Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
MyFreeze Malware Fund

MyFreeze Malware Fund


Plagegeister aller Art und deren Bekämpfung: MyFreeze Malware Fund

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.12.2014, 18:46   #1
Lelouch92
 
MyFreeze Malware Fund - Standard

MyFreeze Malware Fund


Hallo,

seit gestern hatte ich 3 mal einen Bluescreen. Mal beim Musik hören oder z.B. wenn ich meinen Fernseher, den ich zusätzlich am PC als 2. Bildschirm angeschlossen habe, ausgeschaltet habe kam wieder ein Bluescreen. ?!

Habe jetzt einen vollständigen Suchlauf mit Malwarebytes durchführen lassen und eine Sache gefunden. Den habe ich in die Quarantäne gesteckt.
Was soll ich tun ? Hat dieses die PC abstürze verursacht ?

Vielen Dank im Voraus!

Zitat:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 15.12.2014
Suchlauf-Zeit: 16:28:18
Logdatei: malware byte fund.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.15.03
Rootkit Datenbank: v2014.12.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: abc

Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 506439
Verstrichene Zeit: 1 Std, 53 Min, 23 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.MyFreeze.A, HKLM\SOFTWARE\Freeze.com, , [32ebec77700c181e77f96be66d960000],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Alt 15.12.2014, 19:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 
MyFreeze Malware Fund - Standard

MyFreeze Malware Fund


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 16.12.2014, 10:49   #3
Lelouch92
 
MyFreeze Malware Fund - Standard

MyFreeze Malware Fund


Ich scanne gerade mit Farbar Recovery Scan Tool. Aber seit 10 Minuten blinkt oben die Meldung: "Getting Application errors 116808".

Edit: Immer noch "Getting Application errors: 116808" und das programm lässt sich nicht schließen.

Nach ca. 35 Sekunden kommt "Getting Application errors: 116808", dann kann ich nur noch mit den Task Manager das Programm beenden. Dennoch enstehen die 2 txt. Dateien.

Edit 2: Ich hatte gerade eben wieder einen Bluescreen. Der Computer war nur 30 Minuten an. Gestern lief der PC 8 Stunden durch. Ich habe ein Bild von dem Bluescreen gemacht.


