| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Telekom Abuse Team Sicherheitswarnung: Spam-MailsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.01.2015, 19:37
| #1 |
 |  Telekom Abuse Team Sicherheitswarnung: Spam-Mails Hallo, ich habe heute einen Brief von der Telekom erhalten mit dem Betreff: "Wichtige Sicherheitswarnung zu Ihrem Internetzugang". Darin wird behauptet, dass es Hinweise auf den Versand von Spam-Mails durch diesen Anschluss gibt. Da es in unserem Haushalt vier Computer und drei Smartphones gibt, weiß ich also nicht von welchem System diese Emails versendet worden sein sollen. Zwei Computer nutzen Windows und zwei Mac OS X. Ich hoffe Sie können mir helfen. Mit freundlichem Gruß, hitboxer |
|
07.01.2015, 19:45
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Abuse Team Sicherheitswarnung: Spam-Mails hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.01.2015, 19:49
| #3 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-MailsFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Rene (administrator) on RENE-PC on 07-01-2015 19:22:23
Running from C:\Users\Rene\Desktop
Loaded Profile: Rene (Available profiles: Rene)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1858689066-4223474752-1546550983-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-1858689066-4223474752-1546550983-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1858689066-4223474752-1546550983-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\35t07gqv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Avira Browser Safety - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\35t07gqv.default\Extensions\abs@avira.com [2015-01-07]
FF Extension: YouTube High Definition - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\35t07gqv.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-12-01]
FF Extension: Adblock Plus - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\35t07gqv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-01]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [106608 2014-12-21] (<Turtle Entertainment>)
R3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [7808 2014-12-01] (SweetLow)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-05] (Razer Inc)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 kxldrpow; \??\C:\Users\Rene\AppData\Local\Temp\kxldrpow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 19:22 - 2015-01-07 19:22 - 00011620 _____ () C:\Users\Rene\Desktop\FRST.txt
2015-01-07 19:21 - 2015-01-07 19:21 - 00050477 _____ () C:\Users\Rene\Desktop\Defogger.exe
2015-01-07 19:21 - 2015-01-07 19:21 - 00000470 _____ () C:\Users\Rene\Desktop\defogger_disable.log
2015-01-07 19:21 - 2015-01-07 19:21 - 00000000 _____ () C:\Users\Rene\defogger_reenable
2015-01-07 19:16 - 2015-01-07 19:17 - 00001009 _____ () C:\Users\Rene\Desktop\Neues Textdokument.txt
2015-01-07 19:16 - 2015-01-07 19:16 - 00380416 _____ () C:\Users\Rene\Desktop\Gmer-19357.exe
2015-01-07 19:12 - 2015-01-07 19:22 - 00000000 ____D () C:\FRST
2015-01-07 19:12 - 2015-01-07 19:12 - 00054454 _____ () C:\Users\Rene\Desktop\avira.txt
2015-01-07 18:45 - 2015-01-07 18:45 - 02124288 _____ (Farbar) C:\Users\Rene\Desktop\FRST64.exe
2015-01-07 18:44 - 2015-01-07 18:44 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-07 18:42 - 2015-01-07 18:42 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Avira
2015-01-07 18:42 - 2015-01-07 18:41 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-01-07 18:40 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-01-07 18:40 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-01-07 18:40 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-01-07 18:38 - 2015-01-07 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-07 18:38 - 2015-01-07 18:40 - 00000000 ____D () C:\ProgramData\Avira
2015-01-07 18:38 - 2015-01-07 18:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-07 18:38 - 2015-01-07 18:38 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-07 18:35 - 2015-01-07 18:35 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Rene\Desktop\avira_de_av_5767243779__ws.exe
2015-01-06 19:53 - 2015-01-06 19:53 - 00291296 _____ () C:\Windows\Minidump\010615-8860-01.dmp
2014-12-28 19:24 - 2014-12-28 19:24 - 00288139 _____ () C:\Users\Rene\Desktop\ESL.zip
2014-12-28 15:08 - 2014-12-28 15:08 - 00000727 _____ () C:\Users\Rene\Desktop\ESL Matchmedia - Verknüpfung.lnk
2014-12-28 00:37 - 2014-12-28 00:37 - 00291296 _____ () C:\Windows\Minidump\122814-8860-01.dmp
2014-12-27 15:19 - 2014-12-27 15:19 - 00000000 ____D () C:\Users\Rene\Documents\SimCity
2014-12-27 15:08 - 2014-12-27 15:08 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-26 23:06 - 2014-12-27 15:19 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Origin
2014-12-26 23:06 - 2014-12-26 23:06 - 00000000 ____D () C:\Users\Rene\AppData\Local\Origin
2014-12-26 23:02 - 2015-01-05 02:56 - 00000000 ____D () C:\ProgramData\Origin
2014-12-26 23:02 - 2014-12-27 15:19 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-12-26 23:02 - 2014-12-26 23:02 - 00000692 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-12-21 18:23 - 2014-12-21 18:23 - 00106608 _____ (<Turtle Entertainment>) C:\Windows\system32\Drivers\ESLWireACD.sys
2014-12-20 23:52 - 2012-01-25 10:54 - 00000000 ____D () C:\Users\Rene\Desktop\278992873_asd
2014-12-20 23:02 - 2014-12-20 23:02 - 02130731 _____ () C:\Users\Rene\Desktop\278992873_asd.rar
2014-12-20 10:05 - 2014-12-20 10:05 - 00291408 _____ () C:\Windows\Minidump\122014-8923-01.dmp
2014-12-18 09:08 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-18 09:08 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-18 00:31 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 00:31 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 18:10 - 2014-12-17 18:10 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Gyazo
2014-12-17 18:08 - 2014-12-17 19:08 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2014-12-17 18:08 - 2014-12-17 18:08 - 00003740 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2014-12-17 18:08 - 2014-12-17 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2014-12-17 07:59 - 2014-12-17 07:59 - 00010648 ____R () C:\Users\Rene\Desktop\config.cfg
2014-12-16 13:22 - 2014-12-13 06:54 - 00886784 _____ (Microsoft) C:\Users\Rene\Desktop\Matchmaking Server Picker.exe
2014-12-14 17:29 - 2014-12-14 17:29 - 00291408 _____ () C:\Windows\Minidump\121414-7753-01.dmp
2014-12-14 10:44 - 2014-12-14 10:44 - 00000000 ____D () C:\Users\Rene\AppData\Local\Blizzard
2014-12-14 10:32 - 2014-12-14 10:32 - 00000820 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-14 10:32 - 2014-12-14 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-14 10:31 - 2014-12-19 14:53 - 00000000 ____D () C:\Users\Rene\AppData\Local\Battle.net
2014-12-14 10:31 - 2014-12-14 10:31 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Battle.net
2014-12-14 10:31 - 2014-12-14 10:31 - 00000000 ____D () C:\Users\Rene\AppData\Local\Blizzard Entertainment
2014-12-14 10:31 - 2014-12-14 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-14 10:31 - 2014-12-14 10:31 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-14 10:28 - 2014-12-14 10:28 - 00000000 ____D () C:\ProgramData\Battle.net
2014-12-13 03:48 - 2014-12-28 17:36 - 00000000 ____D () C:\Users\Rene\AppData\Local\ESL Wire Game Client
2014-12-13 03:48 - 2014-12-13 03:48 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-12-13 03:48 - 2014-12-13 03:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2014-12-13 03:48 - 2014-12-13 03:48 - 00000000 ____D () C:\ProgramData\ESL Wire
2014-12-13 03:48 - 2014-12-13 03:48 - 00000000 ____D () C:\Program Files\EslWire
2014-12-13 03:33 - 2014-12-13 03:33 - 00673797 _____ () C:\Users\Rene\Desktop\SHOX-GUI.RAR
2014-12-10 22:11 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 22:11 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 22:11 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 22:11 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 22:11 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 22:11 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 22:11 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 22:11 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 22:11 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 22:11 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 22:11 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 22:11 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 22:11 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 22:11 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 22:11 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 22:11 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 22:11 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 22:11 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 22:11 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 22:11 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 22:11 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 22:11 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 22:11 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 22:11 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 22:11 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 22:11 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 22:11 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 22:11 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 22:11 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 22:11 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 22:11 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 22:11 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 22:11 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 22:11 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 22:11 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 22:11 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 22:11 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 22:11 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 22:11 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 22:11 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 22:11 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 22:11 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 22:11 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 22:11 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 22:11 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 22:11 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 22:11 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 22:11 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 22:11 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 22:11 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 22:11 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 22:11 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 22:11 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 22:11 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 22:10 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 22:10 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 22:00 - 2014-12-10 22:00 - 00010524 _____ () C:\Users\Rene\Desktop\BenQ XL2420Z 120Hz.icm
2014-12-09 01:57 - 2014-12-09 01:57 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Rene-PC-Rene
2014-12-09 01:57 - 2014-12-09 01:57 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\PDAppFlex
2014-12-09 01:57 - 2014-12-09 01:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-09 01:53 - 2014-12-09 01:55 - 00001040 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2014-12-09 01:53 - 2014-12-09 01:53 - 00000000 ____D () C:\Program Files\Adobe
2014-12-09 01:52 - 2014-12-09 01:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-09 01:38 - 2014-12-09 01:38 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-12-09 01:38 - 2014-12-09 01:38 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 19:21 - 2014-12-01 13:18 - 00000000 ____D () C:\Users\Rene
2015-01-07 19:20 - 2014-12-01 13:18 - 01252140 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 19:17 - 2014-12-01 13:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 19:09 - 2014-12-01 13:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 19:04 - 2009-07-14 05:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 19:04 - 2009-07-14 05:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 18:44 - 2014-12-02 12:34 - 00136208 _____ () C:\Windows\DPINST.LOG
2015-01-07 18:44 - 2014-12-02 12:32 - 00000000 ____D () C:\Users\Rene\AppData\Local\Razer
2015-01-07 18:44 - 2014-12-02 12:32 - 00000000 ____D () C:\ProgramData\Razer
2015-01-07 18:44 - 2014-12-02 12:32 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-01-07 18:38 - 2014-12-01 14:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-07 17:54 - 2014-12-01 14:26 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\TS3Client
2015-01-07 13:10 - 2011-04-12 08:43 - 00668390 _____ () C:\Windows\system32\perfh007.dat
2015-01-07 13:10 - 2011-04-12 08:43 - 00135202 _____ () C:\Windows\system32\perfc007.dat
2015-01-07 13:10 - 2009-07-14 06:13 - 01539588 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-07 13:04 - 2014-12-06 01:09 - 00000000 ____D () C:\Users\Rene\AppData\Local\Adobe
2015-01-07 13:04 - 2014-12-01 13:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-07 13:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 13:04 - 2009-07-14 05:51 - 00042515 _____ () C:\Windows\setupact.log
2015-01-06 19:53 - 2014-12-05 20:16 - 00000000 ____D () C:\Windows\Minidump
2014-12-27 15:07 - 2010-11-21 04:47 - 00005448 _____ () C:\Windows\PFRO.log
2014-12-26 23:47 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-17 07:33 - 2014-12-01 15:35 - 00052323 _____ () C:\Windows\DirectX.log
2014-12-16 11:41 - 2014-12-01 13:30 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-16 11:41 - 2014-12-01 13:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-16 11:41 - 2014-12-01 13:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-13 06:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 01:12 - 2014-12-01 13:53 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-12-01 13:53 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-13 01:12 - 2014-12-01 13:53 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-12-01 13:53 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-11 15:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 22:12 - 2014-12-01 13:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 22:12 - 2014-12-01 13:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 18:19 - 2014-12-06 01:10 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 01:57 - 2014-12-05 00:24 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\NVIDIA
2014-12-09 01:57 - 2014-12-01 13:30 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Adobe
2014-12-09 01:56 - 2014-12-06 01:10 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-09 01:38 - 2014-12-06 01:10 - 00000000 ____D () C:\Program Files (x86)\Adobe
Some content of TEMP:
====================
C:\Users\Rene\AppData\Local\Temp\avgnt.exe
C:\Users\Rene\AppData\Local\Temp\EslWireSetup-1.18.0.8101-x64.exe
C:\Users\Rene\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!
LastRegBack: 2015-01-04 01:58
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Rene at 2015-01-07 19:22:34
Running from C:\Users\Rene\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{07C5D2FF-2AA8-46D1-B9E8-BACCD34C8E01}) (Version: 12.1.4.154 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 Hotfix Rollup (KB2974336) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.52245 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
USB PnP Sound Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: - )
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
07-01-2015 17:22:42 Geplanter Prüfpunkt
07-01-2015 18:44:20 Removed Razer Synapse 2.0.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3F0AE74A-0EA0-47AE-8501-402922BF63E5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {59A7DA8E-578B-460E-A201-A255529DAF5D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-16] (Adobe Systems Incorporated)
Task: {8592470C-7D68-43C6-8861-453412CD4997} - System32\Tasks\AdobeAAMUpdater-1.0-Rene-PC-Rene => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {D86D21CE-4C8A-412A-B43B-DBC300B4B1E6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D96F0F21-89F2-410C-950A-87A154CBBD82} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-12-01 13:52 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-13 03:49 - 2014-01-28 11:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2014-12-13 03:49 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-02 18:48 - 2014-12-02 18:48 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1858689066-4223474752-1546550983-500 - Administrator - Disabled)
Gast (S-1-5-21-1858689066-4223474752-1546550983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1858689066-4223474752-1546550983-1003 - Limited - Enabled)
Rene (S-1-5-21-1858689066-4223474752-1546550983-1001 - Administrator - Enabled) => C:\Users\Rene
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Videocontroller
Description: Videocontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/07/2015 05:15:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (01/07/2015 01:06:47 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/06/2015 07:55:48 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/06/2015 07:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.0.5442, Zeitstempel: 0x54754d35
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.0.5442, Zeitstempel: 0x54754649
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1084
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/06/2015 07:47:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (01/06/2015 02:56:53 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/05/2015 11:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.0.5442, Zeitstempel: 0x54754d35
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.0.5442, Zeitstempel: 0x54754649
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x26c8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/04/2015 01:58:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (01/03/2015 11:36:54 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (01/03/2015 02:09:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
System errors:
=============
Error: (01/07/2015 06:44:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/06/2015 07:53:58 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP010615-8860-01
Error: (01/06/2015 07:53:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.01.2015 um 19:52:56 unerwartet heruntergefahren.
