02:40 - 2014-07-12 02:39 - 02185216 _____ () C:\WINDOWS\system32\bu_tosave.ndb
2014-07-11 23:03 - 2014-07-11 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-07-11 22:54 - 2014-07-11 22:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-07-11 22:52 - 2014-07-11 22:53 - 00065054 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-07-11 22:50 - 2014-07-11 22:51 - 00066461 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-07-11 22:46 - 2014-07-11 22:49 - 00071196 _____ () C:\WINDOWS\KB2862772-IE8.log
2014-07-11 22:45 - 2014-03-06 19:58 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-07-11 22:44 - 2014-07-11 22:45 - 00064940 _____ () C:\WINDOWS\KB2598845-IE8.log
2014-07-11 22:44 - 2011-08-16 12:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-07-11 22:43 - 2014-07-11 22:44 - 00064292 _____ () C:\WINDOWS\KB2467659.log
2014-07-11 22:43 - 2014-07-11 22:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-07-11 22:30 - 2014-07-11 22:36 - 00000000 __HDC () C:\WINDOWS\ie8
2014-07-11 22:12 - 2014-07-11 22:12 - 00039582 _____ () C:\WINDOWS\KB2387149.log
2014-07-11 22:12 - 2014-07-11 22:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-07-11 22:11 - 2014-07-11 22:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-07-11 22:07 - 2014-07-11 22:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-07-11 22:06 - 2014-07-11 22:06 - 00036496 _____ () C:\WINDOWS\KB2659262.log
2014-07-11 22:06 - 2014-07-11 22:06 - 00035791 _____ () C:\WINDOWS\KB2564958.log
2014-07-11 22:06 - 2014-07-11 22:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-07-11 22:06 - 2014-07-11 22:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-07-11 22:06 - 2014-07-11 22:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-07-11 22:05 - 2014-07-11 22:06 - 00033863 _____ () C:\WINDOWS\KB2934207.log
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-07-11 22:04 - 2014-07-11 22:05 - 00032885 _____ () C:\WINDOWS\KB2834886.log
2014-07-11 22:04 - 2014-07-11 22:04 - 00035445 _____ () C:\WINDOWS\KB2536276-v2.log
2014-07-11 22:04 - 2014-07-11 22:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-07-11 22:04 - 2014-07-11 22:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-07-11 22:04 - 2014-07-11 22:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-07-11 22:02 - 2014-07-11 22:02 - 00032237 _____ () C:\WINDOWS\KB2296011.log
2014-07-11 22:02 - 2014-07-11 22:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-07-11 22:02 - 2014-07-11 22:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-07-11 22:01 - 2014-07-11 22:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-07-11 21:52 - 2014-07-11 21:53 - 00031822 _____ () C:\WINDOWS\KB2900986.log
2014-07-11 21:52 - 2014-07-11 21:52 - 00037236 _____ () C:\WINDOWS\KB975558.log
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-07-11 21:51 - 2014-07-11 21:52 - 00034426 _____ () C:\WINDOWS\KB2378111.log
2014-07-11 21:51 - 2014-07-11 21:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-07-11 21:51 - 2014-07-11 21:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-07-11 21:51 - 2014-07-11 21:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-07-11 21:50 - 2014-07-11 21:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-07-11 21:42 - 2014-07-11 21:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-07-11 21:41 - 2014-07-11 21:41 - 00032681 _____ () C:\WINDOWS\KB2485663.log
2014-07-11 21:41 - 2014-07-11 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-07-11 21:41 - 2014-07-11 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-07-11 21:41 - 2014-07-11 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-07-11 21:40 - 2014-07-11 21:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-07-11 21:40 - 2014-07-11 21:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-07-11 21:40 - 2014-07-11 21:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-07-11 21:39 - 2014-07-11 21:40 - 00033029 _____ () C:\WINDOWS\KB2686509.log
2014-07-11 21:38 - 2014-07-11 21:38 - 00030598 _____ () C:\WINDOWS\KB2862335.log
2014-07-11 21:38 - 2014-07-11 21:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-07-11 21:38 - 2014-07-11 21:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-07-11 21:36 - 2014-07-11 21:36 - 00029577 _____ () C:\WINDOWS\KB2904266.log
2014-07-11 21:36 - 2014-07-11 21:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-07-11 21:36 - 2014-07-11 21:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-07-11 21:36 - 2014-07-11 21:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-07-11 21:35 - 2014-07-11 21:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-07-11 21:34 - 2014-07-11 21:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-07-11 21:34 - 2014-07-11 21:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-07-11 21:33 - 2014-07-11 21:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-07-11 21:33 - 2014-07-11 21:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-07-11 21:32 - 2014-07-11 21:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-07-11 21:32 - 2014-07-11 21:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-07-11 21:31 - 2014-07-11 21:31 - 00026764 _____ () C:\WINDOWS\KB2592799.log
2014-07-11 21:31 - 2014-07-11 21:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-07-11 21:27 - 2014-07-11 21:27 - 00026687 _____ () C:\WINDOWS\KB2535512.log
2014-07-11 21:27 - 2014-07-11 21:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-07-11 21:27 - 2014-07-11 21:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-07-11 21:26 - 2014-07-11 21:27 - 00024685 _____ () C:\WINDOWS\KB2964358.log
2014-07-11 21:26 - 2014-07-11 21:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-07-11 21:26 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-07-11 21:26 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-07-11 21:26 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-07-11 21:25 - 2014-07-11 21:25 - 00025539 _____ () C:\WINDOWS\KB2807986.log
2014-07-11 21:25 - 2014-07-11 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-07-11 21:25 - 2014-07-11 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-07-11 21:24 - 2014-07-11 21:25 - 00024998 _____ () C:\WINDOWS\KB2570947.log
2014-07-11 21:15 - 2014-07-11 21:16 - 00023594 _____ () C:\WINDOWS\KB2868038.log
2014-07-11 21:15 - 2014-07-11 21:15 - 00024334 _____ () C:\WINDOWS\KB2603381.log
2014-07-11 21:15 - 2014-07-11 21:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-07-11 21:15 - 2014-07-11 21:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-07-11 21:15 - 2014-07-11 21:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-07-11 21:14 - 2014-07-11 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-07-11 21:14 - 2014-07-11 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-07-11 21:14 - 2014-07-11 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-07-11 21:13 - 2014-07-11 21:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-07-11 21:13 - 2014-07-11 21:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-07-11 21:12 - 2014-07-11 21:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-07-11 21:11 - 2014-07-11 21:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-07-11 21:10 - 2014-07-11 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-07-11 21:10 - 2014-07-11 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-07-11 21:09 - 2014-07-11 21:10 - 00012262 _____ () C:\WINDOWS\KB2834903-v2.log
2014-07-11 21:09 - 2014-07-11 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-07-11 21:09 - 2014-07-11 21:09 - 00016188 _____ () C:\WINDOWS\KB2698365.log
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-07-11 21:08 - 2014-07-11 21:08 - 00013585 _____ () C:\WINDOWS\KB981997.log
2014-07-11 21:08 - 2014-07-11 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-07-11 21:08 - 2014-07-11 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-07-11 21:07 - 2014-07-11 21:07 - 00014123 _____ () C:\WINDOWS\KB2723135-v2.log
2014-07-11 21:07 - 2014-07-11 21:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-07-11 21:07 - 2014-07-11 21:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-07-11 21:06 - 2014-07-11 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-07-11 21:06 - 2014-07-11 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-07-11 21:06 - 2014-07-11 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2447961_WM9L$
2014-07-11 21:05 - 2014-07-11 21:06 - 00012832 _____ () C:\WINDOWS\KB2447961.log
2014-07-11 21:05 - 2014-07-11 21:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-07-11 20:46 - 2014-07-11 20:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-07-11 20:37 - 2014-07-11 20:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-07-11 20:35 - 2014-07-11 20:36 - 00013229 _____ () C:\WINDOWS\KB2393802.log
2014-07-11 20:35 - 2014-07-11 20:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-07-11 20:35 - 2014-07-11 20:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-07-11 20:34 - 2014-07-11 20:35 - 00010695 _____ () C:\WINDOWS\KB2566454.log
2014-07-11 20:34 - 2014-07-11 20:34 - 00010457 _____ () C:\WINDOWS\KB2661637.log
2014-07-11 20:34 - 2014-07-11 20:34 - 00008615 _____ () C:\WINDOWS\KB2914368.log
2014-07-11 20:34 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-07-11 20:34 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-07-11 20:34 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-07-11 20:33 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-07-11 20:25 - 2014-07-11 20:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-07-11 20:24 - 2014-07-11 20:25 - 00010648 _____ () C:\WINDOWS\KB2423089.log
2014-07-11 19:48 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-07-11 19:48 - 2014-02-27 01:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-07-11 18:58 - 2014-07-11 23:03 - 00067659 _____ () C:\WINDOWS\KB2868626.log