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by Bernd (administrator) on BERND-PC on 15-12-2014 20:46:09
Running from C:\Users\Bernd\Desktop
Loaded Profiles: Bernd &  (Available profiles: Bernd)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(brother Industries Ltd) C:\Windows\System32\brsvc01a.exe
(brother Industries Ltd) C:\Windows\System32\brss01a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-669263776-2498090069-45669366-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-669263776-2498090069-45669366-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-669263776-2498090069-45669366-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-669263776-2498090069-45669366-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-669263776-2498090069-45669366-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-669263776-2498090069-45669366-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: ChatZilla - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2014-10-04]
FF Extension: DownloadHelper - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: MEGA - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default\Extensions\firefox@mega.co.nz.xpi [2014-02-08]
FF Extension: ProxTube - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: NoScript - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-05]
FF Extension: Adblock Plus - C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\bf4nhhaw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-08-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-04] (Avira Operations GmbH & Co. KG)
R2 Brother XP spl Service; C:\Windows\system32\brsvc01a.exe [57344 2002-04-11] (brother Industries Ltd)
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394hub; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [170000 2007-12-19] (AMD Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [65024 2007-09-29] (JMicron Technology Corp.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [114904 2014-12-15] (Malwarebytes Corporation)
S3 pnx; C:\Windows\System32\Drivers\pnx.sys [21536 2007-09-06] (TigerGame.,Ltd)
S3 scskusbf; C:\Windows\System32\drivers\scskusbf.sys [18184 2012-02-12] (SoftCamp)
S3 scskusbs; C:\Windows\System32\drivers\scskusbs.sys [175872 2012-02-12] (SoftCamp)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-02] (Avira GmbH)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 XDva387; \??\C:\Windows\system32\XDva387.sys [X]
S3 XDva388; \??\C:\Windows\system32\XDva388.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 20:46 - 2014-12-15 20:46 - 00010857 _____ () C:\Users\Bernd\Desktop\FRST.txt
2014-12-15 19:18 - 2014-12-15 20:46 - 00000000 ____D () C:\FRST
2014-12-15 19:16 - 2014-12-15 19:16 - 01111040 _____ (Farbar) C:\Users\Bernd\Desktop\FRST.exe
2014-12-15 18:23 - 2014-12-15 18:32 - 00001286 _____ () C:\Users\Bernd\Desktop\malware byte fund.txt
2014-12-15 18:23 - 2014-12-15 18:23 - 00002810 _____ () C:\Users\Bernd\Desktop\fgdfgfg.Xml
2014-12-15 11:04 - 2014-12-15 11:05 - 00509264 _____ (Microsoft Corporation) C:\Users\Bernd\Downloads\winsdk_web.exe
2014-12-15 10:11 - 2014-12-15 10:11 - 00143536 _____ () C:\Windows\Minidump\Mini121514-02.dmp
2014-12-15 09:41 - 2014-12-15 09:41 - 00143536 _____ () C:\Windows\Minidump\Mini121514-01.dmp
2014-12-13 21:29 - 2014-12-13 21:29 - 00143536 _____ () C:\Windows\Minidump\Mini121314-01.dmp
2014-12-13 21:28 - 2014-12-15 10:10 - 188801283 _____ () C:\Windows\MEMORY.DMP
2014-12-13 17:22 - 2014-11-07 02:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-13 17:22 - 2014-11-04 01:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-13 17:19 - 2014-12-03 03:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-13 17:19 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-13 17:19 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-13 17:19 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-13 17:19 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-13 17:19 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-13 17:19 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-13 17:19 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-13 17:19 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-13 17:19 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-13 17:19 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-13 17:19 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-13 17:19 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-13 17:19 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-13 17:19 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-13 17:19 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-13 17:19 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-13 17:19 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-13 17:19 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-13 17:18 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-13 17:18 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-13 17:18 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-13 17:18 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 19:38 - 2014-12-11 19:38 - 00000000 ____D () C:\Users\Bernd\Desktop\Kiefer
2014-12-11 11:22 - 2014-12-11 11:23 - 02676297 _____ () C:\Users\Bernd\Downloads\Naruto Shippuden OST 3 - Childhood Memories.wma
2014-12-09 14:16 - 2014-12-09 14:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-04 14:13 - 2014-12-04 14:37 - 81202915 _____ () C:\Users\Bernd\Desktop\smile-1.mp4
2014-12-04 13:39 - 2014-12-04 14:12 - 103341913 _____ () C:\Users\Bernd\Desktop\smile.mp4
2014-12-03 18:07 - 2014-12-03 18:07 - 00000000 ____D () C:\Users\Bernd\Downloads\Magic Kaito
2014-11-30 00:44 - 2014-11-30 00:44 - 00000000 ____D () C:\Users\Bernd\Downloads\Mago
2014-11-28 12:39 - 2014-11-28 12:51 - 104094437 _____ () C:\Users\Bernd\Desktop\FIFA_15_Next_Gen_Let_s_Play_Ultimate_Team_44_F_ck_you_lucky_man-1.mp4
2014-11-20 10:31 - 2014-10-24 02:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-16 11:13 - 2014-10-10 02:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-16 11:13 - 2014-10-10 02:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-16 11:13 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-16 11:13 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-16 11:13 - 2014-08-27 01:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-16 11:13 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-16 11:12 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-16 11:12 - 2014-08-12 03:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-16 11:11 - 2014-10-18 02:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-16 11:11 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-16 11:11 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-16 11:11 - 2014-10-03 02:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-16 11:11 - 2014-10-03 02:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-16 11:08 - 2014-10-13 00:34 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 20:43 - 2010-08-29 13:18 - 00000000 ____D () C:\Users\Bernd\Desktop\pa Programme
2014-12-15 20:39 - 2010-08-29 13:23 - 00172032 _____ () C:\Users\Bernd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-15 19:57 - 2013-08-24 16:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 19:55 - 2006-11-02 13:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 19:55 - 2006-11-02 13:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 18:55 - 2013-09-02 17:30 - 01888540 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 16:28 - 2014-08-18 12:20 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-15 16:04 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\MSBuild
2014-12-15 16:01 - 2006-11-02 11:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 15:55 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 11:16 - 2006-11-02 14:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-15 11:15 - 2010-08-30 14:34 - 00000000 ____D () C:\Users\Bernd\Documents\Papa Schriftstücke
2014-12-15 11:09 - 2011-12-22 20:58 - 00000000 ____D () C:\Program Files\SpeedFan
2014-12-15 10:11 - 2011-12-21 14:32 - 00000000 ____D () C:\Windows\Minidump
2014-12-14 19:56 - 2013-12-03 14:43 - 00000000 ____D () C:\Users\Bernd\Downloads\RPG
2014-12-14 10:30 - 2014-08-17 18:22 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\vlc
2014-12-13 21:44 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:30 - 2010-08-29 09:36 - 00000000 ____D () C:\Users\Bernd
2014-12-13 21:28 - 2014-08-18 12:20 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-12-13 21:28 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-13 21:22 - 2010-09-06 10:02 - 00000000 ____D () C:\Program Files\JDownloader
2014-12-13 19:49 - 2013-06-10 22:20 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\Media Player Classic
2014-12-13 18:32 - 2013-02-17 13:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-13 18:11 - 2014-08-18 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-13 17:22 - 2013-07-14 09:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 17:20 - 2006-11-02 11:24 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-12-11 11:53 - 2013-10-17 20:30 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\BitTorrent
2014-12-11 10:01 - 2014-10-16 09:14 - 00000000 ____D () C:\Users\Bernd\AppData\Local\Adobe
2014-12-11 10:01 - 2013-08-24 16:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 10:01 - 2013-08-24 16:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 09:13 - 2012-04-24 23:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-09 20:38 - 2014-02-25 13:24 - 00000000 ____D () C:\Users\Bernd\Downloads\Anime
2014-12-03 17:44 - 2014-10-30 19:04 - 00000000 ____D () C:\Users\Bernd\Desktop\Joe Hisaishi 2014 New Japan Philharmonie
2014-11-21 21:40 - 2013-12-26 19:51 - 00000000 ____D () C:\Users\Bernd\AppData\Roaming\mIRC
2014-11-21 06:14 - 2014-08-18 12:20 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-08-18 12:20 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2010-08-29 12:35 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 10:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-16 16:46 - 2006-11-02 13:47 - 00268848 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Bernd\AppData\Local\Temp\avgnt.exe
C:\Users\Bernd\AppData\Local\Temp\sfamcc00001.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01
Ran by Bernd at 2014-12-15 20:46:38
Running from C:\Users\Bernd\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Age of Empires III (HKLM\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.1.0 - )
Brother MFL-Pro Suite DCP-195C (HKLM\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Command & Conquer 3 (HKLM\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.0.4.2 - DivX, Inc. )
EE-ZDE (HKLM\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
ElsterFormular (HKLM\...\ElsterFormular 11.5.0.4546) (Version: 11.5.0.4546 - Landesfinanzdirektion Thüringen)
Empire Earth (HKLM\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
EuroGrand Casino (HKLM\...\EuroGrand Casino) (Version:  - )
Finale NotePad 2008 (HKLM\...\Finale NotePad 2008) (Version: 13.0.0.0 - MakeMusic)
Finale Reader 2010 (HKLM\...\Finale Reader 2010) (Version: 15.0.r1.0 - MakeMusic)
FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)
foobar2000 v1.1.9 (HKLM\...\foobar2000) (Version: 1.1.9 - Peter Pawlowski)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.3.1.218 - Foxit Corporation)
Free YouTube Download version 3.2.2.430 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.2.430 - DVDVideoSoft Ltd.)
GameRanger (HKU\S-1-5-21-669263776-2498090069-45669366-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GameRanger (HKU\S-1-5-21-669263776-2498090069-45669366-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GameRanger) (Version:  - GameRanger Technologies)
Image Resizer for Windows (HKLM\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Image Resizer for Windows (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader (HKLM\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
K-Lite Codec Pack 9.9.5 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaInfo 0.7.47 (HKLM\...\MediaInfo) (Version: 0.7.47 - MediaArea.net)
Medieval CUE Splitter (HKLM\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MKVToolNix 6.6.0 (HKLM\...\MKVToolNix) (Version: 6.6.0 - Moritz Bunkus)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.2 MuseScore score typesetter (HKLM\...\MuseScore) (Version: 1.2.0 - Werner Schweer and Others)
NeoEE Patch (HKU\S-1-5-21-669263776-2498090069-45669366-1000\...\NeoEE Patch) (Version: 2.0.0.2 - NeoEE)
NeoEE Patch (HKU\S-1-5-21-669263776-2498090069-45669366-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\NeoEE Patch) (Version: 2.0.0.2 - NeoEE)
NeoEE Patch (Version: 1.1 - NeoEE) Hidden
NeoEE Patch (Version: 2.0.0.2 - NeoEE Devlopment) Hidden
NeoEE_Open Test (Version: 0.1.11 Warrington - NeoEE) Hidden
Notation Player 2.6 (HKLM\...\{61150C85-DC0A-4976-922F-5575F388ADA6}) (Version: 2.6 - Notation Software, Inc.) <==== ATTENTION
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
RC Patch 2.1 (HKLM\...\{53DDCE17-8B82-4DAB-A551-A4A19159BCA7}) (Version: 2.10.0000 - Royal Champions)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Shattered Galaxy (HKLM\...\Shattered Galaxy) (Version: 1.84 - KRU Interactive)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
sv.net (HKLM\...\sv.net) (Version: 14.0 - ITSG GmbH)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TigerGame XBOX+PS2+GC Game Controller Adapter 2.0.1.0 (HKLM\...\TigerGame XBOX+PS2+GC Game Controller Adapter_is1) (Version:  - )
TuxGuitar (HKLM\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
World of Qin 2 Version 2100 (HKLM\...\{FC26F601-7CE4-4B59-B0A8-5E4359173097}_is1) (Version: 2100 - WoQ2Server.de)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2010-11-13 12:46 - 00425428 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0900546E-B3BF-4858-909C-AE15EA6DC66C} - System32\Tasks\{6E91D76F-A337-46B8-BB5B-63F53EC7036D} => pcalua.exe -a "C:\Program Files\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {DEA7A490-9FA1-4CBD-B230-5B6F1CE44C45} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {E94200B3-3034-4ADE-9721-7D372D94A3E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: W32Time => 2
MSCONFIG\Services: WerSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: Installation Diagnostics => "C:\Program Files\Brother\Brmfl04a\Brinstck.exe" /I DCP-110C USB
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PPort11reminder => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