Error: (01/02/2015 03:27:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.01.2015 um 02:52:07 unerwartet heruntergefahren.
Error: (12/28/2014 02:41:05 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (12/28/2014 02:41:05 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (12/28/2014 02:41:05 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (12/28/2014 00:37:21 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP122814-8860-01
Error: (12/28/2014 00:37:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.12.2014 um 00:36:08 unerwartet heruntergefahren.
Error: (12/20/2014 10:05:07 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP122014-8923-01
Microsoft Office Sessions:
=========================
Error: (01/07/2015 05:15:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
Error: (01/07/2015 01:06:47 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2015 07:55:48 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2015 07:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.0.544254754d35mozalloc.dll34.0.0.5442547546498000000300001425108401d029e227110998C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll6db68683-95d5-11e4-b43f-bc5ff4758777
Error: (01/06/2015 07:47:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
Error: (01/06/2015 02:56:53 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2015 11:46:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.0.544254754d35mozalloc.dll34.0.0.544254754649800000030000142526c801d028d3414d6b61C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0fb38783-94c8-11e4-a9ea-bc5ff4758777
Error: (01/04/2015 01:58:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
Error: (01/03/2015 11:36:54 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 02:09:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 15%
Total physical RAM: 16265.23 MB
Available physical RAM: 13755.09 MB
Total Pagefile: 32528.63 MB
Available Pagefile: 29816.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.31 GB) (Free:4.64 GB) NTFS
Drive e: () (Fixed) (Total:149.05 GB) (Free:122.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: C00DC00D)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 74.5 GB) (Disk ID: 69C073AE)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
08.01.2015, 07:17
| #4 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Dann jetzt bitte noch FRST Logs von dem anderen Windows Rechner 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.01.2015, 08:22
| #5 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Moin, moin! FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Günni (administrator) on G-95B0E170C0764 on 08-01-2015 08:23:56
Running from C:\Dokumente und Einstellungen\Günni\Desktop
Loaded Profile: Günni (Available profiles: Günni)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
() C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
(Hewlett-Packard Company) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Programme\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
(Hewlett-Packard) C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
() C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\updrgui.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelZeroConfig] => C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe [819200 2007-02-21] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe [970752 2007-02-21] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2004-09-13] (Hewlett-Packard Company)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Avira Systray] => C:\Programme\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TomcatStartup 2.5] => C:\Programme\Hewlett-Packard\Toolbox\hpbpsttp.exe [245760 2004-11-12] (Hewlett-Packard)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\...\MountPoints2: {0e61a694-2b90-11e3-bab7-00166f6068f3} - E:\SafeStick.exe
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\...\MountPoints2: {176f4154-8394-11e3-bb65-00166f6068f3} - E:\KDMElite.exe
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
ShortcutTarget: HP Image Zone Schnellstart.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Programme\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Dokumente und Einstellungen\Günni\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Programme\WISO\Steuersoftware 2014\mshaktuell.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=a49796d900000000000000166f6068f3
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=a49796d900000000000000166f6068f3" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1482476501-1409082233-682003330-1003 -> DefaultScope {E32160D6-15C3-4F11-9715-5514E6E950B6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a49796d900000000000000166f6068f3&r=62
SearchScopes: HKU\S-1-5-21-1482476501-1409082233-682003330-1003 -> {E32160D6-15C3-4F11-9715-5514E6E950B6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a49796d900000000000000166f6068f3&r=62
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Programme\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Programme\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\user.js
FF SearchPlugin: C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\searchplugins\softonic.xml
FF Extension: Avira Browser Safety - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\abs@avira.com [2015-01-07]
FF Extension: ProxTube - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-22]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff [2013-12-02]
FF HKU\S-1-5-21-1482476501-1409082233-682003330-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-02]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Programme\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
Locked "d89bd8cd32fcaf20" service could not be unlocked. <===== ATTENTION
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
S4 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-07-20] (Oracle Corporation)
S3 McComponentHostService; C:\Programme\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S4 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2014-12-10] (Mozilla Foundation)
S4 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
R2 syshost32; C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe [102912 2014-07-21] () [File not signed]
R2 WLANKEEPER; C:\Programme\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-02-21] (Intel(R) Corporation) [File not signed]
S4 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.) [File not signed]
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2013-07-20] (Meetinghouse Data Communications) [File not signed]
S2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-03-29] (Adaptec, Inc.) [File not signed]
S3 Dot4Scan; C:\WINDOWS\System32\DRIVERS\Dot4Scan.sys [8704 2001-08-17] (Microsoft Corporation)
S3 HPPLSBULK; C:\WINDOWS\System32\drivers\hpplsbulk.sys [9344 2005-02-02] (Hewlett Packard)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2005-01-17] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2004-12-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2004-12-24] (HP)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [273168 2005-03-10] (SigmaTel, Inc.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2209408 2007-02-08] (Intel® Corporation)
U5 d89bd8cd32fcaf20; C:\Windows\System32\Drivers\d89bd8cd32fcaf20.sys [37376 2014-07-21] () <===== ATTENTION Necurs Rootkit?
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-08 08:23 - 2015-01-08 08:24 - 00015598 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\FRST.txt
2015-01-08 08:23 - 2015-01-08 08:24 - 00000000 ____D () C:\FRST
2015-01-08 08:23 - 2015-01-08 08:23 - 01115648 _____ (Farbar) C:\Dokumente und Einstellungen\Günni\Desktop\FRST.exe
2015-01-07 20:16 - 2015-01-07 20:20 - 00269310 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2015-01-07 20:16 - 2015-01-07 20:20 - 00269310 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1482476501-1409082233-682003330-1003-0.dat
2015-01-07 17:43 - 2015-01-07 17:43 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Avira
2015-01-07 17:43 - 2015-01-07 17:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Avira
2015-01-07 17:41 - 2014-11-24 10:23 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-01-07 17:41 - 2014-11-24 10:23 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-01-07 17:41 - 2014-11-24 10:23 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-01-07 17:41 - 2014-11-24 10:23 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-01-07 17:37 - 2015-01-07 17:37 - 00063600 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AviraSpeedup
2015-01-07 17:35 - 2015-01-07 17:42 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
2015-01-07 17:35 - 2015-01-07 17:41 - 00000000 ____D () C:\Programme\Avira
2015-01-07 17:35 - 2015-01-07 17:41 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2015-01-07 17:35 - 2015-01-07 17:35 - 04549888 _____ (Avira Operations & Co. KG) C:\Dokumente und Einstellungen\Günni\Desktop\avira_de_av_5767105339__ws.exe
2015-01-07 17:35 - 2015-01-07 17:35 - 00000834 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Avira.lnk
2015-01-07 17:35 - 2015-01-07 17:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
2014-12-29 19:29 - 2014-12-29 19:29 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
2014-12-29 18:54 - 2014-12-29 18:54 - 00000000 ____D () C:\Programme\McAfee Security Scan
2014-12-29 18:54 - 2014-12-29 18:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee Security Scan Plus
2014-12-26 11:49 - 2014-12-29 18:54 - 00001749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
2014-12-26 11:49 - 2014-12-29 18:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan
2014-12-26 11:49 - 2014-12-26 11:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
2014-12-19 20:00 - 2014-12-19 20:01 - 24743106 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\vlc-2.1.5-win32.exe
2014-12-10 19:26 - 2014-12-10 19:27 - 00000000 ____D () C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-08 08:24 - 2013-07-20 18:11 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp
2015-01-08 08:22 - 2014-04-10 17:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Eigene Dateien\Mein Steuer-Sparbuch Heute
2015-01-08 08:20 - 2004-08-04 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-08 08:18 - 2013-08-05 19:16 - 00000270 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-1409082233-682003330-1003.job
2015-01-08 08:18 - 2013-07-20 18:59 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-01-08 08:18 - 2013-07-20 18:59 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-01-08 08:18 - 2013-07-20 18:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-07 20:20 - 2013-07-20 18:11 - 00000300 ___SH () C:\Dokumente und Einstellungen\Günni\ntuser.ini
2015-01-07 20:20 - 2013-07-20 18:10 - 00032398 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-07 20:20 - 2013-07-20 18:05 - 01514878 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 19:45 - 2014-01-22 19:35 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-01-07 19:24 - 2013-07-20 18:10 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService
2015-01-07 19:17 - 2013-07-20 18:53 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-07 17:56 - 2013-07-20 19:47 - 00000000 ____D () C:\WINDOWS\repair
2015-01-07 17:56 - 2013-07-20 18:55 - 00684152 _____ () C:\WINDOWS\setupapi.log
2015-01-07 17:56 - 2013-07-20 18:03 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-07 17:35 - 2013-07-20 18:56 - 00000000 ___RD () C:\Programme
2015-01-07 17:35 - 2013-07-20 18:56 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-07 17:33 - 2013-07-20 18:56 - 01250612 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-29 19:54 - 2013-08-14 20:23 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Eigene Dateien\Günni
2014-12-29 18:54 - 2013-07-20 18:56 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2014-12-26 11:49 - 2013-07-20 18:53 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-26 11:49 - 2013-07-20 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-26 11:48 - 2013-07-20 18:52 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-12-12 20:10 - 2013-07-20 18:46 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\avgnt.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\hpzmsi01.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\hpzscr01.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\hpzshl01.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\setup_wm.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\stubhelper.dll
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\_Installation Guide.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by Günni at 2015-01-08 08:25:04
Running from C:\Dokumente und Einstellungen\Günni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ATI - Dienstprogramm zur Deinstallation der Software (HKLM\...\All ATI Software) (Version: 6.14.10.1012 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5154 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.131.1.2-050706a-025030C-Dell - )
Avira (HKLM\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 42xx - SigmaTel)
CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.)
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dolphin Futures XPS Viewer version 1.1.0 (HKLM\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.18.1128 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version: - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB932716-v2) (HKLM\...\KB932716-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
HP Color LaserJet 2820/2830/2840 2.0 (HKLM\...\{1030DCDC-2425-407d-BEE1-13558B837FCA}) (Version: 2.0 - HP)
HP Extended Capabilities 4.7 (HKLM\...\HPExtendedCapabilities) (Version: 4.7 - HP)
HP Image Zone 4.7 (HKLM\...\HP Photo & Imaging) (Version: 4.7 - HP)
HP Software Update (HKLM\...\{64FC0C98-B035-4530-B15D-3D30610B6DF1}) (Version: 3.0.2.991 - Hewlett-Packard)
hpp2800usg (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppCLJ2800 (Version: 002.000.00004 - Ihr Firmenname) Hidden
hppDustDevil (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppFaxDrv (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppFonts (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppIOFiles (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppManuals2800 (Version: 002.000.00004 - Ihr Firmenname) Hidden