2014-07-11 18:58 - 2014-07-11 22:54 - 00066390 _____ () C:\WINDOWS\KB2922229.log
2014-07-11 18:58 - 2014-07-11 21:06 - 00023350 _____ () C:\WINDOWS\KB2509553.log
2014-07-11 18:58 - 2012-05-28 20:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-07-11 18:58 - 2010-09-18 08:52 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-07-11 18:57 - 2014-07-11 22:12 - 00047841 _____ () C:\WINDOWS\KB2712808.log
2014-07-11 18:57 - 2014-07-11 22:07 - 00047103 _____ () C:\WINDOWS\KB2479943.log
2014-07-11 18:57 - 2014-07-11 22:06 - 00042879 _____ () C:\WINDOWS\KB2916036.log
2014-07-11 18:57 - 2014-07-11 22:02 - 00042797 _____ () C:\WINDOWS\KB2631813.log
2014-07-11 18:57 - 2014-07-11 21:52 - 00040575 _____ () C:\WINDOWS\KB2847311.log
2014-07-11 18:56 - 2014-07-11 22:05 - 00044283 _____ () C:\WINDOWS\KB2478971.log
2014-07-11 18:56 - 2014-07-11 22:04 - 00043837 _____ () C:\WINDOWS\KB2585542.log
2014-07-11 18:56 - 2014-07-11 22:04 - 00043494 _____ () C:\WINDOWS\KB2345886.log
2014-07-11 18:56 - 2014-07-11 22:01 - 00043460 _____ () C:\WINDOWS\KB2691442.log
2014-07-11 18:55 - 2014-07-11 22:05 - 00043735 _____ () C:\WINDOWS\KB2544893-v2.log
2014-07-11 18:55 - 2014-07-11 21:52 - 00041976 _____ () C:\WINDOWS\KB2115168.log
2014-07-11 18:55 - 2014-07-11 21:51 - 00042565 _____ () C:\WINDOWS\KB951978.log
2014-07-11 18:55 - 2010-08-23 18:11 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-07-11 18:54 - 2014-07-11 21:51 - 00042054 _____ () C:\WINDOWS\KB2655992.log
2014-07-11 18:54 - 2014-07-11 21:51 - 00041456 _____ () C:\WINDOWS\KB2443105.log
2014-07-11 18:54 - 2014-07-11 21:42 - 00041782 _____ () C:\WINDOWS\KB2481109.log
2014-07-11 18:54 - 2014-07-11 21:42 - 00040767 _____ () C:\WINDOWS\KB2802968.log
2014-07-11 18:53 - 2014-07-11 21:41 - 00040245 _____ () C:\WINDOWS\KB2598479.log
2014-07-11 18:53 - 2014-07-11 21:41 - 00038840 _____ () C:\WINDOWS\KB2898715.log
2014-07-11 18:53 - 2014-07-11 21:40 - 00036911 _____ () C:\WINDOWS\KB2929961.log
2014-07-11 18:53 - 2014-07-11 21:38 - 00039463 _____ () C:\WINDOWS\KB982132.log
2014-07-11 18:53 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-07-11 18:53 - 2013-07-03 03:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-07-11 18:52 - 2014-07-11 21:38 - 00037309 _____ () C:\WINDOWS\KB2909212.log
2014-07-11 18:52 - 2014-07-11 21:37 - 00041038 _____ () C:\WINDOWS\KB2510581.log
2014-07-11 18:52 - 2014-07-11 21:37 - 00038903 _____ () C:\WINDOWS\KB2780091.log
2014-07-11 18:52 - 2014-07-11 21:37 - 00038745 _____ () C:\WINDOWS\KB2507938.log
2014-07-11 18:52 - 2014-07-11 21:36 - 00036315 _____ () C:\WINDOWS\KB2876217.log
2014-07-11 18:51 - 2014-07-11 21:36 - 00038791 _____ () C:\WINDOWS\KB2483185.log
2014-07-11 18:51 - 2014-07-11 21:34 - 00038216 _____ () C:\WINDOWS\KB979687.log
2014-07-11 18:51 - 2014-07-11 21:34 - 00035414 _____ () C:\WINDOWS\KB2930275.log
2014-07-11 18:51 - 2014-07-11 21:33 - 00036746 _____ () C:\WINDOWS\KB2719985.log
2014-07-11 18:51 - 2014-07-11 21:33 - 00034617 _____ () C:\WINDOWS\KB2864063.log
2014-07-11 18:50 - 2014-07-11 21:32 - 00035167 _____ () C:\WINDOWS\KB2936068.log
2014-07-11 18:50 - 2014-07-11 21:32 - 00030890 _____ () C:\WINDOWS\KB2862152.log
2014-07-11 18:50 - 2014-03-06 19:58 - 06021632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-07-11 18:50 - 2011-04-21 15:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-07-11 18:49 - 2014-07-11 21:26 - 00030176 _____ () C:\WINDOWS\KB2859537.log
2014-07-11 18:49 - 2014-07-11 21:26 - 00029815 _____ () C:\WINDOWS\KB2850869.log
2014-07-11 18:49 - 2014-07-11 21:26 - 00029295 _____ () C:\WINDOWS\KB2876331.log
2014-07-11 18:49 - 2013-07-17 02:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-07-11 18:49 - 2013-07-17 02:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-07-11 18:49 - 2013-07-17 02:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-07-11 18:49 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-07-11 18:49 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-07-11 18:48 - 2014-07-11 21:15 - 00031102 _____ () C:\WINDOWS\KB2820917.log
2014-07-11 18:48 - 2014-07-11 21:14 - 00030595 _____ () C:\WINDOWS\KB2757638.log
2014-07-11 18:48 - 2014-07-11 21:14 - 00028281 _____ () C:\WINDOWS\KB2893294.log
2014-07-11 18:48 - 2014-07-11 21:13 - 00031363 _____ () C:\WINDOWS\KB2419632.log
2014-07-11 18:47 - 2014-07-11 21:13 - 00024294 _____ () C:\WINDOWS\KB2508429.log
2014-07-11 18:47 - 2014-07-11 21:12 - 00023546 _____ () C:\WINDOWS\KB2653956.log
2014-07-11 18:47 - 2014-07-11 21:09 - 00020620 _____ () C:\WINDOWS\KB2705219-v2.log
2014-07-11 18:47 - 2014-07-11 21:09 - 00018246 _____ () C:\WINDOWS\KB2892075.log
2014-07-11 18:47 - 2014-07-11 21:08 - 00018853 _____ () C:\WINDOWS\KB2727528.log
2014-07-11 18:47 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-07-11 18:47 - 2013-08-09 02:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-07-11 18:47 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-07-11 18:47 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-07-11 18:46 - 2014-07-11 21:11 - 00023056 _____ () C:\WINDOWS\KB2749655.log
2014-07-11 18:46 - 2014-07-11 21:06 - 00020353 _____ () C:\WINDOWS\KB2813345.log
2014-07-11 18:46 - 2012-07-04 16:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-07-11 18:38 - 2014-07-11 21:05 - 00021048 _____ () C:\WINDOWS\KB2676562.log
2014-07-11 18:37 - 2014-07-11 21:11 - 00022291 _____ () C:\WINDOWS\KB971029.log
2014-07-11 18:37 - 2014-07-11 21:10 - 00021328 _____ () C:\WINDOWS\KB2506212.log
2014-07-11 18:37 - 2014-07-11 21:09 - 00019163 _____ () C:\WINDOWS\KB2619339.log
2014-07-11 18:34 - 2014-07-11 20:47 - 00016292 _____ () C:\WINDOWS\KB982665.log
2014-07-11 18:33 - 2014-07-11 20:35 - 00015349 _____ () C:\WINDOWS\KB2620712.log
2014-07-11 18:32 - 2013-11-27 22:21 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-07-11 18:32 - 2012-01-11 21:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-07-11 18:32 - 2012-01-11 21:06 - 00003072 ____C () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-07-11 18:32 - 2011-07-08 16:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-07-11 18:30 - 2014-07-11 20:34 - 00015067 _____ () C:\WINDOWS\KB2584146.log
2014-07-11 18:30 - 2010-10-11 16:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-07-10 19:53 - 2014-07-10 20:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 19:53 - 2014-06-26 17:38 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-10 18:56 - 2014-07-10 18:57 - 00431135 _____ () C:\WINDOWS\system32\vsconfig.xml
2014-07-10 18:54 - 2014-07-10 18:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Check Point
2014-07-10 18:48 - 2014-07-10 18:49 - 00000000 ____D () C:\1f7737ed2b58017333a50f557555cd73
2014-07-10 18:27 - 2014-07-10 18:27 - 00000000 ____D () C:\Programme\Check Point Software Technologies LTD
2014-07-10 18:27 - 2014-07-10 18:27 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Check Point Software Technologies LTD
2014-07-10 18:19 - 2014-07-10 18:54 - 00000000 ____D () C:\Programme\CheckPoint
2014-07-10 00:57 - 2014-07-10 00:57 - 00000255 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-07-10 00:57 - 2014-07-10 00:57 - 00000187 _____ () C:\WINDOWS\spupdsvc.log.1.log
2014-07-09 21:48 - 2014-07-09 21:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980232$
2014-07-09 21:46 - 2014-07-09 21:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980218$
2014-07-09 21:43 - 2014-07-09 21:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979683$
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979559$
2014-07-09 21:39 - 2014-07-09 21:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-07-09 21:37 - 2014-07-09 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-07-09 21:35 - 2014-07-09 21:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-07-09 21:33 - 2014-07-09 21:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978601$
2014-07-09 21:31 - 2014-07-09 21:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-07-09 21:29 - 2014-07-09 21:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-07-09 21:26 - 2014-07-09 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978037$
2014-07-09 21:23 - 2014-07-09 21:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-07-09 21:21 - 2014-07-09 21:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-07-09 21:19 - 2014-07-09 21:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975562$
2014-07-09 21:17 - 2014-07-09 21:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975561$
2014-07-09 21:14 - 2014-07-09 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-07-09 21:12 - 2014-07-09 21:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-07-09 21:10 - 2014-07-09 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-07-09 21:08 - 2014-07-09 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-07-09 21:06 - 2014-07-09 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-07-09 21:03 - 2014-07-09 21:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-07-09 21:01 - 2014-07-09 21:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-07-09 20:59 - 2014-07-09 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-07-09 20:56 - 2014-07-09 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-07-09 20:54 - 2014-07-09 20:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687$
2014-07-09 20:52 - 2014-07-09 20:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-07-09 20:50 - 2014-07-09 20:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-07-09 20:48 - 2014-07-09 20:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971737$
2014-07-09 20:46 - 2014-07-09 20:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-07-09 20:44 - 2014-07-09 20:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971468$