========================= Accounts: ==========================

Administrator (S-1-5-21-669263776-2498090069-45669366-500 - Administrator - Disabled)
Bernd (S-1-5-21-669263776-2498090069-45669366-1000 - Administrator - Enabled) => C:\Users\Bernd
Gast (S-1-5-21-669263776-2498090069-45669366-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/15/2014 03:56:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2014 10:11:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
__________________
Miniaturansicht angehängter Grafiken
MyFreeze Malware Fund-pict0026-large-.jpg  
Geändert von Lelouch92 (16.12.2014 um 11:42 Uhr)

Alt 16.12.2014, 21:31   #4
schrauber
/// the machine
/// TB-Ausbilder
 
MyFreeze Malware Fund - Standard

MyFreeze Malware Fund


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Notation Player 2.6



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.12.2014, 21:51   #5
Lelouch92
 
MyFreeze Malware Fund - Standard

MyFreeze Malware Fund


Soll der infizierte Registrierungsschlüssel in der Quarantäne bleiben ?

Hier sind die Grunddaten der 4 Abstürze.

Code:
ATTFilter
Mini121314-01.dmp	13.12.2014 21:22:20	SYSTEM_THREAD_EXCEPTION_NOT_HANDLED	0x1000007e	0xc0000005	0x9f6c080b	0x807b0bb8	0x807b08b4	pnx.sys	pnx.sys+180b					32-Bit	pnx.sys+180b	ntoskrnl.exe+461c3	hidusb.sys+163d	hidusb.sys+1792		C:\Windows\Minidump\Mini121314-01.dmp	4	15	6002	143.536	13.12.2014 21:29:17	
Mini121514-01.dmp	15.12.2014 09:37:38	SYSTEM_THREAD_EXCEPTION_NOT_HANDLED	0x1000007e	0xc0000005	0x8fd6480b	0x807c4bb8	0x807c48b4	pnx.sys	pnx.sys+180b					32-Bit	pnx.sys+180b	ntoskrnl.exe+461c3	hidusb.sys+163d	hidusb.sys+1792		C:\Windows\Minidump\Mini121514-01.dmp	4	15	6002	143.536	15.12.2014 09:41:37	
Mini121514-02.dmp	15.12.2014 09:42:49	SYSTEM_THREAD_EXCEPTION_NOT_HANDLED	0x1000007e	0xc0000005	0x905c280b	0x807b8bb8	0x807b88b4	pnx.sys	pnx.sys+180b					32-Bit	pnx.sys+180b	ntoskrnl.exe+461c3	hidusb.sys+163d	hidusb.sys+1792		C:\Windows\Minidump\Mini121514-02.dmp	4	15	6002	143.536	15.12.2014 10:11:08	
Mini121614-01.dmp	16.12.2014 10:00:42	SYSTEM_THREAD_EXCEPTION_NOT_HANDLED	0x1000007e	0xc0000005	0x9055980b	0x807b0bb8	0x807b08b4	pnx.sys	pnx.sys+180b					32-Bit	pnx.sys+180b	ntoskrnl.exe+461c3	hidusb.sys+163d	hidusb.sys+1792		C:\Windows\Minidump\Mini121614-01.dmp	4	15	6002	143.536	16.12.2014 10:31:24
Von dem letzten Absturz hier der längere Teil. Die ersten 3 Zeilen sind rot markiert.