hppscan2800 (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppScanTo (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppSendFax (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppTooCool (Version: 002.000.00004 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Macromedia FreeHand 9 (HKLM\...\Macromedia FreeHand 9) (Version: 9 - Macromedia)
MarketResearch (Version: 45.4.158.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
mCore (Version: 9.03.0000 - Intel Corporation) Hidden
mDriver (Version: 9.03.0000 - Intel) Hidden
mDrWiFi (Version: 9.03.0000 - Intel Corporation) Hidden
mHlpDell (Version: 9.03.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{91110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIWA (Version: 9.03.0000 - Intel Corporation) Hidden
mLogView (Version: 9.03.0000 - Intel Corporation) Hidden
mMHouse (Version: 9.03.0000 - Intel Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
mPfMgr (Version: 9.03.0000 - Intel Corporation) Hidden
mPfWiz (Version: 9.03.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSCfg (Version: 9.03.0000 - Intel Corporation) Hidden
mSSO (Version: 9.03.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mWMI (Version: 9.03.0000 - Intel Corporation) Hidden
mZConfig (Version: 9.03.0000 - Intel Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Scan (Version: 4.9.0.0 - Hewlett-Packard) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2803821) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB973540) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB975558) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB978695) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2846071) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Softonic toolbar on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-1482476501-1409082233-682003330-1003\...\{3813890B-1DC2-414C-BDED-833ECC575B97}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Restore Points =========================
14-02-2014 21:17:52 Software Distribution Service 3.0
15-02-2014 18:33:41 Software Distribution Service 3.0
16-02-2014 20:13:28 Systemprüfpunkt
23-02-2014 19:39:11 Systemprüfpunkt
27-02-2014 09:21:18 Systemprüfpunkt
28-02-2014 17:13:50 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
28-02-2014 17:14:27 OpenOffice 4.0.1 wird installiert
02-03-2014 12:23:57 Systemprüfpunkt
05-03-2014 15:35:00 Systemprüfpunkt
08-03-2014 18:44:59 Systemprüfpunkt
09-03-2014 17:45:29 Software Distribution Service 3.0
14-03-2014 19:27:05 Software Distribution Service 3.0
16-03-2014 11:19:13 Systemprüfpunkt
18-03-2014 19:35:52 Software Distribution Service 3.0
23-03-2014 19:22:09 Systemprüfpunkt
29-03-2014 13:08:24 Systemprüfpunkt
09-04-2014 17:23:42 Installiert WISO Steuer-Sparbuch 2014
09-04-2014 18:00:10 Software Distribution Service 3.0
12-04-2014 15:40:55 Systemprüfpunkt
21-04-2014 15:42:25 Systemprüfpunkt
23-04-2014 19:04:58 Systemprüfpunkt
03-05-2014 18:25:21 Systemprüfpunkt
03-05-2014 18:40:27 Software Distribution Service 3.0
10-05-2014 18:21:15 Systemprüfpunkt
11-05-2014 19:46:25 Systemprüfpunkt
16-05-2014 19:55:36 Software Distribution Service 3.0
18-05-2014 17:27:44 Systemprüfpunkt
12-06-2014 18:33:04 Software Distribution Service 3.0
14-06-2014 11:07:36 Systemprüfpunkt
15-06-2014 16:33:56 Systemprüfpunkt
05-07-2014 18:07:37 Systemprüfpunkt
10-07-2014 20:48:25 Software Distribution Service 3.0
17-07-2014 11:55:38 Systemprüfpunkt
21-07-2014 15:53:51 Systemprüfpunkt
24-08-2014 09:57:24 Systemprüfpunkt
31-08-2014 16:59:49 Systemprüfpunkt
14-09-2014 11:39:05 Systemprüfpunkt
28-09-2014 15:14:53 Systemprüfpunkt
25-10-2014 13:49:52 Systemprüfpunkt
15-11-2014 17:19:25 Systemprüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 13:00 - 2004-08-04 13:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-1409082233-682003330-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1482476501-1409082233-682003330-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) =============
2007-02-21 10:13 - 2007-02-21 10:13 - 00118784 _____ () C:\Programme\Intel\Wireless\Bin\IWMSPROV.DLL
2014-01-26 16:07 - 2014-01-26 16:07 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f79e5a2c\mscorlib.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9ff81078\system.windows.forms.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_413305d7\system.dll
2014-01-26 16:07 - 2014-01-26 16:07 - 00843776 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_04fb2de0\system.drawing.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_a7f44f6e\system.xml.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00020572 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
2014-01-22 19:57 - 2014-01-22 19:57 - 00802901 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\hotspot\jvm.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00028776 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\hpi.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00053342 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\verify.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00094308 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\java.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00053349 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\zip.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00032864 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\net.dll
2014-01-22 19:58 - 2004-08-20 14:02 - 00102400 _____ () C:\WINDOWS\system32\PMLJNI.dll
2014-01-22 19:58 - 2005-02-03 18:31 - 00032768 _____ () C:\WINDOWS\system32\compJNI.dll
2014-01-22 19:58 - 2003-06-16 22:52 - 00074752 _____ () C:\WINDOWS\system32\jst.dll
2006-10-17 15:13 - 2006-10-17 15:13 - 01167360 _____ () C:\Programme\Intel\Wireless\Bin\acAuth.dll
2014-12-10 19:26 - 2014-12-10 19:26 - 03758192 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ATIPTA => C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\WINDOWS\system32\WLTRAY.exe
MSCONFIG\startupreg: CTFMON.EXE => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: Status Monitor CLJ1500 => C:\Programme\Hewlett-Packard\CLJ1500\\Toolbox\HPPOUMUI.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1482476501-1409082233-682003330-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1482476501-1409082233-682003330-1004 - Limited - Enabled)
Gast (S-1-5-21-1482476501-1409082233-682003330-501 - Limited - Disabled)
Günni (S-1-5-21-1482476501-1409082233-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Günni
Hilfeassistent (S-1-5-21-1482476501-1409082233-682003330-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1482476501-1409082233-682003330-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Modem
Description: PCI-Modem
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
System errors:
=============
Error: (01/08/2015 08:21:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/08/2015 08:20:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/08/2015 08:20:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/08/2015 08:20:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/08/2015 08:20:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/08/2015 08:19:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/08/2015 08:19:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avgntflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (01/07/2015 08:19:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/07/2015 08:19:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/07/2015 08:18:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) M processor 2.13GHz
Percentage of memory in use: 44%
Total physical RAM: 2047.39 MB
Available physical RAM: 1127.63 MB
Total Pagefile: 3940.24 MB
Available Pagefile: 3078.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:29.13 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 23F12D67)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
08.01.2015, 09:27
| #6 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Der XP Rechner ist ja hoffentlich nicht mehr online oder? Dann kannste Passwörter, Logins und Co auch gleich verschenken. XP ist nicht mehr vertrauenswürdig. der Win7 rechner zeigt Auffälligkeiten, aber der XP ist definitiv der Schuldige. XP: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Telekom Abuse Team Sicherheitswarnung: Spam-Mails |
|
08.01.2015, 09:47
| #7 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Leider ist er schon noch 1 - 2 mal online pro Woche. XP TDSSKiller: Code:
ATTFilter 09:47:49.0640 0x0b9c TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
09:47:57.0406 0x0b9c ============================================================
09:47:57.0406 0x0b9c Current date / time: 2015/01/08 09:47:57.0406
09:47:57.0406 0x0b9c SystemInfo:
09:47:57.0406 0x0b9c
09:47:57.0406 0x0b9c OS Version: 5.1.2600 ServicePack: 3.0
09:47:57.0406 0x0b9c Product type: Workstation
09:47:57.0406 0x0b9c ComputerName: G-95B0E170C0764
09:47:57.0406 0x0b9c UserName: Günni
09:47:57.0406 0x0b9c Windows directory: C:\WINDOWS
09:47:57.0406 0x0b9c System windows directory: C:\WINDOWS
09:47:57.0406 0x0b9c Processor architecture: Intel x86
09:47:57.0406 0x0b9c Number of processors: 1
09:47:57.0406 0x0b9c Page size: 0x1000
09:47:57.0406 0x0b9c Boot type: Normal boot
09:47:57.0406 0x0b9c ============================================================
09:47:57.0421 0x0b9c BG loaded
09:47:57.0562 0x0b9c System UUID: {A9A1087A-57D7-5453-0240-935E98DAC18B}
09:47:59.0906 0x0b9c Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000044
09:47:59.0906 0x0b9c ============================================================
09:47:59.0906 0x0b9c \Device\Harddisk0\DR0:
09:47:59.0906 0x0b9c MBR partitions:
09:47:59.0906 0x0b9c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
09:47:59.0906 0x0b9c ============================================================
09:47:59.0953 0x0b9c C: <-> \Device\Harddisk0\DR0\Partition1
09:47:59.0953 0x0b9c ============================================================
09:47:59.0953 0x0b9c Initialize success
09:47:59.0953 0x0b9c ============================================================
09:48:28.0406 0x0480 ============================================================
09:48:28.0406 0x0480 Scan started
09:48:28.0406 0x0480 Mode: Manual; SigCheck; TDLFS;
09:48:28.0406 0x0480 ============================================================
09:48:28.0406 0x0480 KSN ping started
09:48:28.0796 0x0480 KSN ping finished: true
09:48:31.0078 0x0480 ================ Scan system memory ========================
09:48:34.0328 0x0480 System memory - ok
09:48:34.0328 0x0480 ================ Scan services =============================
09:48:34.0515 0x0480 Abiosdsk - ok
09:48:34.0515 0x0480 abp480n5 - ok
09:48:34.0593 0x0480 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:48:35.0015 0x0480 ACPI - ok
09:48:35.0156 0x0480 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:48:35.0296 0x0480 ACPIEC - ok
09:48:35.0390 0x0480 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:48:35.0421 0x0480 AdobeFlashPlayerUpdateSvc - ok
09:48:35.0437 0x0480 adpu160m - ok
09:48:35.0453 0x0480 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:48:35.0562 0x0480 aec - ok
09:48:35.0609 0x0480 [ 375EB0B97E3950ADEF3633C27A82438B, A79AF11EFAFFAB0CBB0A7A21AD53072C44EFA2EB375981201DE1EF03F3564A12 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:48:35.0640 0x0480 AegisP - detected UnsignedFile.Multi.Generic ( 1 )
09:48:35.0765 0x0480 Detect skipped due to KSN trusted
09:48:35.0765 0x0480 AegisP - ok
09:48:35.0828 0x0480 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:48:35.0921 0x0480 AFD - ok
09:48:35.0937 0x0480 Aha154x - ok
09:48:35.0937 0x0480 aic78u2 - ok
09:48:35.0953 0x0480 aic78xx - ok
09:48:35.0984 0x0480 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:48:36.0156 0x0480 Alerter - ok
09:48:36.0203 0x0480 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
09:48:36.0468 0x0480 ALG - ok
09:48:36.0484 0x0480 AliIde - ok
09:48:36.0484 0x0480 amsint - ok
09:48:36.0671 0x0480 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
09:48:37.0187 0x0480 AntiVirSchedulerService - ok
09:48:37.0281 0x0480 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
09:48:37.0312 0x0480 AntiVirService - ok
09:48:37.0359 0x0480 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:48:37.0468 0x0480 AppMgmt - ok
09:48:37.0468 0x0480 asc - ok
09:48:37.0484 0x0480 asc3350p - ok
09:48:37.0484 0x0480 asc3550 - ok
09:48:37.0671 0x0480 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:48:37.0703 0x0480 aspnet_state - ok
09:48:37.0734 0x0480 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:48:37.0906 0x0480 AsyncMac - ok
09:48:37.0953 0x0480 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:48:38.0109 0x0480 atapi - ok
09:48:38.0109 0x0480 Atdisk - ok
09:48:38.0203 0x0480 [ DFEA480EE09BDEB7F51244900170E173, 60B2D97DB6E806176D44A52707E7ED1E36C911B88FF36D0F43C24BD5DDE28CBD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:48:38.0312 0x0480 Ati HotKey Poller - ok
09:48:38.0421 0x0480 [ 2A6C99CFDC23C9C26D0E30B1C99748D4, ADA8FC9C0B308FC6175947AC716AC463B5A575D7F94720359BF7BBB4ED69F47F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:48:38.0609 0x0480 ati2mtag - ok
09:48:38.0671 0x0480 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:48:38.0875 0x0480 Atmarpc - ok
09:48:38.0921 0x0480 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:48:39.0062 0x0480 AudioSrv - ok
09:48:39.0109 0x0480 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:48:39.0625 0x0480 audstub - ok
09:48:39.0734 0x0480 [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:48:40.0218 0x0480 avgntflt - ok
09:48:40.0234 0x0480 [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:48:40.0265 0x0480 avipbb - ok
09:48:40.0343 0x0480 [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe
09:48:40.0375 0x0480 Avira.OE.ServiceHost - ok
09:48:40.0375 0x0480 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:48:40.0390 0x0480 avkmgr - ok
09:48:40.0453 0x0480 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:48:40.0578 0x0480 Beep - ok
09:48:40.0656 0x0480 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
09:48:40.0875 0x0480 BITS - ok
09:48:40.0921 0x0480 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
09:48:41.0031 0x0480 Browser - ok
09:48:41.0062 0x0480 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:48:41.0218 0x0480 cbidf2k - ok
09:48:41.0234 0x0480 cd20xrnt - ok
09:48:41.0234 0x0480 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:48:41.0421 0x0480 Cdaudio - ok