2014-07-09 20:41 - 2014-07-09 20:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-07-09 20:39 - 2014-07-09 20:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970238$
2014-07-09 20:37 - 2014-07-09 20:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-07-09 20:34 - 2014-07-09 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-07-09 20:32 - 2014-07-09 20:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB967715$
2014-07-09 20:30 - 2014-07-09 20:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961501$
2014-07-09 20:26 - 2014-07-09 20:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-07-09 20:24 - 2014-07-09 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-07-09 20:21 - 2014-07-09 20:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-07-09 20:19 - 2014-07-09 20:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960225$
2014-07-09 20:16 - 2014-07-09 20:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-07-09 20:14 - 2014-07-09 20:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB958644$
2014-07-09 20:12 - 2014-07-09 20:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-07-09 20:09 - 2014-07-09 20:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956803$
2014-07-09 20:07 - 2014-07-09 20:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956802$
2014-07-09 20:04 - 2014-07-09 20:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-07-09 20:01 - 2014-07-09 20:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-07-09 19:57 - 2014-07-09 19:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687_1$
2014-07-09 19:54 - 2014-07-09 19:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955069$
2014-07-09 19:52 - 2014-07-09 19:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-07-09 19:50 - 2014-07-09 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-07-09 19:48 - 2014-07-09 19:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-07-09 19:45 - 2014-07-09 19:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951748$
2014-07-09 19:43 - 2014-07-09 19:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-07-09 19:41 - 2014-07-09 19:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-07-09 19:38 - 2014-07-09 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-07-09 19:36 - 2014-07-09 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-07-09 19:34 - 2014-07-09 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-07-09 19:31 - 2014-07-09 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-07-09 19:21 - 2013-07-17 02:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irbus.sys
2014-07-09 19:21 - 2012-11-06 04:01 - 01371648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6.dll
2014-07-09 19:21 - 2008-04-14 07:52 - 00010752 ____N (Microsoft Corporation) C:\WINDOWS\system32\smtpapi.dll
2014-07-09 19:21 - 2008-04-14 07:52 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\rwnh.dll
2014-07-09 19:21 - 2008-04-14 07:51 - 00102912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dpcdll.dll
2014-07-09 19:21 - 2008-04-14 07:51 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\WINDOWS\system32\dllcache\sl_anet.acm
2014-07-09 19:21 - 2008-04-14 07:50 - 00294912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msaud32.acm
2014-07-09 19:21 - 2008-04-14 07:50 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\dllcache\l3codeca.acm
2014-07-09 19:21 - 2008-04-14 07:27 - 00093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6r.dll
2014-07-09 19:21 - 2008-04-14 00:13 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\comsdupd.exe
2014-07-09 19:21 - 2007-06-26 11:30 - 00572557 ____C () C:\WINDOWS\system32\dllcache\rtuner.wmv
2014-07-09 19:21 - 2007-06-26 11:30 - 00457607 ____C () C:\WINDOWS\system32\dllcache\mdlib.wmv
2014-07-09 19:21 - 2007-06-26 11:30 - 00381425 ____C () C:\WINDOWS\system32\dllcache\copycd.wmv
2014-07-09 19:21 - 2007-06-26 11:30 - 00375519 ____C () C:\WINDOWS\system32\dllcache\nuskin.wmv
2014-07-09 19:21 - 2007-06-26 11:30 - 00354468 ____C () C:\WINDOWS\system32\dllcache\wmpaud1.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00343204 ____C () C:\WINDOWS\system32\dllcache\wmpaud7.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00343204 ____C () C:\WINDOWS\system32\dllcache\wmpaud6.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00300969 ____C () C:\WINDOWS\system32\dllcache\viz.wmv
2014-07-09 19:21 - 2007-06-26 11:30 - 00172196 ____C () C:\WINDOWS\system32\dllcache\wmpaud9.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00172196 ____C () C:\WINDOWS\system32\dllcache\wmpaud8.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00172196 ____C () C:\WINDOWS\system32\dllcache\wmpaud3.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00086196 ____C () C:\WINDOWS\system32\dllcache\wmpaud5.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00086180 ____C () C:\WINDOWS\system32\dllcache\wmpaud4.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00086180 ____C () C:\WINDOWS\system32\dllcache\wmpaud2.wav
2014-07-09 19:21 - 2007-06-26 11:30 - 00022060 ____C () C:\WINDOWS\system32\dllcache\npds.zip
2014-07-09 19:21 - 2007-06-26 11:30 - 00010457 ____C () C:\WINDOWS\system32\dllcache\wmptour.hta
2014-07-09 19:21 - 2007-06-26 11:30 - 00009585 ____C () C:\WINDOWS\system32\dllcache\controls.css
2014-07-09 19:21 - 2007-06-26 11:30 - 00008298 ____C () C:\WINDOWS\system32\dllcache\contents.htm
2014-07-09 19:21 - 2007-06-26 11:30 - 00006878 ____C () C:\WINDOWS\system32\dllcache\controls.js
2014-07-09 19:21 - 2007-06-26 11:30 - 00005971 ____C () C:\WINDOWS\system32\dllcache\events.js
2014-07-09 19:21 - 2007-06-26 11:30 - 00003187 ____C () C:\WINDOWS\system32\dllcache\tour.js
2014-07-09 19:21 - 2007-06-26 11:30 - 00001771 ____C () C:\WINDOWS\system32\dllcache\wmptour.css
2014-07-09 19:21 - 2007-06-26 11:30 - 00001148 ____C () C:\WINDOWS\system32\dllcache\snd.htm
2014-07-09 19:21 - 2007-06-26 11:30 - 00000420 ____C () C:\WINDOWS\system32\dllcache\wmploc.js
2014-07-09 19:21 - 2007-06-26 11:29 - 00097117 ____C () C:\WINDOWS\system32\dllcache\mplayer2.hlp
2014-07-09 19:21 - 2007-06-26 11:29 - 00001885 ____C () C:\WINDOWS\system32\dllcache\mplayer2.cnt
2014-07-09 19:21 - 2007-06-26 11:26 - 00000403 ____C () C:\WINDOWS\system32\dllcache\npdrmv2.zip
2014-07-09 19:21 - 2007-02-21 10:45 - 00076456 ____C () C:\WINDOWS\system32\dllcache\wmplayer.adm
2014-07-09 19:21 - 2007-02-21 10:36 - 00026141 ____C () C:\WINDOWS\system32\dllcache\wmplay.chm
2014-07-09 19:21 - 2007-02-21 10:25 - 00660224 ____C () C:\WINDOWS\system32\dllcache\wmplayer.chm
2014-07-09 19:21 - 2007-02-21 10:25 - 00184109 ____C () C:\WINDOWS\system32\dllcache\compact.wmz
2014-07-09 19:21 - 2007-02-21 10:25 - 00084531 ____C () C:\WINDOWS\system32\dllcache\plyr_err.chm
2014-07-09 19:21 - 2007-02-21 10:25 - 00066132 ____C () C:\WINDOWS\system32\dllcache\revert.wmz
2014-07-09 19:21 - 2007-02-21 10:25 - 00001476 ____C () C:\WINDOWS\system32\dllcache\plylst5.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001471 ____C () C:\WINDOWS\system32\dllcache\plylst6.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001471 ____C () C:\WINDOWS\system32\dllcache\plylst12.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001469 ____C () C:\WINDOWS\system32\dllcache\plylst3.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001467 ____C () C:\WINDOWS\system32\dllcache\plylst4.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001261 ____C () C:\WINDOWS\system32\dllcache\plylst1.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001055 ____C () C:\WINDOWS\system32\dllcache\plylst2.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001047 ____C () C:\WINDOWS\system32\dllcache\plylst7.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00001038 ____C () C:\WINDOWS\system32\dllcache\plylst8.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00000807 ____C () C:\WINDOWS\system32\dllcache\plylst11.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00000800 ____C () C:\WINDOWS\system32\dllcache\plylst10.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00000782 ____C () C:\WINDOWS\system32\dllcache\plylst9.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00000779 ____C () C:\WINDOWS\system32\dllcache\plylst13.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00000778 ____C () C:\WINDOWS\system32\dllcache\plylst14.wpl
2014-07-09 19:21 - 2007-02-21 10:25 - 00000725 ____C () C:\WINDOWS\system32\dllcache\plylst15.wpl
2014-07-09 19:20 - 2014-07-09 19:20 - 00000000 ____D () C:\WINDOWS\system32\de
2014-07-09 19:20 - 2014-07-09 19:20 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-07-09 19:20 - 2008-04-14 07:53 - 00073796 ____N (Smart Link) C:\WINDOWS\system32\slserv.exe
2014-07-09 19:20 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\WINDOWS\system32\slrundll.exe
2014-07-09 19:20 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\WINDOWS\slrundll.exe
2014-07-09 19:20 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\WINDOWS\system32\setupn.exe
2014-07-09 19:20 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax
2014-07-09 19:20 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativmvxx.ax
2014-07-09 19:20 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativdaxx.ax
2014-07-09 19:20 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 01888992 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3duag.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\mtxparhd.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3d1ag.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00516768 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcex.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\s3gnb.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvaa.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagentrt.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00286792 ____N (Smart Link) C:\WINDOWS\system32\slextspk.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00229376 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00201728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\WINDOWS\system32\napmontr.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00188508 ____N (Smart Link) C:\WINDOWS\system32\slgen.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\WINDOWS\system32\napstat.exe