Code:
ATTFilter
hidusb.sys	hidusb.sys+1624	0x90519000	0x90522000	0x00009000	0x49e01fc8	11.04.2009 05:42:48	Microsoft® Windows® Operating System	USB Miniport Driver for Input Devices	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\hidusb.sys	
ntoskrnl.exe	ntoskrnl.exe+1ff433	0x8241d000	0x827c8000	0x003ab000	0x51da1834	08.07.2013 02:39:00	Microsoft® Windows® Operating System	NT Kernel & System	6.0.6002.18881 (vistasp2_gdr.130707-1535)	Microsoft Corporation	C:\Windows\system32\ntoskrnl.exe	
pnx.sys	pnx.sys+180b	0x90558000	0x90562000	0x0000a000	0x46dee515	05.09.2007 18:19:17						
hal.dll		0x827c8000	0x827fb000	0x00033000	0x49e018d9	11.04.2009 05:13:13	Microsoft® Windows® Operating System	Hardware Abstraction Layer DLL	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\hal.dll	
kdcom.dll		0x8300f000	0x83016000	0x00007000	0x49e037d9	11.04.2009 07:25:29	Microsoft® Windows® Operating System	Kernel Debugger HW Extension DLL	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\kdcom.dll	
mcupdate_GenuineIntel.dll		0x83016000	0x83086000	0x00070000	0x49e03757	11.04.2009 07:23:19	Microsoft® Windows® Operating System	Intel Microcode Update Library	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\mcupdate_GenuineIntel.dll	
PSHED.dll		0x83086000	0x83097000	0x00011000	0x49e037dc	11.04.2009 07:25:32	Betriebssystem Microsoft® Windows®	Plattformspezifischer Hardwarefehlertreiber	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\PSHED.dll	
BOOTVID.dll		0x83097000	0x8309f000	0x00008000	0x4791a653	19.01.2008 08:27:15	Microsoft® Windows® Operating System	VGA Boot Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\BOOTVID.dll	
CLFS.SYS		0x8309f000	0x830e0000	0x00041000	0x49e018ff	11.04.2009 05:13:51	Microsoft® Windows® Operating System	Common Log File System Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\CLFS.SYS	
CI.dll		0x830e0000	0x831c0000	0x000e0000	0x49e037d2	11.04.2009 07:25:22	Betriebssystem Microsoft® Windows®	Codeintegritätsmodul	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\CI.dll	
Wdf01000.sys		0x831c0000	0x83241000	0x00081000	0x51c50c11	22.06.2013 03:29:37	Betriebssystem Microsoft® Windows®	Kernelmodustreiber-Frameworklaufzeit	1.11.9200.16384 (win8_rtm.120725-1247)	Microsoft Corporation	C:\Windows\system32\drivers\Wdf01000.sys	
WDFLDR.SYS		0x83241000	0x8324f000	0x0000e000	0x5010ad36	26.07.2012 03:36:38	Microsoft® Windows® Operating System	Kernel Mode Driver Framework Loader	1.11.9200.16384 (win8_rtm.120725-1247)	Microsoft Corporation	C:\Windows\system32\drivers\WDFLDR.SYS	
acpi.sys		0x8324f000	0x83295000	0x00046000	0x49e01a37	11.04.2009 05:19:03	Betriebssystem Microsoft® Windows®	ACPI-Treiber für NT	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\acpi.sys	
WMILIB.SYS		0x83295000	0x8329e000	0x00009000	0x47919044	19.01.2008 06:53:08	Microsoft® Windows® Operating System	WMILIB WMI support library Dll	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\WMILIB.SYS	
msisadrv.sys		0x8329e000	0x832a6000	0x00008000	0x47918b83	19.01.2008 06:32:51	Microsoft® Windows® Operating System	ISA Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\msisadrv.sys	
pci.sys		0x832a6000	0x832cd000	0x00027000	0x49e01a44	11.04.2009 05:19:16	Betriebssystem Microsoft® Windows®	NT-Plug & Play PCI-Enumerator	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\pci.sys	
partmgr.sys		0x832cd000	0x832dd000	0x00010000	0x4f68bbfc	20.03.2012 18:18:52	Microsoft® Windows® Operating System	Partition Management Driver	6.0.6002.18600 (vistasp2_gdr.120320-0702)	Microsoft Corporation	C:\Windows\system32\drivers\partmgr.sys	
volmgr.sys		0x832dd000	0x832ec000	0x0000f000	0x47918f7f	19.01.2008 06:49:51	Microsoft® Windows® Operating System	Volume Manager Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\volmgr.sys	
volmgrx.sys		0x832ec000	0x83336000	0x0004a000	0x49e01efd	11.04.2009 05:39:25	Microsoft® Windows® Operating System	Volume Manager Extension Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\volmgrx.sys	
pciide.sys		0x83336000	0x8333d000	0x00007000	0x49e01eee	11.04.2009 05:39:10	Microsoft® Windows® Operating System	Generic PCI IDE Bus Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\pciide.sys	
PCIIDEX.SYS		0x8333d000	0x8334b000	0x0000e000	0x49e01eed	11.04.2009 05:39:09	Microsoft® Windows® Operating System	PCI IDE Bus Driver Extension	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\PCIIDEX.SYS	
mountmgr.sys		0x8334b000	0x8335b000	0x00010000	0x47918f59	19.01.2008 06:49:13	Microsoft® Windows® Operating System	Mount Point Manager	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\mountmgr.sys	
nvraid.sys		0x8335b000	0x83376000	0x0001b000	0x46671a61	06.06.2007 21:34:41	NVIDIA nForce(TM) RAID Driver	NVIDIA® nForce(TM) RAID Driver	5.10.2600.0833 (NT.070222-1720)	NVIDIA Corporation	C:\Windows\system32\drivers\nvraid.sys	
CLASSPNP.SYS		0x83376000	0x83397000	0x00021000	0x49e01ee9	11.04.2009 05:39:05	Microsoft® Windows® Operating System	SCSI Class System Dll	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\CLASSPNP.SYS	
atapi.sys		0x83397000	0x8339f000	0x00008000	0x49e01eed	11.04.2009 05:39:09	Microsoft® Windows® Operating System	ATAPI IDE Miniport Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\atapi.sys	
ataport.SYS		0x8339f000	0x833bd000	0x0001e000	0x49e01eee	11.04.2009 05:39:10	Microsoft® Windows® Operating System	ATAPI Driver Extension	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\ataport.SYS	
fltmgr.sys		0x833bd000	0x833ef000	0x00032000	0x49e01907	11.04.2009 05:13:59	Betriebssystem Microsoft® Windows®	Microsoft Dateisystem-Filter-Manager	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\fltmgr.sys	
fileinfo.sys		0x833ef000	0x833ff000	0x00010000	0x47918be3	19.01.2008 06:34:27	Microsoft® Windows® Operating System	FileInfo Filter Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\fileinfo.sys	
ksecdd.sys		0x8a808000	0x8a87a000	0x00072000	0x4fc93a77	01.06.2012 22:56:07	Microsoft® Windows® Operating System	Kernel Security Support Provider Interface	6.0.6002.18643 (vistasp2_gdr.120601-1144)	Microsoft Corporation	C:\Windows\system32\drivers\ksecdd.sys	
ndis.sys		0x8a87a000	0x8a985000	0x0010b000	0x49e02080	11.04.2009 05:45:52	Microsoft® Windows® Operating System	NDIS 6.0 wrapper driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\ndis.sys	
msrpc.sys		0x8a985000	0x8a9b0000	0x0002b000	0x49e01e8c	11.04.2009 05:37:32	Microsoft® Windows® Operating System	Kernel Remote Procedure Call Provider	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\msrpc.sys	
NETIO.SYS		0x8a9b0000	0x8a9eb000	0x0003b000	0x49e0209d	11.04.2009 05:46:21	Microsoft® Windows® Operating System	Network I/O Subsystem	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\NETIO.SYS	
tcpip.sys		0x8a9eb000	0x8aad5000	0x000ea000	0x533f4cca	05.04.2014 01:22:34	Microsoft® Windows® Operating System	TCP/IP Driver	6.0.6002.19080 (vistasp2_gdr.140404-1538)	Microsoft Corporation	C:\Windows\system32\drivers\tcpip.sys	
fwpkclnt.sys		0x8aad5000	0x8aaf0000	0x0001b000	0x49e02076	11.04.2009 05:45:42	Microsoft® Windows® Operating System	FWP/IPsec Kernel-Mode API	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\fwpkclnt.sys	
Ntfs.sys		0x8aaf0000	0x8ac00000	0x00110000	0x51326902	02.03.2013 22:02:58	Betriebssystem Microsoft® Windows®	NT-Dateisystemtreiber	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\Ntfs.sys	