09:48:41.0484 0x0480 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:48:41.0687 0x0480 Cdfs - ok
09:48:41.0750 0x0480 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:48:41.0828 0x0480 Cdrom - ok
09:48:41.0859 0x0480 [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
09:48:41.0859 0x0480 cercsr6 - detected UnsignedFile.Multi.Generic ( 1 )
09:48:43.0328 0x0480 Detect skipped due to KSN trusted
09:48:43.0328 0x0480 cercsr6 - ok
09:48:43.0328 0x0480 Changer - ok
09:48:43.0390 0x0480 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:48:43.0656 0x0480 CiSvc - ok
09:48:43.0687 0x0480 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:48:43.0812 0x0480 ClipSrv - ok
09:48:43.0890 0x0480 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:48:43.0906 0x0480 clr_optimization_v2.0.50727_32 - ok
09:48:43.0968 0x0480 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:48:44.0046 0x0480 clr_optimization_v4.0.30319_32 - ok
09:48:44.0093 0x0480 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:48:44.0234 0x0480 CmBatt - ok
09:48:44.0234 0x0480 CmdIde - ok
09:48:44.0265 0x0480 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:48:44.0453 0x0480 Compbatt - ok
09:48:44.0453 0x0480 COMSysApp - ok
09:48:44.0468 0x0480 Cpqarray - ok
09:48:44.0531 0x0480 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:48:44.0687 0x0480 CryptSvc - ok
09:48:44.0703 0x0480 Suspicious service (NoAccess): d89bd8cd32fcaf20
09:48:44.0750 0x0480 [ FE5D63B48D52F62F0FCC38B8F3EE86CD, EC426B6486A45EEA68C04AEED23C810CB7A15ED6C5A6CD08E047A1CFA91F159D ] d89bd8cd32fcaf20 C:\WINDOWS\System32\Drivers\d89bd8cd32fcaf20.sys
09:48:44.0750 0x0480 Suspicious file ( NoAccess ): C:\WINDOWS\System32\Drivers\d89bd8cd32fcaf20.sys. md5: FE5D63B48D52F62F0FCC38B8F3EE86CD, sha256: EC426B6486A45EEA68C04AEED23C810CB7A15ED6C5A6CD08E047A1CFA91F159D
09:48:44.0765 0x0480 d89bd8cd32fcaf20 - detected Rootkit.Win32.Necurs.gen ( 0 )
09:48:45.0062 0x0480 d89bd8cd32fcaf20 ( Rootkit.Win32.Necurs.gen ) - infected
09:48:45.0062 0x0480 Force sending object to P2P due to detect: d89bd8cd32fcaf20
09:48:45.0828 0x0480 Object send P2P result: true
09:48:56.0453 0x0480 dac2w2k - ok
09:48:56.0453 0x0480 dac960nt - ok
09:48:56.0562 0x0480 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:48:56.0750 0x0480 DcomLaunch - ok
09:48:56.0828 0x0480 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:48:57.0078 0x0480 Dhcp - ok
09:48:57.0093 0x0480 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:48:57.0234 0x0480 Disk - ok
09:48:57.0234 0x0480 dmadmin - ok
09:48:57.0343 0x0480 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:48:57.0500 0x0480 dmboot - ok
09:48:57.0546 0x0480 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:48:58.0421 0x0480 dmio - ok
09:48:58.0546 0x0480 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:48:59.0218 0x0480 dmload - ok
09:48:59.0250 0x0480 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:48:59.0375 0x0480 dmserver - ok
09:48:59.0406 0x0480 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:48:59.0546 0x0480 DMusic - ok
09:48:59.0593 0x0480 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:48:59.0687 0x0480 Dnscache - ok
09:48:59.0781 0x0480 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:49:00.0000 0x0480 Dot3svc - ok
09:49:00.0078 0x0480 [ BD05306428DA63369692477DDC0F6F5F, DE2FC729A64695AF604D2DC64DF2A0C89598EB81E6D9953732B23E509116C398 ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
09:49:00.0484 0x0480 Dot4Scan - ok
09:49:00.0484 0x0480 dpti2o - ok
09:49:00.0531 0x0480 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:49:00.0750 0x0480 drmkaud - ok
09:49:00.0828 0x0480 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:49:01.0046 0x0480 EapHost - ok
09:49:01.0109 0x0480 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:49:01.0234 0x0480 ERSvc - ok
09:49:01.0281 0x0480 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
09:49:01.0328 0x0480 Eventlog - ok
09:49:01.0390 0x0480 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
09:49:01.0468 0x0480 EventSystem - ok
09:49:01.0625 0x0480 [ 4C6FA3FD55087B7C35707068723A1710, C9595A1962AD98A68FF31428543E86494FE76A4CB11040DBCF46C203DB60FA45 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
09:49:01.0734 0x0480 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
09:49:01.0921 0x0480 Detect skipped due to KSN trusted
09:49:01.0921 0x0480 EvtEng - ok
09:49:01.0968 0x0480 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:49:02.0250 0x0480 Fastfat - ok
09:49:02.0328 0x0480 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:49:02.0375 0x0480 FastUserSwitchingCompatibility - ok
09:49:02.0421 0x0480 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:49:02.0515 0x0480 Fdc - ok
09:49:02.0546 0x0480 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:49:02.0687 0x0480 Fips - ok
09:49:02.0703 0x0480 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:49:02.0812 0x0480 Flpydisk - ok
09:49:02.0859 0x0480 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:49:03.0000 0x0480 FltMgr - ok
09:49:03.0125 0x0480 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:49:03.0140 0x0480 FontCache3.0.0.0 - ok
09:49:03.0140 0x0480 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:49:03.0281 0x0480 Fs_Rec - ok
09:49:03.0281 0x0480 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:49:03.0484 0x0480 Ftdisk - ok
09:49:03.0546 0x0480 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:49:03.0687 0x0480 Gpc - ok
09:49:03.0812 0x0480 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:49:03.0937 0x0480 helpsvc - ok
09:49:03.0984 0x0480 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:49:04.0125 0x0480 HidServ - ok
09:49:04.0156 0x0480 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:49:04.0312 0x0480 hidusb - ok
09:49:04.0343 0x0480 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:49:04.0500 0x0480 hkmsvc - ok
09:49:04.0500 0x0480 hpn - ok
09:49:04.0546 0x0480 [ 32FE92018E28DF54BF94D41FC7FF92AC, 13112E1773B58C89D65DAB6A9C593C698612A4C265038AE7CCDE01730F4AAD7C ] HPPLSBULK C:\WINDOWS\system32\drivers\hpplsbulk.sys
09:49:04.0609 0x0480 HPPLSBULK - ok
09:49:04.0625 0x0480 [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:49:05.0046 0x0480 HPZid412 - ok
09:49:05.0062 0x0480 [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:49:05.0093 0x0480 HPZipr12 - ok
09:49:05.0093 0x0480 [ 7AC43C38CA8FD7ED0B0A4466F753E06E, B4D44B366170D247E0145B9435CC678BEE2A2A42CFF7B485E077B3B582557B5A ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:49:05.0140 0x0480 HPZius12 - ok
09:49:05.0203 0x0480 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:49:05.0265 0x0480 HTTP - ok
09:49:05.0312 0x0480 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:49:05.0421 0x0480 HTTPFilter - ok
09:49:05.0421 0x0480 i2omgmt - ok
09:49:05.0421 0x0480 i2omp - ok
09:49:05.0437 0x0480 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:49:05.0578 0x0480 i8042prt - ok
09:49:05.0718 0x0480 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:49:06.0343 0x0480 idsvc - ok
09:49:06.0359 0x0480 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:49:06.0515 0x0480 Imapi - ok
09:49:06.0578 0x0480 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:49:06.0968 0x0480 ImapiService - ok
09:49:06.0984 0x0480 ini910u - ok
09:49:07.0046 0x0480 [ 69C4E3C9E67A1F103B94E14FDD5F3213, 894ABDDBF95E3FFE59A4621AF94AFA7E6F6D780420845078622C76624C0326D2 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:49:07.0171 0x0480 IntelIde - ok
09:49:07.0203 0x0480 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:49:07.0343 0x0480 intelppm - ok
09:49:07.0359 0x0480 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:49:07.0453 0x0480 Ip6Fw - ok
09:49:07.0500 0x0480 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:49:07.0640 0x0480 IpFilterDriver - ok
09:49:07.0656 0x0480 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:49:07.0781 0x0480 IpInIp - ok
09:49:07.0828 0x0480 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:49:07.0968 0x0480 IpNat - ok
09:49:08.0000 0x0480 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:49:08.0140 0x0480 IPSec - ok
09:49:08.0171 0x0480 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:49:08.0296 0x0480 IRENUM - ok
09:49:08.0296 0x0480 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:49:08.0406 0x0480 isapnp - ok
09:49:08.0546 0x0480 [ 4F4D4AA1E0849FECC0CF5AACD59030B5, F90F33F59926A8F3599B2711C3F4D8F638068D3BE83B390CECD81F9F71DA0DE2 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
09:49:08.0578 0x0480 JavaQuickStarterService - ok
09:49:08.0609 0x0480 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:49:08.0750 0x0480 Kbdclass - ok
09:49:08.0781 0x0480 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:49:08.0937 0x0480 kbdhid - ok
09:49:08.0968 0x0480 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:49:09.0546 0x0480 kmixer - ok
09:49:09.0609 0x0480 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:49:09.0718 0x0480 KSecDD - ok
09:49:09.0781 0x0480 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:49:09.0843 0x0480 lanmanserver - ok
09:49:09.0890 0x0480 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:49:09.0953 0x0480 lanmanworkstation - ok
09:49:09.0968 0x0480 lbrtfdc - ok
09:49:10.0015 0x0480 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:49:10.0265 0x0480 LmHosts - ok
09:49:10.0390 0x0480 [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Programme\McAfee Security Scan\3.8.150\McCHSvc.exe
09:49:10.0453 0x0480 McComponentHostService - ok
09:49:10.0468 0x0480 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:49:10.0578 0x0480 Messenger - ok
09:49:10.0640 0x0480 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:49:10.0765 0x0480 mnmdd - ok
09:49:10.0812 0x0480 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:49:11.0406 0x0480 mnmsrvc - ok
09:49:11.0484 0x0480 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:49:11.0593 0x0480 Modem - ok
09:49:11.0609 0x0480 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:49:11.0765 0x0480 Mouclass - ok
09:49:11.0812 0x0480 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:49:12.0328 0x0480 mouhid - ok
09:49:12.0359 0x0480 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:49:12.0468 0x0480 MountMgr - ok
09:49:12.0515 0x0480 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
09:49:12.0546 0x0480 MozillaMaintenance - ok
09:49:12.0562 0x0480 mraid35x - ok
09:49:12.0562 0x0480 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:49:12.0718 0x0480 MRxDAV - ok
09:49:12.0781 0x0480 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:49:12.0937 0x0480 MRxSmb - ok
09:49:12.0984 0x0480 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:49:13.0515 0x0480 MSDTC - ok
09:49:13.0515 0x0480 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:49:13.0656 0x0480 Msfs - ok
09:49:13.0656 0x0480 MSIServer - ok
09:49:13.0671 0x0480 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:49:14.0187 0x0480 MSKSSRV - ok
09:49:14.0218 0x0480 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:49:14.0312 0x0480 MSPCLOCK - ok
09:49:14.0328 0x0480 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:49:14.0437 0x0480 MSPQM - ok
09:49:14.0468 0x0480 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:49:14.0562 0x0480 mssmbios - ok
09:49:14.0640 0x0480 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:49:14.0687 0x0480 Mup - ok
09:49:14.0796 0x0480 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:49:14.0921 0x0480 napagent - ok
09:49:14.0968 0x0480 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:49:15.0109 0x0480 NDIS - ok
09:49:15.0171 0x0480 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:49:15.0234 0x0480 NdisTapi - ok
09:49:15.0281 0x0480 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:49:15.0453 0x0480 Ndisuio - ok
09:49:15.0453 0x0480 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:49:15.0625 0x0480 NdisWan - ok
09:49:15.0687 0x0480 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:49:15.0828 0x0480 NDProxy - ok
09:49:15.0875 0x0480 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:49:16.0093 0x0480 NetBIOS - ok
09:49:16.0140 0x0480 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:49:16.0375 0x0480 NetBT - ok
09:49:16.0437 0x0480 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
09:49:16.0656 0x0480 NetDDE - ok
09:49:16.0671 0x0480 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:49:16.0781 0x0480 NetDDEdsdm - ok
09:49:16.0828 0x0480 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:49:16.0953 0x0480 Netlogon - ok
09:49:16.0984 0x0480 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
09:49:17.0109 0x0480 Netman - ok
09:49:17.0156 0x0480 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:49:17.0250 0x0480 NetTcpPortSharing - ok
09:49:17.0296 0x0480 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
09:49:17.0375 0x0480 Nla - ok
09:49:17.0421 0x0480 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:49:17.0656 0x0480 Npfs - ok
09:49:17.0718 0x0480 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:49:17.0937 0x0480 Ntfs - ok
09:49:17.0953 0x0480 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:49:18.0062 0x0480 NtLmSsp - ok
09:49:18.0171 0x0480 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:49:18.0343 0x0480 NtmsSvc - ok
09:49:18.0375 0x0480 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:49:18.0468 0x0480 Null - ok
09:49:18.0515 0x0480 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:49:18.0625 0x0480 NwlnkFlt - ok
09:49:18.0625 0x0480 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:49:18.0750 0x0480 NwlnkFwd - ok
09:49:18.0843 0x0480 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
09:49:18.0859 0x0480 ose - ok
09:49:18.0875 0x0480 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:49:19.0015 0x0480 Parport - ok
09:49:19.0015 0x0480 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:49:19.0140 0x0480 PartMgr - ok
09:49:19.0171 0x0480 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:49:19.0312 0x0480 ParVdm - ok
09:49:19.0343 0x0480 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:49:19.0562 0x0480 PCI - ok
09:49:19.0562 0x0480 PCIDump - ok
09:49:19.0828 0x0480 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:49:21.0093 0x0480 PCIIde - ok
09:49:21.0140 0x0480 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:49:21.0296 0x0480 Pcmcia - ok
09:49:21.0328 0x0480 PDCOMP - ok