2014-07-09 19:20 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssha.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagent.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcfxcommon.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\WINDOWS\system32\mdmxsdk.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\qutil.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00073832 ____N (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3cfg.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\WINDOWS\system32\qcliprov.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\WINDOWS\system32\rasqec.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\kmsvc.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapqec.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\WINDOWS\system32\tspkg.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\WINDOWS\system32\dhcpqec.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3gpclnt.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcperf.exe
2014-07-09 19:20 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativtmxx.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\hsfcisp2.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapolqec.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\WINDOWS\system32\napipsec.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsntfy.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2014-07-09 19:20 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2014-07-09 19:20 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpash.dll
2014-07-09 19:20 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnepr.dll
2014-07-09 19:20 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdiultn.dll
2014-07-09 19:20 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdbhc.dll
2014-07-09 19:20 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\WINDOWS\system32\msshavmsg.dll
2014-07-09 19:09 - 2008-04-14 07:52 - 00294912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dlimport.exe
2014-07-09 19:02 - 2013-07-17 02:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-07-09 19:02 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys
2014-07-09 19:02 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2014-07-09 19:02 - 2008-04-14 07:21 - 00701952 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2014-07-09 19:02 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys
2014-07-09 19:02 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys
2014-07-09 19:02 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-07-09 19:02 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys
2014-07-09 19:02 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys
2014-07-09 19:02 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys
2014-07-09 19:02 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys
2014-07-09 19:02 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agpcpq.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdagp.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\alim1541.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agp440.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaagp.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\Drivers\sisagp.sys
2014-07-09 19:02 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2014-07-09 19:02 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys
2014-07-09 19:02 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys
2014-07-09 19:02 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys
2014-07-09 19:02 - 2007-04-02 21:36 - 00129045 ____N () C:\WINDOWS\system32\Drivers\cxthsfs2.cty
2014-07-09 19:02 - 2006-12-29 20:21 - 00064352 ____N () C:\WINDOWS\system32\Drivers\ativmc20.cod
2014-07-09 19:02 - 2006-12-29 20:02 - 00067866 ____N () C:\WINDOWS\system32\Drivers\netwlan5.img
2014-07-09 18:59 - 2006-12-29 00:31 - 00019569 _____ () C:\WINDOWS\003097_.tmp
2014-07-09 18:43 - 2014-07-09 18:57 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-07-09 17:48 - 2014-07-09 17:48 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\AVG2014
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software
2014-07-09 17:38 - 2014-07-09 17:46 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2014
2014-07-09 17:38 - 2014-07-09 17:38 - 00000000 ___HD () C:\$AVG
2014-07-09 17:36 - 2014-07-09 17:36 - 00000000 ____D () C:\Programme\Mozilla Firefox
2014-07-09 17:28 - 2014-07-09 17:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
2014-07-09 17:25 - 2014-07-12 12:47 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2014-07-09 17:25 - 2014-07-09 17:47 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Avg2014
2014-07-09 17:25 - 2014-07-09 17:25 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\MFAData
2014-07-09 17:22 - 2014-07-09 17:22 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981350$
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971961$
2014-07-08 14:45 - 2014-07-08 14:46 - 00006604 _____ () C:\WINDOWS\KB971961.log
2014-07-08 14:45 - 2014-07-08 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB944338-v2$
2014-07-08 14:31 - 2014-07-08 14:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 14:29 - 2014-07-08 14:29 - 00000000 ____D () C:\AdwCleaner
2014-07-08 14:17 - 2014-07-08 14:45 - 00011478 _____ () C:\WINDOWS\KB944338-v2.log
2014-07-08 13:55 - 2014-07-08 13:56 - 00033984 _____ () C:\WINDOWS\ie8Uninst.log
2014-07-08 13:47 - 2014-07-08 13:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IECompatCache
2014-07-08 13:28 - 2014-07-08 14:17 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-08 13:28 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-08 13:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-08 13:26 - 2014-07-11 18:30 - 01075200 _____ (Farbar) C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe
2014-07-06 14:14 - 2014-07-12 12:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2014-07-06 14:14 - 00006289 _____ () C:\ComboFix.txt
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2014-07-05 15:58 - 2014-07-05 15:58 - 06403664 _____ () C:\WINDOWS\fsmsiuninstall.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00001262 _____ () C:\WINDOWS\fsdgunst.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00000768 _____ () C:\WINDOWS\daasunin.LOG
2014-07-05 15:57 - 2014-07-05 15:57 - 00017796 _____ () C:\WINDOWS\FSAUA_UN.LOG
2014-07-05 15:56 - 2014-07-05 15:58 - 00619239 _____ () C:\WINDOWS\FSUNINST.log
2014-07-05 15:56 - 2014-07-05 15:58 - 00102495 _____ () C:\WINDOWS\uninstaller.log
2014-07-05 15:56 - 2014-07-05 15:56 - 00001651 _____ () C:\WINDOWS\FSPSUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001630 _____ () C:\WINDOWS\FSASWUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001259 _____ () C:\WINDOWS\FSGEMINST.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00000110 _____ () C:\WINDOWS\FSAVES_inst.log
2014-07-05 15:00 - 2006-03-21 21:06 - 00000211 _____ () C:\Boot.bak
2014-07-05 15:00 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2014-07-05 14:59 - 2014-07-05 15:00 - 00000000 _RSHD () C:\cmdcons
2014-07-05 14:45 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-05 14:45 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-05 14:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-05 14:45 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-06-17 16:22 - 2014-06-17 16:22 - 00188696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-06-17 16:21 - 2014-06-17 16:21 - 00197400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
2014-06-17 16:18 - 2014-06-17 16:18 - 00241944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2014-06-17 16:17 - 2014-06-17 16:17 - 00190232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2014-06-17 16:17 - 2014-06-17 16:17 - 00147736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00121624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00098584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys

==================== One Month Modified Files and Folders =======

2014-07-12 13:22 - 2014-07-12 13:13 - 00012245 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.txt
2014-07-12 13:22 - 2006-03-21 21:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp
2014-07-12 13:21 - 2006-03-11 23:53 - 00000000 ____D () C:\FRST
2014-07-12 13:12 - 2014-07-12 13:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2014-07-12 13:12 - 2007-10-24 23:21 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Java
2014-07-12 13:12 - 2006-03-21 08:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-07-12 13:11 - 2014-07-12 13:12 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-07-12 13:11 - 2014-07-12 13:12 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-07-12 13:11 - 2014-07-12 13:12 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-07-12 13:11 - 2014-07-12 13:12 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-07-12 13:11 - 2014-07-12 13:12 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-07-12 13:11 - 2007-10-24 23:21 - 00000000 ____D () C:\Programme\Java
2014-07-12 13:10 - 2014-07-12 13:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java Web Start