wd.sys		0x8a800000	0x8a808000	0x00008000	0x47919012	19.01.2008 06:52:18	Microsoft® Windows® Operating System	Microsoft Watchdog Timer Driver	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\wd.sys	
volsnap.sys		0x8ac0e000	0x8ac47000	0x00039000	0x502cfb5e	16.08.2012 14:53:34	Betriebssystem Microsoft® Windows®	Volumeschattenkopie-Treiber	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\volsnap.sys	
spldr.sys		0x8ac47000	0x8ac4f000	0x00008000	0x467b17dd	22.06.2007 01:29:17	Microsoft® Windows® Operating System	loader for security processor	6.0.6001.16606 (lh_security(sepbld-s).070621-1657)	Microsoft Corporation	C:\Windows\system32\drivers\spldr.sys	
speedfan.sys		0x8ac4f000	0x8ac53100	0x00004100	0x4d83838d	18.03.2011 17:08:45	SpeedFan	SpeedFan x32 Driver	X2.01.07	Almico Software	C:\Windows\system32\speedfan.sys	
mup.sys		0x8ac54000	0x8ac63000	0x0000f000	0x49e01914	11.04.2009 05:14:12	Microsoft® Windows® Operating System	Multiple UNC Provider driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\mup.sys	
giveio.sys		0x8ac63000	0x8ac63680	0x00000680	0x316334f5	04.04.1996 03:33:25					C:\Windows\system32\giveio.sys	
ecache.sys		0x8ac64000	0x8ac8b000	0x00027000	0x49e01f2c	11.04.2009 05:40:12	Microsoft® Windows® Operating System	Special Memory Device Cache	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\ecache.sys	
disk.sys		0x8ac8b000	0x8ac9c000	0x00011000	0x49e01ef2	11.04.2009 05:39:14	Microsoft® Windows® Operating System	PnP Disk Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\disk.sys	
crcdisk.sys		0x8ac9c000	0x8aca5000	0x00009000	0x47918fa5	19.01.2008 06:50:29	Microsoft® Windows® Operating System	Disk Block Verification Filter Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\crcdisk.sys	
tunnel.sys		0x8acc5000	0x8acd0000	0x0000b000	0x4b7d244d	18.02.2010 12:28:13	Microsoft® Windows® Operating System	Microsoft Tunnel Interface Driver	6.0.6002.18209 (vistasp2_gdr.100218-0019)	Microsoft Corporation	C:\Windows\system32\drivers\tunnel.sys	
tunmp.sys		0x8acd0000	0x8acd9000	0x00009000	0x479190dc	19.01.2008 06:55:40	Microsoft® Windows® Operating System	Microsoft Tunnel Interface Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\tunmp.sys	
intelppm.sys		0x8acd9000	0x8ace8000	0x0000f000	0x47918a38	19.01.2008 06:27:20	Microsoft® Windows® Operating System	Processor Device Driver	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\intelppm.sys	
nvsmu.sys		0x8ace8000	0x8acf1000	0x00009000	0x48861702	22.07.2008 18:21:06	NVIDIA nForce(TM) PCA Driver	NVIDIA nForce(TM) SMU Microcontroller Driver	5.10.2600.0158 built by: WinDDK	NVIDIA Corporation	C:\Windows\system32\drivers\nvsmu.sys	
usbohci.sys		0x8acf1000	0x8acfb000	0x0000a000	0x4dc2abff	05.05.2011 14:54:07	Microsoft® Windows® Operating System	OHCI USB Miniport Driver	6.0.6002.18465 (vistasp2_gdr.110505-0337)	Microsoft Corporation	C:\Windows\system32\drivers\usbohci.sys	
USBPORT.SYS		0x8acfb000	0x8ad39000	0x0003e000	0x51ce4144	29.06.2013 03:07:00	Microsoft® Windows® Operating System	USB 1.1 & 2.0 Port Driver	6.0.6002.18875 (vistasp2_gdr.130628-1536)	Microsoft Corporation	C:\Windows\system32\drivers\USBPORT.SYS	
usbehci.sys		0x8ad39000	0x8ad48000	0x0000f000	0x4dc2abff	05.05.2011 14:54:07	Microsoft® Windows® Operating System	EHCI eUSB Miniport Driver	6.0.6002.18465 (vistasp2_gdr.110505-0337)	Microsoft Corporation	C:\Windows\system32\drivers\usbehci.sys	
HDAudBus.sys		0x8ad48000	0x8add5000	0x0008d000	0x49e01fc1	11.04.2009 05:42:41	Microsoft® Windows® Operating System	High Definition Audio Bus Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\HDAudBus.sys	
ohci1394.sys		0x8add5000	0x8ade4300	0x0000f300	0x49e01fd8	11.04.2009 05:43:04	Microsoft® Windows® Operating System	1394 OpenHCI Port Driver	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\ohci1394.sys	
1394BUS.SYS		0x8ade5000	0x8adf2080	0x0000d080	0x47919057	19.01.2008 06:53:27	Microsoft® Windows® Operating System	1394 Bus Device Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\1394BUS.SYS	
nvlddmkm.sys		0x8f400000	0x8fb1f680	0x0071f680	0x487395e8	08.07.2008 17:29:28	NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.33	NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.33	7.15.11.7533	NVIDIA Corporation	C:\Windows\system32\drivers\nvlddmkm.sys	
dxgkrnl.sys		0x8fb20000	0x8fbc0000	0x000a0000	0x539b874e	14.06.2014 00:20:46	Microsoft® Windows® Operating System	DirectX Graphics Kernel	7.0.6002.18107 (vistasp2_gdr_win7ip_dgt(wmbla).090924-1550)	Microsoft Corporation	C:\Windows\system32\drivers\dxgkrnl.sys	
watchdog.sys		0x8fbc0000	0x8fbcc000	0x0000c000	0x49e01b13	11.04.2009 05:22:43	Microsoft® Windows® Operating System	Watchdog Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\watchdog.sys	
cdrom.sys		0x8fbcc000	0x8fbe4000	0x00018000	0x49e01ef5	11.04.2009 05:39:17	Microsoft® Windows® Operating System	SCSI CD-ROM Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\cdrom.sys	
nvmfdx32.sys		0x8adf3000	0x8aef1e00	0x000fee00	0x48733098	08.07.2008 10:17:12	NVIDIA Networking Driver	NVIDIA MCP Networking Function Driver.	1.00.01.06786	NVIDIA Corporation	C:\Windows\system32\drivers\nvmfdx32.sys	
wmiacpi.sys		0x8fbe4000	0x8fbed000	0x00009000	0x47918b7f	19.01.2008 06:32:47	Microsoft® Windows® Operating System	Windows Management Interface for ACPI	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\wmiacpi.sys	
msiscsi.sys		0x8aef2000	0x8af21000	0x0002f000	0x49e01f27	11.04.2009 05:40:07	Microsoft® Windows® Operating System	Microsoft iSCSI Initiator Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\msiscsi.sys	
storport.sys		0x8af21000	0x8af62000	0x00041000	0x49e01ef7	11.04.2009 05:39:19	Microsoft® Windows® Operating System	Microsoft Storage Port Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\storport.sys	
TDI.SYS		0x8fbed000	0x8fbf8000	0x0000b000	0x47919136	19.01.2008 06:57:10	Microsoft® Windows® Operating System	TDI Wrapper	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\TDI.SYS	
rasl2tp.sys		0x8af62000	0x8af79000	0x00017000	0x47919111	19.01.2008 06:56:33	Microsoft® Windows® Operating System	RAS L2TP mini-port/call-manager driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\rasl2tp.sys	
ndistapi.sys		0x8af79000	0x8af84000	0x0000b000	0x47919108	19.01.2008 06:56:24	Microsoft® Windows® Operating System	NDIS 3.0 connection wrapper driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\ndistapi.sys	
ndiswan.sys		0x8af84000	0x8afa7000	0x00023000	0x49e020a7	11.04.2009 05:46:31	Microsoft® Windows® Operating System	MS PPP Framing Driver (Strong Encryption)	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\ndiswan.sys	
raspppoe.sys		0x8afa7000	0x8afb6000	0x0000f000	0x49e020a6	11.04.2009 05:46:30	Microsoft® Windows® Operating System	RAS PPPoE mini-port/call-manager driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\raspppoe.sys	
raspptp.sys		0x8afb6000	0x8afca000	0x00014000	0x47919112	19.01.2008 06:56:34	Microsoft® Windows® Operating System	Peer-to-Peer Tunneling Protocol	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\raspptp.sys	
rassstp.sys		0x8afca000	0x8afdf000	0x00015000	0x49e020b0	11.04.2009 05:46:40	Microsoft® Windows® Operating System	RAS SSTP Miniport Call Manager	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\rassstp.sys	
termdd.sys		0x8afdf000	0x8afef000	0x00010000	0x49e021c2	11.04.2009 05:51:14	Microsoft® Windows® Operating System	Terminal Server Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\termdd.sys	