09:49:21.0328 0x0480 PDFRAME - ok
09:49:21.0343 0x0480 PDRELI - ok
09:49:21.0343 0x0480 PDRFRAME - ok
09:49:21.0359 0x0480 perc2 - ok
09:49:21.0359 0x0480 perc2hib - ok
09:49:21.0390 0x0480 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
09:49:21.0421 0x0480 PlugPlay - ok
09:49:21.0468 0x0480 [ B489E534D30F95C6240C7FB6C9BF9EC5, 6AD448CA6933546A49E8560D399F75EEA1D1EDA6476ECDCA918C061466287279 ] Pml Driver HPZ12 C:\WINDOWS\system32\hpzipm12.exe
09:49:21.0531 0x0480 Pml Driver HPZ12 - ok
09:49:21.0546 0x0480 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:49:21.0656 0x0480 PolicyAgent - ok
09:49:21.0687 0x0480 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:49:21.0859 0x0480 PptpMiniport - ok
09:49:21.0859 0x0480 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:49:21.0984 0x0480 ProtectedStorage - ok
09:49:22.0000 0x0480 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:49:22.0359 0x0480 PSched - ok
09:49:22.0484 0x0480 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:49:22.0578 0x0480 Ptilink - ok
09:49:22.0609 0x0480 ql1080 - ok
09:49:22.0609 0x0480 Ql10wnt - ok
09:49:22.0625 0x0480 ql12160 - ok
09:49:22.0640 0x0480 ql1240 - ok
09:49:22.0640 0x0480 ql1280 - ok
09:49:22.0703 0x0480 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:49:22.0828 0x0480 RasAcd - ok
09:49:22.0875 0x0480 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:49:23.0000 0x0480 RasAuto - ok
09:49:23.0000 0x0480 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:49:23.0125 0x0480 Rasl2tp - ok
09:49:23.0296 0x0480 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:49:23.0609 0x0480 RasMan - ok
09:49:23.0671 0x0480 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:49:23.0843 0x0480 RasPppoe - ok
09:49:23.0843 0x0480 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:49:24.0593 0x0480 Raspti - ok
09:49:24.0656 0x0480 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:49:25.0421 0x0480 Rdbss - ok
09:49:25.0484 0x0480 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:49:25.0656 0x0480 RDPCDD - ok
09:49:25.0718 0x0480 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:49:26.0265 0x0480 rdpdr - ok
09:49:26.0312 0x0480 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:49:26.0390 0x0480 RDPWD - ok
09:49:26.0453 0x0480 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:49:27.0015 0x0480 RDSessMgr - ok
09:49:27.0046 0x0480 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:49:27.0171 0x0480 redbook - ok
09:49:27.0218 0x0480 [ 8AC155995F5D10FC0D3AD949A1A68075, AF66B760897F2CF6352D726752BF02A64F99EF843906EF2E4C1A63731F6A938E ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
09:49:27.0296 0x0480 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
09:49:27.0453 0x0480 Detect skipped due to KSN trusted
09:49:27.0453 0x0480 RegSrvc - ok
09:49:27.0515 0x0480 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:49:28.0734 0x0480 RemoteAccess - ok
09:49:28.0796 0x0480 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:49:28.0937 0x0480 RemoteRegistry - ok
09:49:28.0968 0x0480 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:49:29.0109 0x0480 RpcLocator - ok
09:49:29.0171 0x0480 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:49:29.0234 0x0480 RpcSs - ok
09:49:29.0296 0x0480 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:49:29.0500 0x0480 RSVP - ok
09:49:29.0765 0x0480 [ 131D50F081D2E29EBD1365B21F6B9736, 402A92A5606C207E38D9AD378C39FC630B177C05D93F1648ADF3329F84DA2908 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
09:49:30.0515 0x0480 S24EventMonitor - detected UnsignedFile.Multi.Generic ( 1 )
09:49:31.0750 0x0480 Detect skipped due to KSN trusted
09:49:31.0750 0x0480 S24EventMonitor - ok
09:49:31.0828 0x0480 [ E2C6ABCBEFB1D44F6AAEB1CD5D6062D4, 4A9EA5F875F2FF5C5EB551EDAFD5153F024576F40983D8450D3184583A3F2B2F ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
09:49:31.0875 0x0480 s24trans - detected UnsignedFile.Multi.Generic ( 1 )
09:49:35.0640 0x0480 Detect skipped due to KSN trusted
09:49:35.0640 0x0480 s24trans - ok
09:49:35.0750 0x0480 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
09:49:35.0968 0x0480 SamSs - ok
09:49:36.0000 0x0480 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:49:36.0125 0x0480 SCardSvr - ok
09:49:36.0187 0x0480 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:49:36.0312 0x0480 Schedule - ok
09:49:36.0359 0x0480 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:49:36.0484 0x0480 Secdrv - ok
09:49:36.0515 0x0480 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
09:49:36.0671 0x0480 seclogon - ok
09:49:36.0703 0x0480 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
09:49:36.0828 0x0480 SENS - ok
09:49:36.0875 0x0480 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:49:37.0000 0x0480 serenum - ok
09:49:37.0015 0x0480 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:49:37.0171 0x0480 Serial - ok
09:49:37.0281 0x0480 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:49:37.0453 0x0480 Sfloppy - ok
09:49:37.0500 0x0480 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:49:37.0718 0x0480 SharedAccess - ok
09:49:37.0781 0x0480 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:49:37.0828 0x0480 ShellHWDetection - ok
09:49:37.0843 0x0480 Simbad - ok
09:49:37.0906 0x0480 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
09:49:38.0062 0x0480 SONYPVU1 - ok
09:49:38.0062 0x0480 Sparrow - ok
09:49:38.0093 0x0480 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:49:38.0265 0x0480 splitter - ok
09:49:38.0343 0x0480 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:49:38.0390 0x0480 Spooler - ok
09:49:38.0437 0x0480 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:49:38.0640 0x0480 sr - ok
09:49:38.0843 0x0480 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
09:49:39.0109 0x0480 srservice - ok
09:49:39.0187 0x0480 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:49:39.0375 0x0480 Srv - ok
09:49:39.0484 0x0480 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:49:39.0640 0x0480 SSDPSRV - ok
09:49:39.0687 0x0480 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
09:49:39.0703 0x0480 ssmdrv - ok
09:49:39.0796 0x0480 [ 305CC42945A713347F978D78566113F3, 92D95E1DCCAA5E31AADB061EB7B531337975974961211BFB7C542FB799348034 ] STAC97 C:\WINDOWS\system32\drivers\STAC97.sys
09:49:39.0843 0x0480 STAC97 - ok
09:49:39.0921 0x0480 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:49:40.0125 0x0480 stisvc - ok
09:49:40.0156 0x0480 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:49:40.0359 0x0480 swenum - ok
09:49:40.0421 0x0480 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:49:41.0156 0x0480 swmidi - ok
09:49:41.0234 0x0480 SwPrv - ok
09:49:42.0000 0x0480 symc810 - ok
09:49:42.0062 0x0480 symc8xx - ok
09:49:42.0093 0x0480 sym_hi - ok
09:49:42.0109 0x0480 sym_u3 - ok
09:49:42.0156 0x0480 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:49:42.0296 0x0480 sysaudio - ok
09:49:42.0406 0x0480 [ 5E855A5ADED6A4642B1F754F3A17F74C, 23AF825E4AE3396F5F396305602A883579FE06DE7B3A5FBDED0952921EC9728C ] syshost32 C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe
09:49:42.0406 0x0480 Suspicious file ( NoAccess ): C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe. md5: 5E855A5ADED6A4642B1F754F3A17F74C, sha256: 23AF825E4AE3396F5F396305602A883579FE06DE7B3A5FBDED0952921EC9728C
09:49:42.0406 0x0480 syshost32 - detected LockedFile.Multi.Generic ( 1 )
09:49:42.0562 0x0480 Detect turned to UDS exact due to KSN untrusted
09:49:42.0562 0x0480 syshost32 ( UDS:DangerousObject.Multi.Generic ) - infected
09:49:42.0562 0x0480 Force sending object to P2P due to detect: syshost32
09:49:43.0312 0x0480 Object send P2P result: true
09:49:43.0796 0x0480 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:49:44.0625 0x0480 SysmonLog - ok
09:49:44.0671 0x0480 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:49:44.0875 0x0480 TapiSrv - ok
09:49:45.0140 0x0480 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:49:45.0250 0x0480 Tcpip - ok
09:49:45.0296 0x0480 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:49:45.0687 0x0480 TDPIPE - ok
09:49:45.0750 0x0480 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:49:46.0875 0x0480 TDTCP - ok
09:49:46.0921 0x0480 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:49:47.0484 0x0480 TermDD - ok
09:49:47.0562 0x0480 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
09:49:47.0781 0x0480 TermService - ok
09:49:47.0828 0x0480 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
09:49:47.0906 0x0480 Themes - ok
09:49:47.0968 0x0480 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:49:48.0140 0x0480 TlntSvr - ok
09:49:48.0140 0x0480 TosIde - ok
09:49:48.0203 0x0480 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:49:48.0625 0x0480 TrkWks - ok
09:49:48.0703 0x0480 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:49:48.0828 0x0480 Udfs - ok
09:49:48.0828 0x0480 ultra - ok
09:49:48.0921 0x0480 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:49:49.0109 0x0480 Update - ok
09:49:49.0203 0x0480 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:49:49.0531 0x0480 upnphost - ok
09:49:49.0546 0x0480 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
09:49:49.0796 0x0480 UPS - ok
09:49:49.0859 0x0480 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:49:49.0984 0x0480 usbccgp - ok
09:49:50.0031 0x0480 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:49:50.0046 0x0480 usbehci - ok
09:49:50.0125 0x0480 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:49:50.0609 0x0480 usbhub - ok
09:49:50.0656 0x0480 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:49:50.0843 0x0480 usbprint - ok
09:49:50.0875 0x0480 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:49:51.0453 0x0480 USBSTOR - ok
09:49:51.0750 0x0480 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:49:51.0906 0x0480 usbuhci - ok
09:49:51.0953 0x0480 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:49:52.0078 0x0480 VgaSave - ok
09:49:52.0093 0x0480 ViaIde - ok
09:49:52.0140 0x0480 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:49:52.0296 0x0480 VolSnap - ok
09:49:52.0421 0x0480 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
09:49:52.0609 0x0480 VSS - ok
09:49:52.0906 0x0480 [ D6006DE6A6ED423D8016A03BC50CBE6B, DB146F82185274433A474AEFF84EAE517200B9A63F0963348E96BFE8D5454E54 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
09:49:53.0265 0x0480 w29n51 - ok
09:49:53.0312 0x0480 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
09:49:53.0578 0x0480 W32Time - ok
09:49:53.0609 0x0480 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:49:53.0718 0x0480 Wanarp - ok
09:49:53.0718 0x0480 WDICA - ok
09:49:53.0734 0x0480 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:49:53.0890 0x0480 wdmaud - ok
09:49:53.0921 0x0480 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
09:49:54.0031 0x0480 WebClient - ok
09:49:54.0234 0x0480 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:49:54.0421 0x0480 winmgmt - ok
09:49:54.0500 0x0480 [ 8880769B9F88918E27F8E7332AA1AA01, 5620C9EE1C3E570B289A3C9DF731CD7EA680426FF8673E76DBCDC60C0B915477 ] WLANKEEPER C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
09:49:54.0578 0x0480 WLANKEEPER - detected UnsignedFile.Multi.Generic ( 1 )
09:49:54.0765 0x0480 Detect skipped due to KSN trusted
09:49:54.0781 0x0480 WLANKEEPER - ok
09:49:54.0781 0x0480 wltrysvc - ok
09:49:54.0843 0x0480 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:49:54.0937 0x0480 WmdmPmSN - ok
09:49:55.0046 0x0480 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:49:55.0250 0x0480 Wmi - ok
09:49:55.0296 0x0480 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:49:55.0640 0x0480 WmiApSrv - ok
09:49:55.0781 0x0480 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
09:49:55.0921 0x0480 WMPNetworkSvc - ok
09:49:55.0953 0x0480 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:49:55.0984 0x0480 WpdUsb - ok
09:49:56.0109 0x0480 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:49:56.0156 0x0480 WPFFontCache_v0400 - ok
09:49:56.0234 0x0480 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:49:56.0468 0x0480 wscsvc - ok
09:49:56.0515 0x0480 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:49:56.0718 0x0480 wuauserv - ok
09:49:56.0796 0x0480 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:49:56.0859 0x0480 WudfPf - ok
09:49:56.0875 0x0480 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:49:56.0921 0x0480 WudfRd - ok
09:49:56.0968 0x0480 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:49:57.0031 0x0480 WudfSvc - ok
09:49:57.0109 0x0480 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:49:57.0468 0x0480 WZCSVC - ok
09:49:57.0562 0x0480 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:49:57.0687 0x0480 xmlprov - ok
09:49:57.0703 0x0480 ================ Scan global ===============================
09:49:57.0750 0x0480 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
09:49:58.0703 0x0480 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
09:49:58.0734 0x0480 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
09:49:58.0828 0x0480 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
09:49:58.0843 0x0480 [ Global ] - ok
09:49:58.0843 0x0480 ================ Scan MBR ==================================
09:49:58.0875 0x0480 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
09:49:59.0296 0x0480 \Device\Harddisk0\DR0 - ok
09:49:59.0296 0x0480 ================ Scan VBR ==================================
09:49:59.0296 0x0480 [ 76C1AB3223AF418A267C2A5506BEB975 ] \Device\Harddisk0\DR0\Partition1
09:49:59.0296 0x0480 \Device\Harddisk0\DR0\Partition1 - ok
09:49:59.0296 0x0480 ================ Scan generic autorun ======================
09:49:59.0406 0x0480 [ 0E81905F53B1A2A41558519CDCDC9C61, 50C48BE7FC37FE15D721659A0EA74C968B42E053F50CB52E4A7D873351EB59DE ] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
09:49:59.0500 0x0480 IntelZeroConfig - detected UnsignedFile.Multi.Generic ( 1 )
09:49:59.0687 0x0480 Detect skipped due to KSN trusted
09:49:59.0687 0x0480 IntelZeroConfig - ok
09:50:00.0718 0x0480 [ F8A99D6F2C65C83D9E419164D427F1C6, 42C5249AC6DBB1D60DEE04942A522F5EE9D25B4AD62C28741A33D5A1F870A889 ] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
09:50:01.0468 0x0480 IntelWireless - detected UnsignedFile.Multi.Generic ( 1 )
09:50:01.0625 0x0480 Detect skipped due to KSN trusted
09:50:01.0625 0x0480 IntelWireless - ok