2014-07-12 13:10 - 2006-03-21 08:33 - 01051698 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-12 13:01 - 2006-03-21 21:11 - 01771610 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-12 13:00 - 2006-03-21 08:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-12 13:00 - 2006-03-21 08:35 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-12 12:59 - 2014-07-12 12:32 - 00000238 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2014-07-12 12:59 - 2014-07-12 12:32 - 00000232 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2014-07-12 12:59 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2014-07-12 12:59 - 2006-03-21 21:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-12 12:58 - 2006-03-21 21:17 - 00032600 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-12 12:57 - 2006-03-21 21:18 - 00000300 ___SH () C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2014-07-12 12:57 - 2006-03-21 21:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator
2014-07-12 12:47 - 2014-07-09 17:25 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2014-07-12 12:33 - 2014-07-12 12:33 - 00000783 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
2014-07-12 12:33 - 2007-10-28 18:20 - 00094558 _____ () C:\WINDOWS\spupdsvc.log
2014-07-12 12:33 - 2006-03-21 21:17 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme
2014-07-12 12:33 - 2002-12-31 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-12 12:32 - 2006-03-21 21:18 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik
2014-07-12 12:32 - 2006-03-21 21:18 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder
2014-07-12 02:42 - 2010-02-14 20:15 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-07-12 02:42 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\Help
2014-07-12 02:42 - 2006-03-21 08:31 - 00114176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 02:39 - 2014-07-12 02:40 - 02185216 _____ () C:\WINDOWS\system32\bu_tosave.ndb
2014-07-12 01:58 - 2012-09-15 21:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-11 23:10 - 2013-10-19 01:55 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-07-11 23:03 - 2014-07-11 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-07-11 23:03 - 2014-07-11 18:58 - 00067659 _____ () C:\WINDOWS\KB2868626.log
2014-07-11 23:03 - 2007-10-24 18:43 - 00254224 _____ () C:\WINDOWS\updspapi.log
2014-07-11 23:03 - 2006-03-21 08:33 - 02051924 _____ () C:\WINDOWS\FaxSetup.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00983321 _____ () C:\WINDOWS\ocgen.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00940177 _____ () C:\WINDOWS\tsoc.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00630286 _____ () C:\WINDOWS\msmqinst.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00569899 _____ () C:\WINDOWS\comsetup.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00359854 _____ () C:\WINDOWS\netfxocm.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00343479 _____ () C:\WINDOWS\ntdtcsetup.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00233580 _____ () C:\WINDOWS\iis6.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00143492 _____ () C:\WINDOWS\MedCtrOC.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00104038 _____ () C:\WINDOWS\tabletoc.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00102685 _____ () C:\WINDOWS\msgsocm.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00093386 _____ () C:\WINDOWS\ocmsn.log
2014-07-11 23:03 - 2006-03-21 08:33 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-07-11 22:54 - 2014-07-11 22:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-07-11 22:54 - 2014-07-11 18:58 - 00066390 _____ () C:\WINDOWS\KB2922229.log
2014-07-11 22:54 - 2006-03-21 08:33 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-07-11 22:53 - 2014-07-11 22:52 - 00065054 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-07-11 22:53 - 2010-02-14 20:13 - 00102432 _____ () C:\WINDOWS\ie8_main.log
2014-07-11 22:52 - 2013-03-09 02:03 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-07-11 22:51 - 2014-07-11 22:50 - 00066461 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-07-11 22:49 - 2014-07-11 22:46 - 00071196 _____ () C:\WINDOWS\KB2862772-IE8.log
2014-07-11 22:45 - 2014-07-11 22:44 - 00064940 _____ () C:\WINDOWS\KB2598845-IE8.log
2014-07-11 22:45 - 2007-10-25 10:53 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-07-11 22:44 - 2014-07-11 22:43 - 00064292 _____ () C:\WINDOWS\KB2467659.log
2014-07-11 22:43 - 2014-07-11 22:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-07-11 22:42 - 2013-03-09 02:07 - 00113302 _____ () C:\WINDOWS\KB982381-IE8.log
2014-07-11 22:36 - 2014-07-11 22:30 - 00000000 __HDC () C:\WINDOWS\ie8
2014-07-11 22:36 - 2010-02-14 20:15 - 00140037 _____ () C:\WINDOWS\ie8.log
2014-07-11 22:34 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\Media
2014-07-11 22:12 - 2014-07-11 22:12 - 00039582 _____ () C:\WINDOWS\KB2387149.log
2014-07-11 22:12 - 2014-07-11 22:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-07-11 22:12 - 2014-07-11 18:57 - 00047841 _____ () C:\WINDOWS\KB2712808.log
2014-07-11 22:11 - 2014-07-11 22:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-07-11 22:07 - 2014-07-11 22:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-07-11 22:07 - 2014-07-11 18:57 - 00047103 _____ () C:\WINDOWS\KB2479943.log
2014-07-11 22:06 - 2014-07-11 22:06 - 00036496 _____ () C:\WINDOWS\KB2659262.log
2014-07-11 22:06 - 2014-07-11 22:06 - 00035791 _____ () C:\WINDOWS\KB2564958.log
2014-07-11 22:06 - 2014-07-11 22:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-07-11 22:06 - 2014-07-11 22:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-07-11 22:06 - 2014-07-11 22:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-07-11 22:06 - 2014-07-11 22:05 - 00033863 _____ () C:\WINDOWS\KB2934207.log
2014-07-11 22:06 - 2014-07-11 18:57 - 00042879 _____ () C:\WINDOWS\KB2916036.log
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-07-11 22:05 - 2014-07-11 22:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-07-11 22:05 - 2014-07-11 22:04 - 00032885 _____ () C:\WINDOWS\KB2834886.log
2014-07-11 22:05 - 2014-07-11 18:56 - 00044283 _____ () C:\WINDOWS\KB2478971.log
2014-07-11 22:05 - 2014-07-11 18:55 - 00043735 _____ () C:\WINDOWS\KB2544893-v2.log
2014-07-11 22:04 - 2014-07-11 22:04 - 00035445 _____ () C:\WINDOWS\KB2536276-v2.log
2014-07-11 22:04 - 2014-07-11 22:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-07-11 22:04 - 2014-07-11 22:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-07-11 22:04 - 2014-07-11 22:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-07-11 22:04 - 2014-07-11 18:56 - 00043837 _____ () C:\WINDOWS\KB2585542.log
2014-07-11 22:04 - 2014-07-11 18:56 - 00043494 _____ () C:\WINDOWS\KB2345886.log
2014-07-11 22:02 - 2014-07-11 22:02 - 00032237 _____ () C:\WINDOWS\KB2296011.log
2014-07-11 22:02 - 2014-07-11 22:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-07-11 22:02 - 2014-07-11 22:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-07-11 22:02 - 2014-07-11 18:57 - 00042797 _____ () C:\WINDOWS\KB2631813.log
2014-07-11 22:01 - 2014-07-11 22:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-07-11 22:01 - 2014-07-11 18:56 - 00043460 _____ () C:\WINDOWS\KB2691442.log
2014-07-11 21:53 - 2014-07-11 21:52 - 00031822 _____ () C:\WINDOWS\KB2900986.log
2014-07-11 21:52 - 2014-07-11 21:52 - 00037236 _____ () C:\WINDOWS\KB975558.log
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-07-11 21:52 - 2014-07-11 21:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-07-11 21:52 - 2014-07-11 21:51 - 00034426 _____ () C:\WINDOWS\KB2378111.log
2014-07-11 21:52 - 2014-07-11 18:57 - 00040575 _____ () C:\WINDOWS\KB2847311.log
2014-07-11 21:52 - 2014-07-11 18:55 - 00041976 _____ () C:\WINDOWS\KB2115168.log
2014-07-11 21:52 - 2006-03-21 21:09 - 00052100 _____ () C:\WINDOWS\wmsetup.log
2014-07-11 21:51 - 2014-07-11 21:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-07-11 21:51 - 2014-07-11 21:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-07-11 21:51 - 2014-07-11 21:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-07-11 21:51 - 2014-07-11 18:55 - 00042565 _____ () C:\WINDOWS\KB951978.log
2014-07-11 21:51 - 2014-07-11 18:54 - 00042054 _____ () C:\WINDOWS\KB2655992.log
2014-07-11 21:51 - 2014-07-11 18:54 - 00041456 _____ () C:\WINDOWS\KB2443105.log
2014-07-11 21:50 - 2014-07-11 21:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-07-11 21:42 - 2014-07-11 21:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-07-11 21:42 - 2014-07-11 18:54 - 00041782 _____ () C:\WINDOWS\KB2481109.log
2014-07-11 21:42 - 2014-07-11 18:54 - 00040767 _____ () C:\WINDOWS\KB2802968.log
2014-07-11 21:41 - 2014-07-11 21:41 - 00032681 _____ () C:\WINDOWS\KB2485663.log
2014-07-11 21:41 - 2014-07-11 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-07-11 21:41 - 2014-07-11 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-07-11 21:41 - 2014-07-11 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-07-11 21:41 - 2014-07-11 18:53 - 00040245 _____ () C:\WINDOWS\KB2598479.log
2014-07-11 21:41 - 2014-07-11 18:53 - 00038840 _____ () C:\WINDOWS\KB2898715.log
2014-07-11 21:41 - 2006-03-21 08:33 - 02004008 _____ () C:\WINDOWS\iis6.BAK
2014-07-11 21:40 - 2014-07-11 21:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-07-11 21:40 - 2014-07-11 21:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-07-11 21:40 - 2014-07-11 21:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-07-11 21:40 - 2014-07-11 21:39 - 00033029 _____ () C:\WINDOWS\KB2686509.log
2014-07-11 21:40 - 2014-07-11 18:53 - 00036911 _____ () C:\WINDOWS\KB2929961.log
2014-07-11 21:38 - 2014-07-11 21:38 - 00030598 _____ () C:\WINDOWS\KB2862335.log