kbdclass.sys		0x8afef000	0x8affa000	0x0000b000	0x47918f5a	19.01.2008 06:49:14	Betriebssystem Microsoft® Windows®	Tastaturklassentreiber	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\kbdclass.sys	
mouclass.sys		0x8ac00000	0x8ac0b000	0x0000b000	0x47918f5a	19.01.2008 06:49:14	Betriebssystem Microsoft® Windows®	Mausklassentreiber	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\mouclass.sys	
swenum.sys		0x8fbf8000	0x8fbf9380	0x00001380	0x47918f60	19.01.2008 06:49:20	Microsoft® Windows® Operating System	Plug and Play Software Device Enumerator	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\swenum.sys	
ks.sys		0x8fc00000	0x8fc2a000	0x0002a000	0x49e01ed7	11.04.2009 05:38:47	Microsoft® Windows® Operating System	Kernel CSA Library	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\ks.sys	
mssmbios.sys		0x8fc2a000	0x8fc34000	0x0000a000	0x47918b87	19.01.2008 06:32:55	Microsoft® Windows® Operating System	System Management BIOS Driver	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\mssmbios.sys	
umbus.sys		0x8fc34000	0x8fc41000	0x0000d000	0x47919064	19.01.2008 06:53:40	Microsoft® Windows® Operating System	User-Mode Bus Enumerator	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\umbus.sys	
usbhub.sys		0x8fc41000	0x8fc76000	0x00035000	0x51ce4151	29.06.2013 03:07:13	Microsoft® Windows® Operating System	Default Hub Driver for USB	6.0.6002.18875 (vistasp2_gdr.130628-1536)	Microsoft Corporation	C:\Windows\system32\drivers\usbhub.sys	
NDProxy.SYS		0x8fc76000	0x8fc87000	0x00011000	0x4791910c	19.01.2008 06:56:28	Microsoft® Windows® Operating System	NDIS Proxy	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\NDProxy.SYS	
RTKVHDA.sys		0x8fc87000	0x8fe95c40	0x0020ec40	0x48b51b2f	27.08.2008 10:15:27	Realtek(r) High Definition Audio Function Driver	Realtek(r) High Definition Audio Function Driver	6.0.1.5694 built by: WinDDK	Realtek Semiconductor Corp.	C:\Windows\system32\drivers\RTKVHDA.sys	
portcls.sys		0x8fe96000	0x8fec3000	0x0002d000	0x52705618	30.10.2013 01:43:04	Microsoft® Windows® Operating System	Port Class (Class Driver for Port/Miniport Devices)	6.0.6002.18974 (vistasp2_gdr.131029-1536)	Microsoft Corporation	C:\Windows\system32\drivers\portcls.sys	
drmk.sys		0x8fec3000	0x8fee8000	0x00025000	0x52706428	30.10.2013 02:43:04	Microsoft® Windows® Operating System	Microsoft Kernel DRM Descrambler Filter	6.0.6002.18974 (vistasp2_gdr.131029-1536)	Microsoft Corporation	C:\Windows\system32\drivers\drmk.sys	
Fs_Rec.SYS		0x8fee8000	0x8fef1000	0x00009000	0x4f4e28f4	29.02.2012 14:32:36	Microsoft® Windows® Operating System	File System Recognizer Driver	6.0.6002.18592 (vistasp2_gdr.120229-0238)	Microsoft Corporation	C:\Windows\system32\drivers\Fs_Rec.SYS	
Null.SYS		0x8fef1000	0x8fef8000	0x00007000	0x47918f58	19.01.2008 06:49:12	Microsoft® Windows® Operating System	NULL Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\Null.SYS	
Beep.SYS		0x8fef8000	0x8feff000	0x00007000	0x47918f56	19.01.2008 06:49:10	Microsoft® Windows® Operating System	BEEP Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\Beep.SYS	
HIDPARSE.SYS		0x8ff08000	0x8ff0e380	0x00006380	0x51d3882a	03.07.2013 03:10:50	Microsoft® Windows® Operating System	Hid Parsing Library	6.0.6002.18878 (vistasp2_gdr.130702-1537)	Microsoft Corporation	C:\Windows\system32\drivers\HIDPARSE.SYS	
vga.sys		0x8ff0f000	0x8ff1b000	0x0000c000	0x47919006	19.01.2008 06:52:06	Microsoft® Windows® Operating System	VGA/Super VGA Video Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\vga.sys	
VIDEOPRT.SYS		0x8ff1b000	0x8ff3c000	0x00021000	0x4791900a	19.01.2008 06:52:10	Microsoft® Windows® Operating System	Video Port Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\VIDEOPRT.SYS	
RDPCDD.sys		0x8ff3c000	0x8ff44000	0x00008000	0x47919224	19.01.2008 07:01:08	Microsoft® Windows® Operating System	RDP Miniport	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\RDPCDD.sys	
rdpencdd.sys		0x8ff44000	0x8ff4c000	0x00008000	0x47919225	19.01.2008 07:01:09	Microsoft® Windows® Operating System	RDP Miniport	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\rdpencdd.sys	
Msfs.SYS		0x8ff4c000	0x8ff57000	0x0000b000	0x47918a68	19.01.2008 06:28:08	Microsoft® Windows® Operating System	Mailslot driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\Msfs.SYS	
Npfs.SYS		0x8ff57000	0x8ff65000	0x0000e000	0x49e01909	11.04.2009 05:14:01	Microsoft® Windows® Operating System	NPFS Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\Npfs.SYS	
rasacd.sys		0x8ff65000	0x8ff6e000	0x00009000	0x4791910f	19.01.2008 06:56:31	Microsoft® Windows® Operating System	RAS Automatic Connection Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\rasacd.sys	
tdx.sys		0x8ff6e000	0x8ff84000	0x00016000	0x49e02084	11.04.2009 05:45:56	Microsoft® Windows® Operating System	TDI Translation Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\tdx.sys	
smb.sys		0x8ff84000	0x8ff98000	0x00014000	0x49e02062	11.04.2009 05:45:22	Microsoft® Windows® Operating System	SMB Transport driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\smb.sys	
afd.sys		0x8ff98000	0x8ffe0000	0x00048000	0x53882ae1	30.05.2014 07:53:21	Betriebssystem Microsoft® Windows®	Ancillary Function Driver for WinSock	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\afd.sys	
netbt.sys		0x90404000	0x90436000	0x00032000	0x49e0206f	11.04.2009 05:45:35	Microsoft® Windows® Operating System	MBT Transport driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\netbt.sys	
pacer.sys		0x90436000	0x9044c000	0x00016000	0x49e0207f	11.04.2009 05:45:51	Betriebssystem Microsoft® Windows®	QoS-Paketplaner	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\pacer.sys	
netbios.sys		0x9044c000	0x9045a000	0x0000e000	0x479190e1	19.01.2008 06:55:45	Microsoft® Windows® Operating System	NetBIOS interface driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\netbios.sys	
wanarp.sys		0x9045a000	0x9046d000	0x00013000	0x4791910f	19.01.2008 06:56:31	Microsoft® Windows® Operating System	MS Remote Access and Routing ARP Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\wanarp.sys	
ssmdrv.sys		0x9046d000	0x90472a00	0x00005a00	0x4a000f5e	05.05.2009 11:05:18		AVIRA SnapShot Driver	7.00.02.02	Avira GmbH	C:\Windows\system32\drivers\ssmdrv.sys	
rdbss.sys		0x90473000	0x904af000	0x0003c000	0x49e01922	11.04.2009 05:14:26	Microsoft® Windows® Operating System	Redirected Drive Buffering SubSystem Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\rdbss.sys	
nsiproxy.sys		0x904af000	0x904b9000	0x0000a000	0x479190e6	19.01.2008 06:55:50	Microsoft® Windows® Operating System	NSI Proxy	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\nsiproxy.sys	
dfsc.sys		0x904b9000	0x904d0000	0x00017000	0x4da70bb7	14.04.2011 15:59:03	Microsoft® Windows® Operating System	DFS Namespace Client Driver	6.0.6002.18451 (vistasp2_gdr.110414-0338)	Microsoft Corporation	C:\Windows\system32\drivers\dfsc.sys	
avkmgr.sys		0x904d0000	0x904dc000	0x0000c000	0x5236e7c4	16.09.2013 12:13:08	Avira Product Family	Avira Manager Driver	14.0.0.311	Avira Operations GmbH & Co. KG	C:\Windows\system32\drivers\avkmgr.sys	
avipbb.sys		0x904dc000	0x90500000	0x00024000	0x53e1d98d	06.08.2014 08:30:21	Avira Product Family	Avira Driver for Security Enhancement	14.0.7.186	Avira Operations GmbH & Co. KG	C:\Windows\system32\drivers\avipbb.sys	
usbccgp.sys		0x90500000	0x90517000	0x00017000	0x51ce4148	29.06.2013 03:07:04	Microsoft® Windows® Operating System	USB Common Class Generic Parent Driver	6.0.6002.18875 (vistasp2_gdr.130628-1536)	Microsoft Corporation	C:\Windows\system32\drivers\usbccgp.sys	