09:50:01.0859 0x0480 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
09:50:04.0656 0x0480 Adobe ARM - ok
09:50:04.0875 0x0480 [ E558CDE2913DAA077D4E25732D1AA176, 9A889C1E1EFC85BEEEF184E31888CAA0BC34365C7594543E8798531B4BB9EFB6 ] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
09:50:05.0156 0x0480 HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
09:50:05.0500 0x0480 Detect skipped due to KSN trusted
09:50:05.0500 0x0480 HP Software Update - ok
09:50:05.0562 0x0480 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
09:50:05.0718 0x0480 CTFMON.EXE - ok
09:50:05.0718 0x0480 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
09:50:05.0875 0x0480 CTFMON.EXE - ok
09:50:05.0890 0x0480 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
09:50:06.0062 0x0480 ctfmon.exe - ok
09:50:06.0062 0x0480 Waiting for KSN requests completion. In queue: 4
09:50:07.0125 0x0480 AV detected via SS1: Avira Desktop, 14.0.7.462, disabled, updated
09:50:07.0140 0x0480 Win FW state via NFM: disabled
09:50:07.0343 0x0480 ============================================================
09:50:07.0343 0x0480 Scan finished
09:50:07.0343 0x0480 ============================================================
09:50:07.0375 0x04ec Detected object count: 2
09:50:07.0375 0x04ec Actual detected object count: 2
09:50:29.0796 0x04ec d89bd8cd32fcaf20 ( Rootkit.Win32.Necurs.gen ) - skipped by user
09:50:29.0796 0x04ec d89bd8cd32fcaf20 ( Rootkit.Win32.Necurs.gen ) - User select action: Skip
09:50:29.0796 0x04ec syshost32 ( UDS:DangerousObject.Multi.Generic ) - skipped by user
09:50:29.0796 0x04ec syshost32 ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
|
|
08.01.2015, 11:29
| #8 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Bei allen Funden: Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.01.2015, 14:42
| #9 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-MailsCode:
ATTFilter 14:34:22.0484 0x0f54 ============================================================
14:34:22.0484 0x0f54 Scan started
14:34:22.0484 0x0f54 Mode: Manual; SigCheck; TDLFS;
14:34:22.0484 0x0f54 ============================================================
14:34:22.0484 0x0f54 KSN ping started
14:34:22.0750 0x0f54 KSN ping finished: true
14:34:25.0515 0x0f54 ================ Scan system memory ========================
14:34:26.0546 0x0f54 System memory - ok
14:34:26.0546 0x0f54 ================ Scan services =============================
14:34:26.0750 0x0f54 Abiosdsk - ok
14:34:26.0750 0x0f54 abp480n5 - ok
14:34:26.0812 0x0f54 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:34:27.0421 0x0f54 ACPI - ok
14:34:27.0703 0x0f54 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:34:27.0828 0x0f54 ACPIEC - ok
14:34:27.0921 0x0f54 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:34:27.0953 0x0f54 AdobeFlashPlayerUpdateSvc - ok
14:34:27.0953 0x0f54 adpu160m - ok
14:34:27.0984 0x0f54 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:34:28.0171 0x0f54 aec - ok
14:34:28.0265 0x0f54 [ 375EB0B97E3950ADEF3633C27A82438B, A79AF11EFAFFAB0CBB0A7A21AD53072C44EFA2EB375981201DE1EF03F3564A12 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
14:34:28.0281 0x0f54 AegisP - detected UnsignedFile.Multi.Generic ( 1 )
14:34:28.0281 0x0f54 Detect skipped due to KSN trusted
14:34:28.0281 0x0f54 AegisP - ok
14:34:28.0343 0x0f54 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:34:28.0406 0x0f54 AFD - ok
14:34:28.0406 0x0f54 Aha154x - ok
14:34:28.0421 0x0f54 aic78u2 - ok
14:34:28.0421 0x0f54 aic78xx - ok
14:34:28.0468 0x0f54 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:34:28.0671 0x0f54 Alerter - ok
14:34:28.0718 0x0f54 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
14:34:28.0937 0x0f54 ALG - ok
14:34:28.0937 0x0f54 AliIde - ok
14:34:28.0937 0x0f54 amsint - ok
14:34:29.0109 0x0f54 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
14:34:29.0140 0x0f54 AntiVirSchedulerService - ok
14:34:29.0203 0x0f54 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:34:29.0234 0x0f54 AntiVirService - ok
14:34:29.0281 0x0f54 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:34:29.0390 0x0f54 AppMgmt - ok
14:34:29.0390 0x0f54 asc - ok
14:34:29.0390 0x0f54 asc3350p - ok
14:34:29.0406 0x0f54 asc3550 - ok
14:34:29.0562 0x0f54 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:34:29.0593 0x0f54 aspnet_state - ok
14:34:29.0656 0x0f54 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:34:29.0843 0x0f54 AsyncMac - ok
14:34:29.0890 0x0f54 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:34:30.0093 0x0f54 atapi - ok
14:34:30.0109 0x0f54 Atdisk - ok
14:34:30.0218 0x0f54 [ DFEA480EE09BDEB7F51244900170E173, 60B2D97DB6E806176D44A52707E7ED1E36C911B88FF36D0F43C24BD5DDE28CBD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:34:30.0312 0x0f54 Ati HotKey Poller - ok
14:34:30.0437 0x0f54 [ 2A6C99CFDC23C9C26D0E30B1C99748D4, ADA8FC9C0B308FC6175947AC716AC463B5A575D7F94720359BF7BBB4ED69F47F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:34:30.0578 0x0f54 ati2mtag - ok
14:34:30.0625 0x0f54 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:34:30.0843 0x0f54 Atmarpc - ok
14:34:30.0890 0x0f54 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:34:31.0015 0x0f54 AudioSrv - ok
14:34:31.0062 0x0f54 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:34:31.0171 0x0f54 audstub - ok
14:34:31.0234 0x0f54 [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:34:31.0250 0x0f54 avgntflt - ok
14:34:31.0312 0x0f54 [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:34:31.0328 0x0f54 avipbb - ok
14:34:31.0406 0x0f54 [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe
14:34:31.0437 0x0f54 Avira.OE.ServiceHost - ok
14:34:31.0500 0x0f54 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:34:31.0515 0x0f54 avkmgr - ok
14:34:31.0609 0x0f54 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:34:32.0171 0x0f54 Beep - ok
14:34:32.0234 0x0f54 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
14:34:32.0453 0x0f54 BITS - ok
14:34:32.0515 0x0f54 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
14:34:32.0578 0x0f54 Browser - ok
14:34:32.0625 0x0f54 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:34:32.0875 0x0f54 cbidf2k - ok
14:34:32.0875 0x0f54 cd20xrnt - ok
14:34:32.0890 0x0f54 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:34:33.0015 0x0f54 Cdaudio - ok
14:34:33.0046 0x0f54 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:34:33.0171 0x0f54 Cdfs - ok
14:34:33.0234 0x0f54 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:34:33.0281 0x0f54 Cdrom - ok
14:34:33.0296 0x0f54 [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
14:34:33.0312 0x0f54 cercsr6 - detected UnsignedFile.Multi.Generic ( 1 )
14:34:33.0312 0x0f54 Detect skipped due to KSN trusted
14:34:33.0312 0x0f54 cercsr6 - ok
14:34:33.0328 0x0f54 Changer - ok
14:34:33.0359 0x0f54 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:34:33.0484 0x0f54 CiSvc - ok
14:34:33.0515 0x0f54 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:34:33.0625 0x0f54 ClipSrv - ok
14:34:33.0718 0x0f54 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:34:33.0750 0x0f54 clr_optimization_v2.0.50727_32 - ok
14:34:33.0812 0x0f54 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:34:33.0828 0x0f54 clr_optimization_v4.0.30319_32 - ok
14:34:33.0875 0x0f54 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:34:34.0015 0x0f54 CmBatt - ok
14:34:34.0031 0x0f54 CmdIde - ok
14:34:34.0062 0x0f54 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:34:34.0171 0x0f54 Compbatt - ok
14:34:34.0171 0x0f54 COMSysApp - ok
14:34:34.0187 0x0f54 Cpqarray - ok
14:34:34.0265 0x0f54 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:34:34.0406 0x0f54 CryptSvc - ok
14:34:34.0406 0x0f54 Suspicious service (NoAccess): d89bd8cd32fcaf20
14:34:34.0453 0x0f54 [ FE5D63B48D52F62F0FCC38B8F3EE86CD, EC426B6486A45EEA68C04AEED23C810CB7A15ED6C5A6CD08E047A1CFA91F159D ] d89bd8cd32fcaf20 C:\WINDOWS\System32\Drivers\d89bd8cd32fcaf20.sys
14:34:34.0453 0x0f54 Suspicious file ( NoAccess ): C:\WINDOWS\System32\Drivers\d89bd8cd32fcaf20.sys. md5: FE5D63B48D52F62F0FCC38B8F3EE86CD, sha256: EC426B6486A45EEA68C04AEED23C810CB7A15ED6C5A6CD08E047A1CFA91F159D
14:34:34.0468 0x0f54 d89bd8cd32fcaf20 - detected Rootkit.Win32.Necurs.gen ( 0 )
14:34:34.0468 0x0f54 d89bd8cd32fcaf20 ( Rootkit.Win32.Necurs.gen ) - infected
14:34:34.0468 0x0f54 Force sending object to P2P due to detect: d89bd8cd32fcaf20
14:34:34.0468 0x0f54 Object send P2P result: false
14:34:34.0468 0x0f54 dac2w2k - ok
14:34:34.0484 0x0f54 dac960nt - ok
14:34:34.0562 0x0f54 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:34:34.0640 0x0f54 DcomLaunch - ok
14:34:34.0703 0x0f54 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:34:34.0953 0x0f54 Dhcp - ok
14:34:34.0968 0x0f54 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:34:35.0078 0x0f54 Disk - ok
14:34:35.0078 0x0f54 dmadmin - ok
14:34:35.0187 0x0f54 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:34:35.0328 0x0f54 dmboot - ok
14:34:35.0375 0x0f54 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:34:35.0500 0x0f54 dmio - ok
14:34:35.0531 0x0f54 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:34:35.0625 0x0f54 dmload - ok
14:34:35.0671 0x0f54 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:34:35.0796 0x0f54 dmserver - ok
14:34:35.0828 0x0f54 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:34:35.0953 0x0f54 DMusic - ok
14:34:35.0984 0x0f54 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:34:36.0031 0x0f54 Dnscache - ok
14:34:36.0078 0x0f54 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:34:36.0187 0x0f54 Dot3svc - ok
14:34:36.0234 0x0f54 [ BD05306428DA63369692477DDC0F6F5F, DE2FC729A64695AF604D2DC64DF2A0C89598EB81E6D9953732B23E509116C398 ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
14:34:36.0406 0x0f54 Dot4Scan - ok
14:34:36.0406 0x0f54 dpti2o - ok
14:34:36.0437 0x0f54 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:34:36.0578 0x0f54 drmkaud - ok
14:34:36.0609 0x0f54 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:34:36.0750 0x0f54 EapHost - ok
14:34:36.0796 0x0f54 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:34:36.0906 0x0f54 ERSvc - ok
14:34:36.0953 0x0f54 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
14:34:37.0000 0x0f54 Eventlog - ok
14:34:37.0046 0x0f54 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
14:34:37.0062 0x0f54 EventSystem - ok
14:34:37.0218 0x0f54 [ 4C6FA3FD55087B7C35707068723A1710, C9595A1962AD98A68FF31428543E86494FE76A4CB11040DBCF46C203DB60FA45 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
14:34:37.0296 0x0f54 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
14:34:37.0296 0x0f54 Detect skipped due to KSN trusted
14:34:37.0296 0x0f54 EvtEng - ok
14:34:37.0328 0x0f54 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:34:37.0468 0x0f54 Fastfat - ok
14:34:37.0531 0x0f54 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:34:37.0562 0x0f54 FastUserSwitchingCompatibility - ok
14:34:37.0609 0x0f54 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:34:37.0765 0x0f54 Fdc - ok
14:34:37.0796 0x0f54 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:34:37.0953 0x0f54 Fips - ok
14:34:37.0968 0x0f54 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:34:38.0125 0x0f54 Flpydisk - ok
14:34:38.0187 0x0f54 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:34:38.0375 0x0f54 FltMgr - ok
14:34:38.0453 0x0f54 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:34:38.0468 0x0f54 FontCache3.0.0.0 - ok
14:34:38.0484 0x0f54 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:34:38.0640 0x0f54 Fs_Rec - ok
14:34:38.0656 0x0f54 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:34:38.0843 0x0f54 Ftdisk - ok
14:34:38.0875 0x0f54 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:34:39.0046 0x0f54 Gpc - ok
14:34:39.0156 0x0f54 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:34:39.0328 0x0f54 helpsvc - ok
14:34:39.0390 0x0f54 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:34:39.0593 0x0f54 HidServ - ok
14:34:39.0625 0x0f54 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:34:39.0796 0x0f54 hidusb - ok
14:34:39.0859 0x0f54 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:34:40.0031 0x0f54 hkmsvc - ok
14:34:40.0046 0x0f54 hpn - ok
14:34:40.0109 0x0f54 [ 32FE92018E28DF54BF94D41FC7FF92AC, 13112E1773B58C89D65DAB6A9C593C698612A4C265038AE7CCDE01730F4AAD7C ] HPPLSBULK C:\WINDOWS\system32\drivers\hpplsbulk.sys
14:34:40.0140 0x0f54 HPPLSBULK - ok
14:34:40.0156 0x0f54 [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:34:40.0187 0x0f54 HPZid412 - ok
14:34:40.0203 0x0f54 [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:34:40.0234 0x0f54 HPZipr12 - ok
14:34:40.0250 0x0f54 [ 7AC43C38CA8FD7ED0B0A4466F753E06E, B4D44B366170D247E0145B9435CC678BEE2A2A42CFF7B485E077B3B582557B5A ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:34:40.0296 0x0f54 HPZius12 - ok
14:34:40.0359 0x0f54 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:34:40.0421 0x0f54 HTTP - ok
14:34:40.0453 0x0f54 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:34:40.0625 0x0f54 HTTPFilter - ok
14:34:40.0625 0x0f54 i2omgmt - ok
14:34:40.0640 0x0f54 i2omp - ok
14:34:40.0671 0x0f54 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:34:40.0875 0x0f54 i8042prt - ok
14:34:41.0046 0x0f54 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:34:41.0140 0x0f54 idsvc - ok
14:34:41.0156 0x0f54 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:34:41.0328 0x0f54 Imapi - ok
14:34:41.0406 0x0f54 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:34:41.0703 0x0f54 ImapiService - ok
14:34:41.0718 0x0f54 ini910u - ok
14:34:41.0765 0x0f54 [ 69C4E3C9E67A1F103B94E14FDD5F3213, 894ABDDBF95E3FFE59A4621AF94AFA7E6F6D780420845078622C76624C0326D2 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:34:41.0953 0x0f54 IntelIde - ok
14:34:42.0406 0x0f54 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:34:42.0531 0x0f54 intelppm - ok
14:34:42.0546 0x0f54 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:34:42.0640 0x0f54 Ip6Fw - ok
14:34:42.0687 0x0f54 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:34:42.0812 0x0f54 IpFilterDriver - ok
14:34:42.0859 0x0f54 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:34:42.0968 0x0f54 IpInIp - ok
14:34:43.0015 0x0f54 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:34:43.0156 0x0f54 IpNat - ok
14:34:43.0203 0x0f54 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:34:43.0328 0x0f54 IPSec - ok