2014-07-11 21:38 - 2014-07-11 21:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-07-11 21:38 - 2014-07-11 21:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-07-11 21:38 - 2014-07-11 18:53 - 00039463 _____ () C:\WINDOWS\KB982132.log
2014-07-11 21:38 - 2014-07-11 18:52 - 00037309 _____ () C:\WINDOWS\KB2909212.log
2014-07-11 21:38 - 2013-03-09 00:53 - 00094367 _____ () C:\WINDOWS\setupapi.log
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-07-11 21:37 - 2014-07-11 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-07-11 21:37 - 2014-07-11 18:52 - 00041038 _____ () C:\WINDOWS\KB2510581.log
2014-07-11 21:37 - 2014-07-11 18:52 - 00038903 _____ () C:\WINDOWS\KB2780091.log
2014-07-11 21:37 - 2014-07-11 18:52 - 00038745 _____ () C:\WINDOWS\KB2507938.log
2014-07-11 21:36 - 2014-07-11 21:36 - 00029577 _____ () C:\WINDOWS\KB2904266.log
2014-07-11 21:36 - 2014-07-11 21:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-07-11 21:36 - 2014-07-11 21:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-07-11 21:36 - 2014-07-11 21:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-07-11 21:36 - 2014-07-11 18:52 - 00036315 _____ () C:\WINDOWS\KB2876217.log
2014-07-11 21:36 - 2014-07-11 18:51 - 00038791 _____ () C:\WINDOWS\KB2483185.log
2014-07-11 21:36 - 2007-10-28 18:08 - 00140068 _____ () C:\WINDOWS\system32\TZLog.log
2014-07-11 21:35 - 2014-07-11 21:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-07-11 21:34 - 2014-07-11 21:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-07-11 21:34 - 2014-07-11 21:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-07-11 21:34 - 2014-07-11 18:51 - 00038216 _____ () C:\WINDOWS\KB979687.log
2014-07-11 21:34 - 2014-07-11 18:51 - 00035414 _____ () C:\WINDOWS\KB2930275.log
2014-07-11 21:33 - 2014-07-11 21:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-07-11 21:33 - 2014-07-11 21:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-07-11 21:33 - 2014-07-11 18:51 - 00036746 _____ () C:\WINDOWS\KB2719985.log
2014-07-11 21:33 - 2014-07-11 18:51 - 00034617 _____ () C:\WINDOWS\KB2864063.log
2014-07-11 21:32 - 2014-07-11 21:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-07-11 21:32 - 2014-07-11 21:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-07-11 21:32 - 2014-07-11 18:50 - 00035167 _____ () C:\WINDOWS\KB2936068.log
2014-07-11 21:32 - 2014-07-11 18:50 - 00030890 _____ () C:\WINDOWS\KB2862152.log
2014-07-11 21:31 - 2014-07-11 21:31 - 00026764 _____ () C:\WINDOWS\KB2592799.log
2014-07-11 21:31 - 2014-07-11 21:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-07-11 21:27 - 2014-07-11 21:27 - 00026687 _____ () C:\WINDOWS\KB2535512.log
2014-07-11 21:27 - 2014-07-11 21:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-07-11 21:27 - 2014-07-11 21:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-07-11 21:27 - 2014-07-11 21:26 - 00024685 _____ () C:\WINDOWS\KB2964358.log
2014-07-11 21:27 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-07-11 21:26 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-07-11 21:26 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-07-11 21:26 - 2014-07-11 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-07-11 21:26 - 2014-07-11 18:49 - 00030176 _____ () C:\WINDOWS\KB2859537.log
2014-07-11 21:26 - 2014-07-11 18:49 - 00029815 _____ () C:\WINDOWS\KB2850869.log
2014-07-11 21:26 - 2014-07-11 18:49 - 00029295 _____ () C:\WINDOWS\KB2876331.log
2014-07-11 21:25 - 2014-07-11 21:25 - 00025539 _____ () C:\WINDOWS\KB2807986.log
2014-07-11 21:25 - 2014-07-11 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-07-11 21:25 - 2014-07-11 21:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-07-11 21:25 - 2014-07-11 21:24 - 00024998 _____ () C:\WINDOWS\KB2570947.log
2014-07-11 21:16 - 2014-07-11 21:15 - 00023594 _____ () C:\WINDOWS\KB2868038.log
2014-07-11 21:15 - 2014-07-11 21:15 - 00024334 _____ () C:\WINDOWS\KB2603381.log
2014-07-11 21:15 - 2014-07-11 21:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-07-11 21:15 - 2014-07-11 21:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-07-11 21:15 - 2014-07-11 21:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-07-11 21:15 - 2014-07-11 18:48 - 00031102 _____ () C:\WINDOWS\KB2820917.log
2014-07-11 21:14 - 2014-07-11 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-07-11 21:14 - 2014-07-11 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-07-11 21:14 - 2014-07-11 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-07-11 21:14 - 2014-07-11 18:48 - 00030595 _____ () C:\WINDOWS\KB2757638.log
2014-07-11 21:14 - 2014-07-11 18:48 - 00028281 _____ () C:\WINDOWS\KB2893294.log
2014-07-11 21:13 - 2014-07-11 21:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-07-11 21:13 - 2014-07-11 21:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-07-11 21:13 - 2014-07-11 18:48 - 00031363 _____ () C:\WINDOWS\KB2419632.log
2014-07-11 21:13 - 2014-07-11 18:47 - 00024294 _____ () C:\WINDOWS\KB2508429.log
2014-07-11 21:12 - 2014-07-11 21:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-07-11 21:12 - 2014-07-11 18:47 - 00023546 _____ () C:\WINDOWS\KB2653956.log
2014-07-11 21:11 - 2014-07-11 21:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-07-11 21:11 - 2014-07-11 18:46 - 00023056 _____ () C:\WINDOWS\KB2749655.log
2014-07-11 21:11 - 2014-07-11 18:37 - 00022291 _____ () C:\WINDOWS\KB971029.log
2014-07-11 21:10 - 2014-07-11 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-07-11 21:10 - 2014-07-11 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-07-11 21:10 - 2014-07-11 21:09 - 00012262 _____ () C:\WINDOWS\KB2834903-v2.log
2014-07-11 21:10 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-07-11 21:10 - 2014-07-11 18:37 - 00021328 _____ () C:\WINDOWS\KB2506212.log
2014-07-11 21:09 - 2014-07-11 21:09 - 00016188 _____ () C:\WINDOWS\KB2698365.log
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-07-11 21:09 - 2014-07-11 21:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-07-11 21:09 - 2014-07-11 18:47 - 00020620 _____ () C:\WINDOWS\KB2705219-v2.log
2014-07-11 21:09 - 2014-07-11 18:47 - 00018246 _____ () C:\WINDOWS\KB2892075.log
2014-07-11 21:09 - 2014-07-11 18:37 - 00019163 _____ () C:\WINDOWS\KB2619339.log
2014-07-11 21:08 - 2014-07-11 21:08 - 00013585 _____ () C:\WINDOWS\KB981997.log
2014-07-11 21:08 - 2014-07-11 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-07-11 21:08 - 2014-07-11 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-07-11 21:08 - 2014-07-11 18:47 - 00018853 _____ () C:\WINDOWS\KB2727528.log
2014-07-11 21:08 - 2006-03-21 21:10 - 00000000 ____D () C:\Programme\Movie Maker
2014-07-11 21:07 - 2014-07-11 21:07 - 00014123 _____ () C:\WINDOWS\KB2723135-v2.log
2014-07-11 21:07 - 2014-07-11 21:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-07-11 21:07 - 2014-07-11 21:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-07-11 21:06 - 2014-07-11 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-07-11 21:06 - 2014-07-11 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-07-11 21:06 - 2014-07-11 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2447961_WM9L$
2014-07-11 21:06 - 2014-07-11 21:05 - 00012832 _____ () C:\WINDOWS\KB2447961.log
2014-07-11 21:06 - 2014-07-11 18:58 - 00023350 _____ () C:\WINDOWS\KB2509553.log
2014-07-11 21:06 - 2014-07-11 18:46 - 00020353 _____ () C:\WINDOWS\KB2813345.log
2014-07-11 21:05 - 2014-07-11 21:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-07-11 21:05 - 2014-07-11 18:38 - 00021048 _____ () C:\WINDOWS\KB2676562.log
2014-07-11 20:56 - 2013-10-19 01:59 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-07-11 20:47 - 2014-07-11 18:34 - 00016292 _____ () C:\WINDOWS\KB982665.log
2014-07-11 20:46 - 2014-07-11 20:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-07-11 20:37 - 2014-07-11 20:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-07-11 20:36 - 2014-07-11 20:35 - 00013229 _____ () C:\WINDOWS\KB2393802.log
2014-07-11 20:35 - 2014-07-11 20:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-07-11 20:35 - 2014-07-11 20:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-07-11 20:35 - 2014-07-11 20:34 - 00010695 _____ () C:\WINDOWS\KB2566454.log
2014-07-11 20:35 - 2014-07-11 18:33 - 00015349 _____ () C:\WINDOWS\KB2620712.log
2014-07-11 20:34 - 2014-07-11 20:34 - 00010457 _____ () C:\WINDOWS\KB2661637.log
2014-07-11 20:34 - 2014-07-11 20:34 - 00008615 _____ () C:\WINDOWS\KB2914368.log
2014-07-11 20:34 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-07-11 20:34 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-07-11 20:34 - 2014-07-11 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-07-11 20:34 - 2014-07-11 20:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-07-11 20:34 - 2014-07-11 18:30 - 00015067 _____ () C:\WINDOWS\KB2584146.log
2014-07-11 20:25 - 2014-07-11 20:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-07-11 20:25 - 2014-07-11 20:24 - 00010648 _____ () C:\WINDOWS\KB2423089.log
2014-07-11 20:25 - 2006-03-21 21:10 - 00000000 ____D () C:\Programme\Outlook Express
2014-07-11 18:30 - 2014-07-08 13:26 - 01075200 _____ (Farbar) C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe
2014-07-10 20:02 - 2014-07-10 19:53 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 18:57 - 2014-07-10 18:56 - 00431135 _____ () C:\WINDOWS\system32\vsconfig.xml
2014-07-10 18:54 - 2014-07-10 18:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Check Point
2014-07-10 18:54 - 2014-07-10 18:19 - 00000000 ____D () C:\Programme\CheckPoint
2014-07-10 18:49 - 2014-07-10 18:48 - 00000000 ____D () C:\1f7737ed2b58017333a50f557555cd73
2014-07-10 18:27 - 2014-07-10 18:27 - 00000000 ____D () C:\Programme\Check Point Software Technologies LTD
2014-07-10 18:27 - 2014-07-10 18:27 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Check Point Software Technologies LTD