USBD.SYS		0x90517000	0x90518780	0x00001780	0x51ce413d	29.06.2013 03:06:53	Microsoft® Windows® Operating System	Universal Serial Bus Driver	6.0.6002.18875 (vistasp2_gdr.130628-1536)	Microsoft Corporation	C:\Windows\system32\drivers\USBD.SYS	
HIDCLASS.SYS		0x90522000	0x90532000	0x00010000	0x49e01fc7	11.04.2009 05:42:47	Microsoft® Windows® Operating System	Hid Class Library	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\HIDCLASS.SYS	
kbdhid.sys		0x90532000	0x9053b000	0x00009000	0x49e01ed0	11.04.2009 05:38:40	Betriebssystem Microsoft® Windows®	HID-Tastaturfiltertreiber	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\kbdhid.sys	
mouhid.sys		0x9053b000	0x90543000	0x00008000	0x47918f5c	19.01.2008 06:49:16	Betriebssystem Microsoft® Windows®	HID-Mausfiltertreiber	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\mouhid.sys	
USBSTOR.SYS		0x90543000	0x90558000	0x00015000	0x49e01fcf	11.04.2009 05:42:55	Microsoft® Windows® Operating System	USB Mass Storage Class Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\USBSTOR.SYS	
crashdmp.sys		0x90562000	0x9056f000	0x0000d000	0x49e01ef0	11.04.2009 05:39:12	Microsoft® Windows® Operating System	Crash Dump Driver	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\crashdmp.sys	
dump_dumpata.sys		0x9056f000	0x9057a000	0x0000b000	0x49e01eed	11.04.2009 05:39:09						
dump_atapi.sys		0x9057a000	0x90582000	0x00008000	0x49e01eed	11.04.2009 05:39:09						
win32k.sys		0x99850000	0x99a56000	0x00206000	0x00000000		Betriebssystem Microsoft® Windows®	Mehrbenutzer-Win32-Treiber	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\win32k.sys	
Dxapi.sys		0x90582000	0x9058c000	0x0000a000	0x47918c4c	19.01.2008 06:36:12	Microsoft® Windows® Operating System	DirectX API Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\Dxapi.sys	
monitor.sys		0x9058c000	0x9059b000	0x0000f000	0x47919013	19.01.2008 06:52:19	Microsoft® Windows® Operating System	Monitor Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\monitor.sys	
TSDDD.dll		0x99a70000	0x99a79000	0x00009000	0x00000000		Microsoft® Windows® Operating System	Framebuffer Display Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\TSDDD.dll	
luafv.sys		0x9059b000	0x905b6000	0x0001b000	0x47918afb	19.01.2008 06:30:35	Betriebssystem Microsoft® Windows®	LUA-Filtertreiber zur Dateivirtualisierung	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\luafv.sys	
avgntflt.sys		0x905b6000	0x905d4000	0x0001e000	0x53c00624	11.07.2014 16:43:32	Avira Product Family	Avira Minifilter Driver	14.0.6.524	Avira Operations GmbH & Co. KG	C:\Windows\system32\drivers\avgntflt.sys	
WudfPf.sys		0x905d4000	0x905e8000	0x00014000	0x5010ac87	26.07.2012 03:33:43	Microsoft® Windows® Operating System	Windows Driver Foundation - User-mode Driver Framework Platform Driver	6.2.9200.16384 (win8_rtm.120725-1247)	Microsoft Corporation	C:\Windows\system32\drivers\WudfPf.sys	
cdd.dll		0x99a90000	0x99a9e000	0x0000e000	0x00000000		Microsoft® Windows® Operating System	Canonical Display Driver	7.0.6002.23427 (vistasp2_ldr.140613-1506)	Microsoft Corporation	C:\Windows\system32\cdd.dll	
spsys.sys		0x905e8000	0x90698000	0x000b0000	0x49b69f04	10.03.2009 18:10:28	Microsoft® Windows® Operating System	security processor	6.0.6002.17040 (longhorn(sepbld-s).090310-1002)	Microsoft Corporation	C:\Windows\system32\drivers\spsys.sys	
lltdio.sys		0x90698000	0x906a8000	0x00010000	0x479190b7	19.01.2008 06:55:03	Microsoft® Windows® Operating System	Link-Layer Topology Mapper I/O Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\lltdio.sys	
rspndr.sys		0x906a8000	0x906bb000	0x00013000	0x479190b7	19.01.2008 06:55:03	Microsoft® Windows® Operating System	Link-Layer Topology Responder Driver for NDIS 6	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\rspndr.sys	
HTTP.sys		0x906bb000	0x90728000	0x0006d000	0x4b804bcb	20.02.2010 21:53:31	Betriebssystem Microsoft® Windows®	HTTP-Protokollstapel	6.0.6002.18136 (vistasp2_gdr.091102-2300)	Microsoft Corporation	C:\Windows\system32\drivers\HTTP.sys	
srvnet.sys		0x90728000	0x90745000	0x0001d000	0x4dbabc34	29.04.2011 14:25:08	Microsoft® Windows® Operating System	Server Network driver	6.0.6002.18462 (vistasp2_gdr.110429-0338)	Microsoft Corporation	C:\Windows\system32\drivers\srvnet.sys	
bowser.sys		0x90745000	0x9075e000	0x00019000	0x4d63b8ea	22.02.2011 14:23:54	Microsoft® Windows® Operating System	NT Lan Manager Datagram Receiver Driver	6.0.6002.18409 (vistasp2_gdr.110222-0237)	Microsoft Corporation	C:\Windows\system32\drivers\bowser.sys	
mpsdrv.sys		0x9075e000	0x90773000	0x00015000	0x479190a5	19.01.2008 06:54:45	Microsoft® Windows® Operating System	Microsoft Protection Service Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\mpsdrv.sys	
mrxdav.sys		0x90773000	0x90794000	0x00021000	0x49e0192f	11.04.2009 05:14:39	Microsoft® Windows® Operating System	Windows NT WebDav Minirdr	6.0.6002.18005 (lh_sp2rtm.090410-1830)	Microsoft Corporation	C:\Windows\system32\drivers\mrxdav.sys	
mrxsmb.sys		0x90794000	0x907b3000	0x0001f000	0x4dbabc17	29.04.2011 14:24:39	Microsoft® Windows® Operating System	Windows NT SMB Minirdr	6.0.6002.18462 (vistasp2_gdr.110429-0338)	Microsoft Corporation	C:\Windows\system32\drivers\mrxsmb.sys	
mrxsmb10.sys		0x907b3000	0x907ec000	0x00039000	0x4e147fe2	06.07.2011 16:31:46	Microsoft® Windows® Operating System	Longhorn SMB Downlevel SubRdr	6.0.6002.18490 (vistasp2_gdr.110706-0539)	Microsoft Corporation	C:\Windows\system32\drivers\mrxsmb10.sys	
mrxsmb20.sys		0x8ffe0000	0x8fff8000	0x00018000	0x4dbabc19	29.04.2011 14:24:41	Microsoft® Windows® Operating System	Longhorn SMB 2.0 Redirector	6.0.6002.18462 (vistasp2_gdr.110429-0338)	Microsoft Corporation	C:\Windows\system32\drivers\mrxsmb20.sys	
srv2.sys		0x9f807000	0x9f82f000	0x00028000	0x4dbabc35	29.04.2011 14:25:09	Microsoft® Windows® Operating System	Smb 2.0 Server driver	6.0.6002.18462 (vistasp2_gdr.110429-0338)	Microsoft Corporation	C:\Windows\system32\drivers\srv2.sys	
srv.sys		0x9f82f000	0x9f87e000	0x0004f000	0x4d5e7c30	18.02.2011 15:03:28	Microsoft® Windows® Operating System	Server driver	6.0.6000.16386 (vista_rtm.061101-2205)	Microsoft Corporation	C:\Windows\system32\drivers\srv.sys	
peauth.sys		0x9f87e000	0x9f95c000	0x000de000	0x453c8384	23.10.2006 09:55:32	Microsoft® Windows® Operating System	Protected Environment Authentication and Authorization Export Driver	6.0.5840.16385 (VISTA_RTM_CLIENT_akaDMD.061022-1800)	Microsoft Corporation	C:\Windows\system32\drivers\peauth.sys	
secdrv.SYS		0x9f95c000	0x9f966000	0x0000a000	0x45080528	13.09.2006 14:18:32	Macrovision SECURITY Driver	Macrovision SECURITY Driver	4.03.086	Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.	C:\Windows\system32\drivers\secdrv.SYS	
tcpipreg.sys		0x9f966000	0x9f972000	0x0000c000	0x4b1e8c3a	08.12.2009 18:26:18	Microsoft® Windows® Operating System	TCP/IP Registry Compatibility Driver	6.0.6002.18160 (vistasp2_gdr.091208-0542)	Microsoft Corporation	C:\Windows\system32\drivers\tcpipreg.sys	
WUDFRd.sys		0x9f972000	0x9f99d000	0x0002b000	0x5010ac53	26.07.2012 03:32:51	Microsoft® Windows® Operating System	Windows Driver Foundation - User-mode Driver Framework Reflector	6.2.9200.16384 (win8_rtm.120725-1247)	Microsoft Corporation	C:\Windows\system32\drivers\WUDFRd.sys	
cdfs.sys		0x9f99d000	0x9f9b3000	0x00016000	0x47918a62	19.01.2008 06:28:02	Microsoft® Windows® Operating System	CD-ROM File System Driver	6.0.6001.18000 (longhorn_rtm.080118-1840)	Microsoft Corporation	C:\Windows\system32\drivers\cdfs.sys