14:34:43.0343 0x0f54 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:34:43.0468 0x0f54 IRENUM - ok
14:34:43.0500 0x0f54 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:34:43.0609 0x0f54 isapnp - ok
14:34:43.0734 0x0f54 [ 4F4D4AA1E0849FECC0CF5AACD59030B5, F90F33F59926A8F3599B2711C3F4D8F638068D3BE83B390CECD81F9F71DA0DE2 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
14:34:43.0765 0x0f54 JavaQuickStarterService - ok
14:34:43.0796 0x0f54 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:34:43.0937 0x0f54 Kbdclass - ok
14:34:43.0953 0x0f54 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:34:44.0093 0x0f54 kbdhid - ok
14:34:44.0156 0x0f54 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:34:44.0406 0x0f54 kmixer - ok
14:34:44.0453 0x0f54 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:34:44.0500 0x0f54 KSecDD - ok
14:34:44.0546 0x0f54 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:34:44.0578 0x0f54 lanmanserver - ok
14:34:44.0625 0x0f54 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:34:44.0640 0x0f54 lanmanworkstation - ok
14:34:44.0640 0x0f54 lbrtfdc - ok
14:34:44.0687 0x0f54 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:34:44.0812 0x0f54 LmHosts - ok
14:34:44.0937 0x0f54 [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Programme\McAfee Security Scan\3.8.150\McCHSvc.exe
14:34:44.0953 0x0f54 McComponentHostService - ok
14:34:44.0984 0x0f54 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:34:45.0078 0x0f54 Messenger - ok
14:34:45.0187 0x0f54 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:34:45.0343 0x0f54 mnmdd - ok
14:34:45.0390 0x0f54 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:34:45.0546 0x0f54 mnmsrvc - ok
14:34:45.0578 0x0f54 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:34:45.0718 0x0f54 Modem - ok
14:34:45.0750 0x0f54 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:34:45.0953 0x0f54 Mouclass - ok
14:34:45.0968 0x0f54 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:34:46.0171 0x0f54 mouhid - ok
14:34:46.0203 0x0f54 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:34:46.0375 0x0f54 MountMgr - ok
14:34:46.0453 0x0f54 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:34:46.0468 0x0f54 MozillaMaintenance - ok
14:34:46.0468 0x0f54 mraid35x - ok
14:34:46.0484 0x0f54 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:34:46.0609 0x0f54 MRxDAV - ok
14:34:46.0671 0x0f54 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:34:46.0734 0x0f54 MRxSmb - ok
14:34:46.0765 0x0f54 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:34:46.0875 0x0f54 MSDTC - ok
14:34:46.0875 0x0f54 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:34:47.0046 0x0f54 Msfs - ok
14:34:47.0062 0x0f54 MSIServer - ok
14:34:47.0093 0x0f54 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:34:47.0203 0x0f54 MSKSSRV - ok
14:34:47.0234 0x0f54 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:34:47.0328 0x0f54 MSPCLOCK - ok
14:34:47.0343 0x0f54 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:34:47.0453 0x0f54 MSPQM - ok
14:34:47.0484 0x0f54 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:34:47.0593 0x0f54 mssmbios - ok
14:34:47.0625 0x0f54 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:34:47.0656 0x0f54 Mup - ok
14:34:47.0718 0x0f54 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:34:47.0828 0x0f54 napagent - ok
14:34:47.0859 0x0f54 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:34:48.0000 0x0f54 NDIS - ok
14:34:48.0046 0x0f54 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:34:48.0062 0x0f54 NdisTapi - ok
14:34:48.0062 0x0f54 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:34:48.0171 0x0f54 Ndisuio - ok
14:34:48.0187 0x0f54 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:34:48.0312 0x0f54 NdisWan - ok
14:34:48.0328 0x0f54 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:34:48.0375 0x0f54 NDProxy - ok
14:34:48.0406 0x0f54 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:34:48.0500 0x0f54 NetBIOS - ok
14:34:48.0531 0x0f54 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:34:48.0656 0x0f54 NetBT - ok
14:34:48.0703 0x0f54 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
14:34:48.0812 0x0f54 NetDDE - ok
14:34:48.0828 0x0f54 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:34:48.0937 0x0f54 NetDDEdsdm - ok
14:34:49.0031 0x0f54 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:34:49.0125 0x0f54 Netlogon - ok
14:34:49.0156 0x0f54 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
14:34:49.0281 0x0f54 Netman - ok
14:34:49.0328 0x0f54 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:34:49.0343 0x0f54 NetTcpPortSharing - ok
14:34:49.0406 0x0f54 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
14:34:49.0468 0x0f54 Nla - ok
14:34:49.0500 0x0f54 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:34:49.0625 0x0f54 Npfs - ok
14:34:49.0703 0x0f54 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:34:49.0906 0x0f54 Ntfs - ok
14:34:49.0921 0x0f54 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:34:50.0062 0x0f54 NtLmSsp - ok
14:34:50.0156 0x0f54 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:34:50.0359 0x0f54 NtmsSvc - ok
14:34:50.0406 0x0f54 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
14:34:50.0531 0x0f54 Null - ok
14:34:50.0578 0x0f54 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:34:50.0750 0x0f54 NwlnkFlt - ok
14:34:50.0765 0x0f54 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:34:50.0890 0x0f54 NwlnkFwd - ok
14:34:50.0984 0x0f54 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
14:34:51.0000 0x0f54 ose - ok
14:34:51.0062 0x0f54 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:34:51.0171 0x0f54 Parport - ok
14:34:51.0203 0x0f54 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:34:51.0328 0x0f54 PartMgr - ok
14:34:51.0359 0x0f54 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:34:51.0500 0x0f54 ParVdm - ok
14:34:51.0500 0x0f54 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:34:51.0734 0x0f54 PCI - ok
14:34:51.0750 0x0f54 PCIDump - ok
14:34:51.0796 0x0f54 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:34:51.0921 0x0f54 PCIIde - ok
14:34:51.0921 0x0f54 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:34:52.0046 0x0f54 Pcmcia - ok
14:34:52.0046 0x0f54 PDCOMP - ok
14:34:52.0062 0x0f54 PDFRAME - ok
14:34:52.0062 0x0f54 PDRELI - ok
14:34:52.0078 0x0f54 PDRFRAME - ok
14:34:52.0078 0x0f54 perc2 - ok
14:34:52.0093 0x0f54 perc2hib - ok
14:34:52.0140 0x0f54 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
14:34:52.0171 0x0f54 PlugPlay - ok
14:34:52.0218 0x0f54 [ B489E534D30F95C6240C7FB6C9BF9EC5, 6AD448CA6933546A49E8560D399F75EEA1D1EDA6476ECDCA918C061466287279 ] Pml Driver HPZ12 C:\WINDOWS\system32\hpzipm12.exe
14:34:52.0234 0x0f54 Pml Driver HPZ12 - ok
14:34:52.0234 0x0f54 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:34:52.0343 0x0f54 PolicyAgent - ok
14:34:52.0359 0x0f54 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:34:52.0484 0x0f54 PptpMiniport - ok
14:34:52.0484 0x0f54 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:34:52.0578 0x0f54 ProtectedStorage - ok
14:34:52.0593 0x0f54 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:34:52.0718 0x0f54 PSched - ok
14:34:52.0750 0x0f54 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:34:52.0859 0x0f54 Ptilink - ok
14:34:52.0875 0x0f54 ql1080 - ok
14:34:52.0875 0x0f54 Ql10wnt - ok
14:34:52.0890 0x0f54 ql12160 - ok
14:34:52.0890 0x0f54 ql1240 - ok
14:34:52.0906 0x0f54 ql1280 - ok
14:34:52.0937 0x0f54 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:34:53.0062 0x0f54 RasAcd - ok
14:34:53.0109 0x0f54 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:34:53.0234 0x0f54 RasAuto - ok
14:34:53.0281 0x0f54 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:34:53.0421 0x0f54 Rasl2tp - ok
14:34:53.0484 0x0f54 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:34:53.0640 0x0f54 RasMan - ok
14:34:53.0656 0x0f54 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:34:53.0796 0x0f54 RasPppoe - ok
14:34:53.0812 0x0f54 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:34:53.0968 0x0f54 Raspti - ok
14:34:54.0000 0x0f54 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:34:54.0125 0x0f54 Rdbss - ok
14:34:54.0140 0x0f54 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:34:54.0250 0x0f54 RDPCDD - ok
14:34:54.0312 0x0f54 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:34:54.0421 0x0f54 rdpdr - ok
14:34:54.0500 0x0f54 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:34:54.0734 0x0f54 RDPWD - ok
14:34:54.0781 0x0f54 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:34:54.0937 0x0f54 RDSessMgr - ok
14:34:54.0968 0x0f54 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:34:55.0125 0x0f54 redbook - ok
14:34:55.0156 0x0f54 [ 8AC155995F5D10FC0D3AD949A1A68075, AF66B760897F2CF6352D726752BF02A64F99EF843906EF2E4C1A63731F6A938E ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
14:34:55.0203 0x0f54 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
14:34:55.0203 0x0f54 Detect skipped due to KSN trusted
14:34:55.0203 0x0f54 RegSrvc - ok
14:34:55.0250 0x0f54 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:34:55.0406 0x0f54 RemoteAccess - ok
14:34:55.0437 0x0f54 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:34:55.0578 0x0f54 RemoteRegistry - ok
14:34:55.0593 0x0f54 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:34:55.0750 0x0f54 RpcLocator - ok
14:34:55.0796 0x0f54 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:34:55.0843 0x0f54 RpcSs - ok
14:34:55.0859 0x0f54 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:34:55.0984 0x0f54 RSVP - ok
14:34:56.0078 0x0f54 [ 131D50F081D2E29EBD1365B21F6B9736, 402A92A5606C207E38D9AD378C39FC630B177C05D93F1648ADF3329F84DA2908 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
14:34:56.0171 0x0f54 S24EventMonitor - detected UnsignedFile.Multi.Generic ( 1 )
14:34:56.0171 0x0f54 Detect skipped due to KSN trusted
14:34:56.0171 0x0f54 S24EventMonitor - ok
14:34:56.0203 0x0f54 [ E2C6ABCBEFB1D44F6AAEB1CD5D6062D4, 4A9EA5F875F2FF5C5EB551EDAFD5153F024576F40983D8450D3184583A3F2B2F ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
14:34:56.0218 0x0f54 s24trans - detected UnsignedFile.Multi.Generic ( 1 )
14:34:56.0218 0x0f54 Detect skipped due to KSN trusted
14:34:56.0218 0x0f54 s24trans - ok
14:34:56.0250 0x0f54 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
14:34:56.0375 0x0f54 SamSs - ok
14:34:56.0390 0x0f54 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:34:56.0546 0x0f54 SCardSvr - ok
14:34:56.0593 0x0f54 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:34:56.0703 0x0f54 Schedule - ok
14:34:56.0750 0x0f54 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:34:56.0843 0x0f54 Secdrv - ok
14:34:56.0859 0x0f54 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
14:34:56.0968 0x0f54 seclogon - ok
14:34:56.0984 0x0f54 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
14:34:57.0109 0x0f54 SENS - ok
14:34:57.0140 0x0f54 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:34:57.0234 0x0f54 serenum - ok
14:34:57.0265 0x0f54 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:34:57.0390 0x0f54 Serial - ok
14:34:57.0437 0x0f54 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:34:57.0578 0x0f54 Sfloppy - ok
14:34:57.0625 0x0f54 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:34:57.0750 0x0f54 SharedAccess - ok
14:34:57.0781 0x0f54 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:34:57.0812 0x0f54 ShellHWDetection - ok
14:34:57.0812 0x0f54 Simbad - ok
14:34:57.0875 0x0f54 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
14:34:57.0984 0x0f54 SONYPVU1 - ok
14:34:58.0000 0x0f54 Sparrow - ok
14:34:58.0031 0x0f54 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:34:58.0171 0x0f54 splitter - ok
14:34:58.0218 0x0f54 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:34:58.0265 0x0f54 Spooler - ok
14:34:58.0312 0x0f54 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:34:58.0468 0x0f54 sr - ok
14:34:58.0515 0x0f54 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
14:34:58.0718 0x0f54 srservice - ok
14:34:58.0828 0x0f54 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:34:58.0906 0x0f54 Srv - ok
14:34:58.0921 0x0f54 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:34:59.0125 0x0f54 SSDPSRV - ok
14:34:59.0156 0x0f54 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:34:59.0187 0x0f54 ssmdrv - ok
14:34:59.0281 0x0f54 [ 305CC42945A713347F978D78566113F3, 92D95E1DCCAA5E31AADB061EB7B531337975974961211BFB7C542FB799348034 ] STAC97 C:\WINDOWS\system32\drivers\STAC97.sys
14:34:59.0328 0x0f54 STAC97 - ok
14:34:59.0390 0x0f54 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:34:59.0687 0x0f54 stisvc - ok
14:34:59.0718 0x0f54 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:34:59.0859 0x0f54 swenum - ok
14:34:59.0906 0x0f54 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:35:00.0000 0x0f54 swmidi - ok
14:35:00.0015 0x0f54 SwPrv - ok
14:35:00.0015 0x0f54 symc810 - ok
14:35:00.0031 0x0f54 symc8xx - ok
14:35:00.0031 0x0f54 sym_hi - ok
14:35:00.0046 0x0f54 sym_u3 - ok
14:35:00.0078 0x0f54 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:35:00.0187 0x0f54 sysaudio - ok
14:35:00.0296 0x0f54 [ 5E855A5ADED6A4642B1F754F3A17F74C, 23AF825E4AE3396F5F396305602A883579FE06DE7B3A5FBDED0952921EC9728C ] syshost32 C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe
14:35:00.0296 0x0f54 Suspicious file ( NoAccess ): C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe. md5: 5E855A5ADED6A4642B1F754F3A17F74C, sha256: 23AF825E4AE3396F5F396305602A883579FE06DE7B3A5FBDED0952921EC9728C
14:35:00.0296 0x0f54 syshost32 - detected LockedFile.Multi.Generic ( 1 )
14:35:00.0296 0x0f54 Detect turned to UDS exact due to KSN untrusted
14:35:00.0296 0x0f54 syshost32 ( UDS:DangerousObject.Multi.Generic ) - infected
14:35:00.0296 0x0f54 Force sending object to P2P due to detect: syshost32
14:35:00.0296 0x0f54 Object send P2P result: false
14:35:00.0343 0x0f54 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:35:00.0468 0x0f54 SysmonLog - ok
14:35:00.0515 0x0f54 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:35:00.0687 0x0f54 TapiSrv - ok
14:35:00.0750 0x0f54 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:35:00.0812 0x0f54 Tcpip - ok
14:35:00.0859 0x0f54 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:35:01.0000 0x0f54 TDPIPE - ok