2014-07-10 18:27 - 2006-03-21 08:33 - 00000000 ___RD () C:\Programme
2014-07-10 18:11 - 2006-03-21 21:17 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf
2014-07-10 01:01 - 2006-03-21 21:13 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2014-07-10 00:59 - 2012-09-15 21:48 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-10 00:59 - 2012-09-15 21:48 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-10 00:59 - 2006-03-21 21:18 - 00000718 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Outlook Express.lnk
2014-07-10 00:58 - 2006-03-21 21:18 - 00000772 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk
2014-07-10 00:58 - 2006-03-21 21:09 - 00000369 _____ () C:\WINDOWS\DtcInstall.log
2014-07-10 00:57 - 2014-07-10 00:57 - 00000255 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-07-10 00:57 - 2014-07-10 00:57 - 00000187 _____ () C:\WINDOWS\spupdsvc.log.1.log
2014-07-10 00:55 - 2012-09-15 21:37 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2014-07-10 00:53 - 2013-03-09 00:45 - 00568528 _____ () C:\WINDOWS\svcpack.log
2014-07-09 21:49 - 2013-03-09 02:17 - 00252767 _____ () C:\WINDOWS\KB980232.log
2014-07-09 21:48 - 2014-07-09 21:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980232$
2014-07-09 21:47 - 2013-03-09 00:29 - 00258324 _____ () C:\WINDOWS\KB980218.log
2014-07-09 21:46 - 2014-07-09 21:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980218$
2014-07-09 21:45 - 2013-03-09 02:18 - 00253973 _____ () C:\WINDOWS\KB979683.log
2014-07-09 21:43 - 2014-07-09 21:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979683$
2014-07-09 21:43 - 2013-03-09 00:16 - 00248323 _____ () C:\WINDOWS\KB979559.log
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979559$
2014-07-09 21:40 - 2013-03-09 00:07 - 00236711 _____ () C:\WINDOWS\KB979482.log
2014-07-09 21:39 - 2014-07-09 21:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-07-09 21:38 - 2013-03-08 23:59 - 00235745 _____ () C:\WINDOWS\KB979309.log
2014-07-09 21:37 - 2014-07-09 21:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-07-09 21:36 - 2013-03-09 00:06 - 00236880 _____ () C:\WINDOWS\KB978706.log
2014-07-09 21:35 - 2014-07-09 21:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-07-09 21:34 - 2013-03-09 00:03 - 00248345 _____ () C:\WINDOWS\KB978601.log
2014-07-09 21:33 - 2014-07-09 21:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978601$
2014-07-09 21:32 - 2013-03-09 00:08 - 00238837 _____ () C:\WINDOWS\KB978542.log
2014-07-09 21:31 - 2014-07-09 21:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-07-09 21:30 - 2013-03-09 00:25 - 00255139 _____ () C:\WINDOWS\KB978338.log
2014-07-09 21:29 - 2014-07-09 21:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-07-09 21:28 - 2013-03-09 00:26 - 00255439 _____ () C:\WINDOWS\KB978037.log
2014-07-09 21:26 - 2014-07-09 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978037$
2014-07-09 21:25 - 2013-03-09 00:33 - 00246934 _____ () C:\WINDOWS\KB977914.log
2014-07-09 21:23 - 2014-07-09 21:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-07-09 21:22 - 2013-03-09 00:25 - 00263130 _____ () C:\WINDOWS\KB975713.log
2014-07-09 21:21 - 2014-07-09 21:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-07-09 21:20 - 2013-03-09 00:05 - 00236465 _____ () C:\WINDOWS\KB975562.log
2014-07-09 21:19 - 2014-07-09 21:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975562$
2014-07-09 21:18 - 2013-03-09 02:12 - 00242968 _____ () C:\WINDOWS\KB975561.log
2014-07-09 21:17 - 2014-07-09 21:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975561$
2014-07-09 21:14 - 2014-07-09 21:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-07-09 21:13 - 2013-03-09 00:03 - 00226710 _____ () C:\WINDOWS\KB975467.log
2014-07-09 21:12 - 2014-07-09 21:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-07-09 21:11 - 2013-03-09 00:19 - 00249217 _____ () C:\WINDOWS\KB975025.log
2014-07-09 21:10 - 2014-07-09 21:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-07-09 21:09 - 2013-03-09 00:18 - 00248826 _____ () C:\WINDOWS\KB974571.log
2014-07-09 21:08 - 2014-07-09 21:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-07-09 21:07 - 2013-03-09 00:09 - 00242973 _____ () C:\WINDOWS\KB974392.log
2014-07-09 21:06 - 2014-07-09 21:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-07-09 21:05 - 2013-03-09 00:26 - 00259002 _____ () C:\WINDOWS\KB974318.log
2014-07-09 21:03 - 2014-07-09 21:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-07-09 21:03 - 2013-03-09 00:24 - 00253621 _____ () C:\WINDOWS\KB974112.log
2014-07-09 21:01 - 2014-07-09 21:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-07-09 21:00 - 2013-03-09 02:11 - 00242853 _____ () C:\WINDOWS\KB973869.log
2014-07-09 20:59 - 2014-07-09 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-07-09 20:58 - 2013-03-09 00:05 - 00236914 _____ () C:\WINDOWS\KB973815.log
2014-07-09 20:56 - 2014-07-09 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-07-09 20:56 - 2013-03-09 02:09 - 00448086 _____ () C:\WINDOWS\KB973687.log
2014-07-09 20:54 - 2014-07-09 20:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687$
2014-07-09 20:53 - 2013-03-09 00:17 - 00247910 _____ () C:\WINDOWS\KB973507.log
2014-07-09 20:52 - 2014-07-09 20:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-07-09 20:50 - 2014-07-09 20:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-07-09 20:49 - 2013-03-09 21:20 - 00219796 _____ () C:\WINDOWS\KB971737.log
2014-07-09 20:48 - 2014-07-09 20:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971737$
2014-07-09 20:47 - 2013-03-09 00:25 - 00255485 _____ () C:\WINDOWS\KB971657.log
2014-07-09 20:46 - 2014-07-09 20:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-07-09 20:45 - 2013-03-09 02:18 - 00250015 _____ () C:\WINDOWS\KB971468.log
2014-07-09 20:44 - 2014-07-09 20:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971468$
2014-07-09 20:41 - 2014-07-09 20:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-07-09 20:40 - 2013-03-09 00:07 - 00239410 _____ () C:\WINDOWS\KB970238.log
2014-07-09 20:39 - 2014-07-09 20:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970238$
2014-07-09 20:38 - 2013-03-09 00:26 - 00255986 _____ () C:\WINDOWS\KB969059.log
2014-07-09 20:37 - 2014-07-09 20:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-07-09 20:36 - 2013-03-09 00:02 - 00228849 _____ () C:\WINDOWS\KB968389.log
2014-07-09 20:34 - 2014-07-09 20:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-07-09 20:34 - 2013-03-09 00:11 - 00241365 _____ () C:\WINDOWS\KB967715.log
2014-07-09 20:32 - 2014-07-09 20:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB967715$
2014-07-09 20:31 - 2013-03-09 00:21 - 00248193 _____ () C:\WINDOWS\KB961501.log
2014-07-09 20:30 - 2014-07-09 20:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961501$
2014-07-09 20:28 - 2013-10-20 23:15 - 00212747 _____ () C:\WINDOWS\KB961118.log
2014-07-09 20:27 - 2014-07-09 20:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-07-09 20:26 - 2013-03-09 00:28 - 00255432 _____ () C:\WINDOWS\KB960859.log
2014-07-09 20:24 - 2014-07-09 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-07-09 20:23 - 2013-03-09 00:06 - 00235484 _____ () C:\WINDOWS\KB960803.log
2014-07-09 20:21 - 2014-07-09 20:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-07-09 20:21 - 2013-03-09 00:25 - 00251522 _____ () C:\WINDOWS\KB960225.log
2014-07-09 20:19 - 2014-07-09 20:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960225$
2014-07-09 20:18 - 2013-03-09 00:28 - 00256346 _____ () C:\WINDOWS\KB959426.log
2014-07-09 20:16 - 2014-07-09 20:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-07-09 20:15 - 2013-03-09 01:59 - 00221943 _____ () C:\WINDOWS\KB958644.log
2014-07-09 20:14 - 2014-07-09 20:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB958644$
2014-07-09 20:13 - 2013-03-09 02:13 - 00240367 _____ () C:\WINDOWS\KB956844.log
2014-07-09 20:12 - 2014-07-09 20:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-07-09 20:11 - 2013-03-09 02:19 - 00247856 _____ () C:\WINDOWS\KB956803.log
2014-07-09 20:09 - 2014-07-09 20:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956803$
2014-07-09 20:09 - 2013-03-09 00:04 - 00226042 _____ () C:\WINDOWS\KB956802.log
2014-07-09 20:07 - 2014-07-09 20:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956802$
2014-07-09 20:06 - 2013-03-09 02:13 - 00257195 _____ () C:\WINDOWS\KB956572.log
2014-07-09 20:04 - 2014-07-09 20:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-07-09 20:03 - 2013-03-09 02:16 - 00250790 _____ () C:\WINDOWS\KB955759.log
2014-07-09 20:01 - 2014-07-09 20:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-07-09 19:59 - 2013-03-09 01:58 - 00220257 _____ () C:\WINDOWS\KB955069.log
2014-07-09 19:57 - 2014-07-09 19:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687_1$
2014-07-09 19:54 - 2014-07-09 19:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955069$
2014-07-09 19:54 - 2013-03-09 00:28 - 00255188 _____ () C:\WINDOWS\KB952954.log
2014-07-09 19:52 - 2014-07-09 19:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-07-09 19:51 - 2013-03-09 02:07 - 00232844 _____ () C:\WINDOWS\KB952287.log
2014-07-09 19:50 - 2014-07-09 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-07-09 19:49 - 2013-03-09 00:18 - 00250604 _____ () C:\WINDOWS\KB952004.log
2014-07-09 19:48 - 2014-07-09 19:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-07-09 19:47 - 2013-03-09 00:08 - 00241716 _____ () C:\WINDOWS\KB951748.log
2014-07-09 19:45 - 2014-07-09 19:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951748$
2014-07-09 19:44 - 2013-03-09 02:20 - 00246899 _____ () C:\WINDOWS\KB951376-v2.log
2014-07-09 19:43 - 2014-07-09 19:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-07-09 19:42 - 2013-03-09 00:26 - 00252793 _____ () C:\WINDOWS\KB950974.log