Alt 17.12.2014, 20:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 
MyFreeze Malware Fund - Standard

MyFreeze Malware Fund


Ja kann dort bleiben.

Zitat:
TigerGame XBOX+PS2+GC Game Controller Adapter 2.0.1.0 (HKLM\...\TigerGame XBOX+PS2+GC Game Controller Adapter_is1) (Version: - )
Deinstallieren, dann hören die Bluescreens auf.
__________________
--> MyFreeze Malware Fund

Antwort

Themen zu MyFreeze Malware Fund
abstürze, bildschirm, datenbank, datum, erkannt, fernseher, fund, geschlossen, gestern, hören, malware, malwarebytes, musik, quarantäne, sache, schutz, service, software, verursacht, vista, webseite, webseiten, windows, windows vista, zusätzlich


« Steam Nachricht von Freunde geöffnet mit einer .scr Datei drin | Windos 8: Pop-up von www1.mprns.com/tracker... »


Ähnliche Themen: MyFreeze Malware Fund


  1. PUP.Optional.MyFreeze entfernen
    Anleitungen, FAQs & Links - 06.11.2015 (2)
  2. Malwarebytes Anti-Malware Fund: PUP.Optional.Conduit.A
    Plagegeister aller Art und deren Bekämpfung - 02.08.2015 (9)
  3. Malware Fund von Maleware Antimalwarebytes
    Log-Analyse und Auswertung - 26.10.2014 (15)
  4. Trojaner-Fund von Anti-Malware nach Blue Screen
    Log-Analyse und Auswertung - 07.07.2014 (9)
  5. Doppelter Trojan.SpyEyes-Fund nach Scan mit Malwarebytes Anti-Malware
    Log-Analyse und Auswertung - 19.03.2014 (11)
  6. Avira meldet Fund, Malware bestätigt das. Was tun?
    Plagegeister aller Art und deren Bekämpfung - 09.03.2014 (15)
  7. DealPly Windows Defender-Warnung und Fund von Malware durch Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 15.01.2014 (9)
  8. Windows 8: Malware Fund - ADWARE/InstallCore.Gen + WLAN Probleme
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (7)
  9. VirusTotal Fund: PE:Malware.XPACK/RDM!5.1
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (3)
  10. Fund bei Suchlauf mit Malwarebytes Anti-Malware
    Plagegeister aller Art und deren Bekämpfung - 15.12.2013 (15)
  11. Malware Fund Windows 7
    Plagegeister aller Art und deren Bekämpfung - 27.11.2013 (17)
  12. Jede Woche min. ein Fund bei Malware
    Log-Analyse und Auswertung - 22.10.2013 (6)
  13. Inkasso Mail mit Zip-Anhang geöffnet, Trojaner Fund mit Malware Bytes
    Log-Analyse und Auswertung - 19.05.2013 (25)
  14. Rechner fährt sich selbst herunter! Vorher Malware-Fund!
    Plagegeister aller Art und deren Bekämpfung - 18.12.2010 (1)
  15. Malware Fund
    Log-Analyse und Auswertung - 03.11.2010 (29)
  16. Malware-Fund EXP/Pidief.GL während Online Banking
    Log-Analyse und Auswertung - 12.12.2009 (3)
  17. Malware Fund durch AntiVir
    Log-Analyse und Auswertung - 28.03.2009 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema MyFreeze Malware Fund - Hallo, seit gestern hatte ich 3 mal einen Bluescreen. Mal beim Musik hören oder z.B. wenn ich meinen Fernseher, den ich zusätzlich am PC als 2. Bildschirm angeschlossen habe, ausgeschaltet - MyFreeze Malware Fund...
Archiv
Du betrachtest: MyFreeze Malware Fund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131