2014-07-09 19:41 - 2014-07-09 19:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-07-09 19:40 - 2013-03-09 02:09 - 00237794 _____ () C:\WINDOWS\KB950762.log
2014-07-09 19:38 - 2014-07-09 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-07-09 19:37 - 2013-03-09 02:19 - 00245775 _____ () C:\WINDOWS\KB946648.log
2014-07-09 19:37 - 2006-03-21 21:09 - 00000000 ____D () C:\Programme\Messenger
2014-07-09 19:36 - 2014-07-09 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-07-09 19:35 - 2013-03-09 01:55 - 00220373 _____ () C:\WINDOWS\KB923561.log
2014-07-09 19:34 - 2014-07-09 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-07-09 19:33 - 2013-03-09 02:15 - 00245981 _____ () C:\WINDOWS\KB2229593.log
2014-07-09 19:31 - 2014-07-09 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-07-09 19:26 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\security
2014-07-09 19:23 - 2006-03-21 21:17 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2014-07-09 19:23 - 2006-03-21 21:13 - 00001563 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programmzugriff und -standards.lnk
2014-07-09 19:23 - 2006-03-21 21:10 - 00001334 _____ () C:\WINDOWS\sessmgr.setup.log
2014-07-09 19:23 - 2006-03-21 21:06 - 00000373 _____ () C:\WINDOWS\cmsetacl.log
2014-07-09 19:23 - 2006-03-21 08:32 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü
2014-07-09 19:22 - 2006-03-21 08:35 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör
2014-07-09 19:21 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-07-09 19:21 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\ime
2014-07-09 19:20 - 2014-07-09 19:20 - 00000000 ____D () C:\WINDOWS\system32\de
2014-07-09 19:20 - 2014-07-09 19:20 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-07-09 19:20 - 2007-10-24 18:43 - 00000000 ____D () C:\WINDOWS\l2schemas
2014-07-09 19:20 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\system32\usmt
2014-07-09 19:20 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\PeerNet
2014-07-09 19:10 - 2013-03-09 02:04 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2014-07-09 19:09 - 2006-03-21 21:10 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-07-09 19:09 - 2006-03-21 21:10 - 00000000 ____D () C:\WINDOWS\srchasst
2014-07-09 19:09 - 2006-03-21 21:10 - 00000000 ____D () C:\Programme\NetMeeting
2014-07-09 19:09 - 2006-03-21 21:10 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\System
2014-07-09 19:09 - 2006-03-21 21:08 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-07-09 19:09 - 2006-03-21 21:08 - 00000000 ____D () C:\Programme\Windows NT
2014-07-09 19:09 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\system32\npp
2014-07-09 19:09 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\msagent
2014-07-09 19:01 - 2002-12-31 14:00 - 00251712 __RSH () C:\ntldr
2014-07-09 18:58 - 2006-03-22 12:15 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-07-09 18:57 - 2014-07-09 18:43 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-07-09 17:48 - 2014-07-09 17:48 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\AVG2014
2014-07-09 17:47 - 2014-07-09 17:25 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Avg2014
2014-07-09 17:46 - 2014-07-09 17:38 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2014
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software
2014-07-09 17:38 - 2014-07-09 17:38 - 00000000 ___HD () C:\$AVG
2014-07-09 17:37 - 2010-02-14 19:33 - 00000000 ____D () C:\Programme\AVG
2014-07-09 17:36 - 2014-07-09 17:36 - 00000000 ____D () C:\Programme\Mozilla Firefox
2014-07-09 17:28 - 2014-07-09 17:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
2014-07-09 17:25 - 2014-07-09 17:25 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\MFAData
2014-07-09 17:22 - 2014-07-09 17:22 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981350$
2014-07-08 14:46 - 2014-07-08 14:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971961$
2014-07-08 14:46 - 2014-07-08 14:45 - 00006604 _____ () C:\WINDOWS\KB971961.log
2014-07-08 14:46 - 2013-03-09 02:17 - 00047956 _____ () C:\WINDOWS\KB980195.log
2014-07-08 14:45 - 2014-07-08 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB944338-v2$
2014-07-08 14:45 - 2014-07-08 14:17 - 00011478 _____ () C:\WINDOWS\KB944338-v2.log
2014-07-08 14:31 - 2014-07-08 14:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-08 14:29 - 2014-07-08 14:29 - 00000000 ____D () C:\AdwCleaner
2014-07-08 14:17 - 2014-07-08 13:28 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-08 13:56 - 2014-07-08 13:55 - 00033984 _____ () C:\WINDOWS\ie8Uninst.log
2014-07-08 13:47 - 2014-07-08 13:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IECompatCache
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-08 13:28 - 2014-07-08 13:28 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-06 14:36 - 2006-03-21 21:17 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
2014-07-06 14:14 - 2014-07-06 14:14 - 00006289 _____ () C:\ComboFix.txt
2014-07-06 14:14 - 2014-07-06 14:14 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2014-07-06 14:14 - 2006-03-12 21:57 - 00000000 ____D () C:\Qoobox
2014-07-06 14:11 - 2006-03-12 21:56 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-06 14:11 - 2002-12-31 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-07-05 16:00 - 2007-05-30 04:38 - 00000000 ____D () C:\Programme\upc-cablecom security package
2014-07-05 15:58 - 2014-07-05 15:58 - 06403664 _____ () C:\WINDOWS\fsmsiuninstall.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00001262 _____ () C:\WINDOWS\fsdgunst.log
2014-07-05 15:58 - 2014-07-05 15:58 - 00000768 _____ () C:\WINDOWS\daasunin.LOG
2014-07-05 15:58 - 2014-07-05 15:56 - 00619239 _____ () C:\WINDOWS\FSUNINST.log
2014-07-05 15:58 - 2014-07-05 15:56 - 00102495 _____ () C:\WINDOWS\uninstaller.log
2014-07-05 15:58 - 2007-05-30 04:38 - 83828102 _____ () C:\WINDOWS\FSISU.log
2014-07-05 15:58 - 2007-05-30 04:38 - 01424501 _____ () C:\WINDOWS\FSDEPH.log
2014-07-05 15:58 - 2007-05-30 04:38 - 00007834 _____ () C:\WINDOWS\FSGKIAIN.log
2014-07-05 15:58 - 2007-05-30 04:38 - 00003445 _____ () C:\WINDOWS\FSLDIN.LOG
2014-07-05 15:58 - 2007-05-30 04:38 - 00000595 _____ () C:\WINDOWS\HELPINST.LOG
2014-07-05 15:57 - 2014-07-05 15:57 - 00017796 _____ () C:\WINDOWS\FSAUA_UN.LOG
2014-07-05 15:57 - 2007-05-30 04:38 - 00027265 _____ () C:\WINDOWS\fsavunin.log
2014-07-05 15:57 - 2007-05-30 04:38 - 00000860 _____ () C:\WINDOWS\FSGUIINS.LOG
2014-07-05 15:57 - 2007-05-30 04:38 - 00000665 _____ () C:\WINDOWS\fstnbins.LOG
2014-07-05 15:57 - 2007-05-30 04:07 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\f-secure
2014-07-05 15:56 - 2014-07-05 15:56 - 00001651 _____ () C:\WINDOWS\FSPSUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001630 _____ () C:\WINDOWS\FSASWUNI.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00001259 _____ () C:\WINDOWS\FSGEMINST.LOG
2014-07-05 15:56 - 2014-07-05 15:56 - 00000110 _____ () C:\WINDOWS\FSAVES_inst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00027509 _____ () C:\WINDOWS\fwesinst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00025211 _____ () C:\WINDOWS\FSSSINST.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00020116 _____ () C:\WINDOWS\fwinst.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00010200 _____ () C:\WINDOWS\FSSCINST.log
2014-07-05 15:56 - 2007-05-30 04:38 - 00000798 _____ () C:\WINDOWS\fsgadget.log
2014-07-05 15:55 - 2007-10-24 20:51 - 00000000 ____D () C:\Programme\cablecom
2014-07-05 15:30 - 2006-03-21 09:27 - 00000000 ____D () C:\WINDOWS\system
2014-07-05 15:00 - 2014-07-05 14:59 - 00000000 _RSHD () C:\cmdcons
2014-07-05 15:00 - 2006-03-21 09:31 - 00000327 __RSH () C:\boot.ini
2014-06-26 17:38 - 2014-07-10 19:53 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-17 16:22 - 2014-06-17 16:22 - 00188696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-06-17 16:21 - 2014-06-17 16:21 - 00197400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
2014-06-17 16:18 - 2014-06-17 16:18 - 00241944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2014-06-17 16:17 - 2014-06-17 16:17 - 00190232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2014-06-17 16:17 - 2014-06-17 16:17 - 00147736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00121624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00098584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\jre-7u60-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

schrauber · 13.07.2014, 12:54

Microsoft SUpport anrufen wegen der Validierung.

Telepolis · 16.07.2014, 12:31

Ok, das werd' ich diese Woche noch erledigen.

Sonst sieht es ja soweit wieder gut aus. Der Interpol-Trojaner erscheint nicht mehr und die jew. Updates wurden allesamt durchgeführt.

Gibt's von eurer Seite noch was? Ansonsten bleibt mir nur noch ein ganz herzliches Dankeschön auszusprechen und auf den "Spenden"-Button zu klicken. Ganz tolle Arbeit, ich danke euch!

Beste Grüsse
T.

schrauber · 16.07.2014, 20:25

Ich würd mir allgemein mal Gedanken um das Betriebssystem machen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

10.07.2014, 13:49	#25
schrauber /// the machine /// TB-Ausbilder	Interpol-Trojaner (ukash) auf Windows XP-Rechner (32Bit) Mach jetzt alle Updates inkl SP3, dann ein frisches FRST log bitte. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

13.07.2014, 12:54	#27
schrauber /// the machine /// TB-Ausbilder	Interpol-Trojaner (ukash) auf Windows XP-Rechner (32Bit) Microsoft SUpport anrufen wegen der Validierung. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Interpol-Trojaner (ukash) auf Windows XP-Rechner (32Bit)

Plagegeister aller Art und deren Bekämpfung: Interpol-Trojaner (ukash) auf Windows XP-Rechner (32Bit)