14:35:01.0031 0x0f54 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:35:01.0187 0x0f54 TDTCP - ok
14:35:01.0218 0x0f54 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:35:01.0390 0x0f54 TermDD - ok
14:35:01.0437 0x0f54 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
14:35:02.0296 0x0f54 TermService - ok
14:35:02.0328 0x0f54 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:35:02.0375 0x0f54 Themes - ok
14:35:02.0453 0x0f54 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:35:02.0687 0x0f54 TlntSvr - ok
14:35:02.0703 0x0f54 TosIde - ok
14:35:02.0765 0x0f54 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:35:02.0890 0x0f54 TrkWks - ok
14:35:02.0937 0x0f54 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:35:03.0046 0x0f54 Udfs - ok
14:35:03.0046 0x0f54 ultra - ok
14:35:03.0125 0x0f54 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:35:03.0265 0x0f54 Update - ok
14:35:03.0312 0x0f54 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:35:03.0468 0x0f54 upnphost - ok
14:35:03.0484 0x0f54 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
14:35:03.0609 0x0f54 UPS - ok
14:35:03.0656 0x0f54 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:35:03.0687 0x0f54 usbccgp - ok
14:35:03.0734 0x0f54 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:35:03.0750 0x0f54 usbehci - ok
14:35:03.0765 0x0f54 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:35:03.0921 0x0f54 usbhub - ok
14:35:04.0000 0x0f54 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:35:04.0125 0x0f54 usbprint - ok
14:35:04.0156 0x0f54 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:35:04.0312 0x0f54 USBSTOR - ok
14:35:04.0359 0x0f54 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:35:04.0500 0x0f54 usbuhci - ok
14:35:04.0515 0x0f54 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:35:04.0640 0x0f54 VgaSave - ok
14:35:04.0656 0x0f54 ViaIde - ok
14:35:04.0671 0x0f54 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:35:04.0796 0x0f54 VolSnap - ok
14:35:04.0859 0x0f54 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
14:35:04.0984 0x0f54 VSS - ok
14:35:05.0156 0x0f54 [ D6006DE6A6ED423D8016A03BC50CBE6B, DB146F82185274433A474AEFF84EAE517200B9A63F0963348E96BFE8D5454E54 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
14:35:05.0343 0x0f54 w29n51 - ok
14:35:05.0390 0x0f54 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
14:35:05.0515 0x0f54 W32Time - ok
14:35:05.0531 0x0f54 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:35:05.0656 0x0f54 Wanarp - ok
14:35:05.0656 0x0f54 WDICA - ok
14:35:05.0687 0x0f54 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:35:05.0828 0x0f54 wdmaud - ok
14:35:05.0843 0x0f54 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
14:35:05.0968 0x0f54 WebClient - ok
14:35:06.0093 0x0f54 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:35:06.0234 0x0f54 winmgmt - ok
14:35:06.0312 0x0f54 [ 8880769B9F88918E27F8E7332AA1AA01, 5620C9EE1C3E570B289A3C9DF731CD7EA680426FF8673E76DBCDC60C0B915477 ] WLANKEEPER C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
14:35:06.0343 0x0f54 WLANKEEPER - detected UnsignedFile.Multi.Generic ( 1 )
14:35:06.0343 0x0f54 Detect skipped due to KSN trusted
14:35:06.0343 0x0f54 WLANKEEPER - ok
14:35:06.0343 0x0f54 wltrysvc - ok
14:35:06.0406 0x0f54 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:35:06.0421 0x0f54 WmdmPmSN - ok
14:35:06.0500 0x0f54 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:35:06.0578 0x0f54 Wmi - ok
14:35:06.0640 0x0f54 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:35:06.0843 0x0f54 WmiApSrv - ok
14:35:06.0984 0x0f54 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
14:35:07.0109 0x0f54 WMPNetworkSvc - ok
14:35:07.0140 0x0f54 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:35:07.0187 0x0f54 WpdUsb - ok
14:35:07.0328 0x0f54 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:35:07.0437 0x0f54 WPFFontCache_v0400 - ok
14:35:07.0515 0x0f54 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:35:07.0734 0x0f54 wscsvc - ok
14:35:07.0750 0x0f54 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:35:07.0859 0x0f54 wuauserv - ok
14:35:07.0906 0x0f54 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:35:07.0953 0x0f54 WudfPf - ok
14:35:07.0968 0x0f54 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:35:08.0000 0x0f54 WudfRd - ok
14:35:08.0031 0x0f54 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:35:08.0062 0x0f54 WudfSvc - ok
14:35:08.0140 0x0f54 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:35:08.0359 0x0f54 WZCSVC - ok
14:35:08.0406 0x0f54 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:35:08.0593 0x0f54 xmlprov - ok
14:35:08.0593 0x0f54 ================ Scan global ===============================
14:35:08.0656 0x0f54 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
14:35:08.0718 0x0f54 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
14:35:08.0765 0x0f54 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
14:35:08.0828 0x0f54 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
14:35:08.0843 0x0f54 [ Global ] - ok
14:35:08.0843 0x0f54 ================ Scan MBR ==================================
14:35:08.0875 0x0f54 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
14:35:09.0187 0x0f54 \Device\Harddisk0\DR0 - ok
14:35:09.0187 0x0f54 ================ Scan VBR ==================================
14:35:09.0187 0x0f54 [ 76C1AB3223AF418A267C2A5506BEB975 ] \Device\Harddisk0\DR0\Partition1
14:35:09.0203 0x0f54 \Device\Harddisk0\DR0\Partition1 - ok
14:35:09.0203 0x0f54 ================ Scan generic autorun ======================
14:35:09.0343 0x0f54 [ 0E81905F53B1A2A41558519CDCDC9C61, 50C48BE7FC37FE15D721659A0EA74C968B42E053F50CB52E4A7D873351EB59DE ] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
14:35:09.0468 0x0f54 IntelZeroConfig - detected UnsignedFile.Multi.Generic ( 1 )
14:35:09.0468 0x0f54 Detect skipped due to KSN trusted
14:35:09.0468 0x0f54 IntelZeroConfig - ok
14:35:09.0593 0x0f54 [ F8A99D6F2C65C83D9E419164D427F1C6, 42C5249AC6DBB1D60DEE04942A522F5EE9D25B4AD62C28741A33D5A1F870A889 ] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
14:35:09.0734 0x0f54 IntelWireless - detected UnsignedFile.Multi.Generic ( 1 )
14:35:09.0734 0x0f54 Detect skipped due to KSN trusted
14:35:09.0734 0x0f54 IntelWireless - ok
14:35:09.0937 0x0f54 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
14:35:10.0062 0x0f54 Adobe ARM - ok
14:35:10.0156 0x0f54 [ E558CDE2913DAA077D4E25732D1AA176, 9A889C1E1EFC85BEEEF184E31888CAA0BC34365C7594543E8798531B4BB9EFB6 ] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
14:35:10.0187 0x0f54 HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
14:35:10.0187 0x0f54 Detect skipped due to KSN trusted
14:35:10.0187 0x0f54 HP Software Update - ok
14:35:10.0234 0x0f54 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
14:35:10.0359 0x0f54 CTFMON.EXE - ok
14:35:10.0359 0x0f54 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
14:35:10.0453 0x0f54 CTFMON.EXE - ok
14:35:10.0468 0x0f54 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
14:35:10.0562 0x0f54 ctfmon.exe - ok
14:35:10.0578 0x0f54 AV detected via SS1: Avira Desktop, 14.0.7.462, disabled, updated
14:35:10.0578 0x0f54 Win FW state via NFM: disabled
14:35:10.0578 0x0f54 ============================================================
14:35:10.0578 0x0f54 Scan finished
14:35:10.0578 0x0f54 ============================================================
14:35:10.0593 0x0338 Detected object count: 2
14:35:10.0593 0x0338 Actual detected object count: 2
14:36:14.0656 0x0338 C:\WINDOWS\System32\Drivers\d89bd8cd32fcaf20.sys - copied to quarantine
14:36:14.0656 0x0338 HKLM\SYSTEM\ControlSet001\services\d89bd8cd32fcaf20 - will be deleted on reboot
14:36:14.0687 0x0338 HKLM\SYSTEM\ControlSet003\services\d89bd8cd32fcaf20 - will be deleted on reboot
14:36:14.0687 0x0338 C:\WINDOWS\System32\Drivers\d89bd8cd32fcaf20.sys - will be deleted on reboot
14:36:14.0687 0x0338 d89bd8cd32fcaf20 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
14:36:14.0781 0x0338 C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe - copied to quarantine
14:36:14.0781 0x0338 HKLM\SYSTEM\ControlSet001\services\syshost32 - will be deleted on reboot
14:36:14.0781 0x0338 HKLM\SYSTEM\ControlSet003\services\syshost32 - will be deleted on reboot
14:36:14.0781 0x0338 C:\WINDOWS\Installer\{74BA6765-3D0E-627F-797B-B7CD594A2F8F}\syshost.exe - will be deleted on reboot
14:36:14.0781 0x0338 syshost32 ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
14:36:16.0218 0x0338 KLMD registered as C:\WINDOWS\system32\drivers\93662764.sys
14:36:22.0875 0x0bbc Deinitialize success
|
|
08.01.2015, 17:12
| #10 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Jetzt nochmal einen frischen Scan mit TDSSKILLER machen und das Log posten. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.01.2015, 17:42
| #11 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-Mails TDSSKILLER: Code:
ATTFilter 17:45:00.0078 0x0f80 ============================================================
17:45:00.0078 0x0f80 Scan started
17:45:00.0078 0x0f80 Mode: Manual;
17:45:00.0078 0x0f80 ============================================================
17:45:00.0078 0x0f80 KSN ping started
17:45:00.0406 0x0f80 KSN ping finished: true
17:45:11.0468 0x0f80 ================ Scan system memory ========================
17:45:13.0468 0x0f80 System memory - ok
17:45:13.0484 0x0f80 ================ Scan services =============================
17:45:23.0640 0x0f80 Abiosdsk - ok
17:45:23.0640 0x0f80 abp480n5 - ok
17:45:24.0046 0x0f80 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:45:24.0046 0x0f80 ACPI - ok
17:45:24.0093 0x0f80 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:45:24.0093 0x0f80 ACPIEC - ok
17:45:24.0296 0x0f80 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:24.0312 0x0f80 AdobeFlashPlayerUpdateSvc - ok
17:45:24.0312 0x0f80 adpu160m - ok
17:45:24.0406 0x0f80 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:45:24.0406 0x0f80 aec - ok
17:45:24.0484 0x0f80 [ 375EB0B97E3950ADEF3633C27A82438B, A79AF11EFAFFAB0CBB0A7A21AD53072C44EFA2EB375981201DE1EF03F3564A12 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
17:45:24.0484 0x0f80 AegisP - ok
17:45:24.0937 0x0f80 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:45:24.0953 0x0f80 AFD - ok
17:45:24.0953 0x0f80 Aha154x - ok
17:45:24.0968 0x0f80 aic78u2 - ok
17:45:24.0968 0x0f80 aic78xx - ok
17:45:25.0031 0x0f80 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:45:25.0046 0x0f80 Alerter - ok
17:45:25.0078 0x0f80 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
17:45:25.0093 0x0f80 ALG - ok
17:45:25.0093 0x0f80 AliIde - ok
17:45:25.0109 0x0f80 amsint - ok
17:45:25.0250 0x0f80 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:45:25.0265 0x0f80 AppMgmt - ok
17:45:25.0265 0x0f80 asc - ok
17:45:25.0281 0x0f80 asc3350p - ok
17:45:25.0296 0x0f80 asc3550 - ok
17:45:25.0843 0x0f80 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:45:25.0843 0x0f80 aspnet_state - ok
17:45:25.0906 0x0f80 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:45:25.0906 0x0f80 AsyncMac - ok
17:45:25.0968 0x0f80 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:45:25.0968 0x0f80 atapi - ok
17:45:25.0968 0x0f80 Atdisk - ok
17:45:26.0140 0x0f80 [ DFEA480EE09BDEB7F51244900170E173, 60B2D97DB6E806176D44A52707E7ED1E36C911B88FF36D0F43C24BD5DDE28CBD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:45:26.0156 0x0f80 Ati HotKey Poller - ok
17:45:26.0531 0x0f80 [ 2A6C99CFDC23C9C26D0E30B1C99748D4, ADA8FC9C0B308FC6175947AC716AC463B5A575D7F94720359BF7BBB4ED69F47F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:45:26.0921 0x0f80 ati2mtag - ok
17:45:26.0984 0x0f80 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:45:27.0000 0x0f80 Atmarpc - ok
17:45:27.0062 0x0f80 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:45:27.0078 0x0f80 AudioSrv - ok
17:45:27.0156 0x0f80 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:45:27.0156 0x0f80 audstub - ok
17:45:27.0171 0x0f80 avkmgr - ok
17:45:27.0281 0x0f80 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:45:27.0281 0x0f80 Beep - ok
17:45:27.0437 0x0f80 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
17:45:27.0468 0x0f80 BITS - ok
17:45:27.0562 0x0f80 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
17:45:27.0578 0x0f80 Browser - ok
17:45:28.0390 0x0f80 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:45:28.0390 0x0f80 cbidf2k - ok
17:45:28.0390 0x0f80 cd20xrnt - ok
17:45:28.0421 0x0f80 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:45:28.0421 0x0f80 Cdaudio - ok
17:45:28.0468 0x0f80 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:45:28.0484 0x0f80 Cdfs - ok
17:45:28.0531 0x0f80 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:45:28.0546 0x0f80 Cdrom - ok
17:45:28.0578 0x0f80 [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
17:45:28.0578 0x0f80 cercsr6 - ok
17:45:28.0578 0x0f80 Changer - ok
17:45:28.0640 0x0f80 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:45:28.0640 0x0f80 CiSvc - ok
17:45:28.0671 0x0f80 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:45:28.0687 0x0f80 ClipSrv - ok
17:45:28.0937 0x0f80 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:28.0937 0x0f80 clr_optimization_v2.0.50727_32 - ok
17:45:29.0062 0x0f80 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:29.0062 0x0f80 clr_optimization_v4.0.30319_32 - ok
17:45:29.0109 0x0f80 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:45:29.0109 0x0f80 CmBatt - ok
17:45:29.0109 0x0f80 CmdIde - ok
17:45:29.0156 0x0f80 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:45:29.0156 0x0f80 Compbatt - ok
17:45:29.0156 0x0f80 COMSysApp - ok
17:45:29.0171 0x0f80 Cpqarray - ok
17:45:29.0234 0x0f80 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:45:29.0234 0x0f80 CryptSvc - ok
17:45:29.0234 0x0f80 dac2w2k - ok
17:45:29.0250 0x0f80 dac960nt - ok
17:45:29.0406 0x0f80 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:45:29.0421 0x0f80 DcomLaunch - ok
17:45:29.0484 0x0f80 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:45:29.0484 0x0f80 Dhcp - ok
17:45:29.0500 0x0f80 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:45:29.0500 0x0f80 Disk - ok
17:45:29.0515 0x0f80 dmadmin - ok
17:45:29.0812 0x0f80 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:45:30.0031 0x0f80 dmboot - ok
17:45:30.0140 0x0f80 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:45:30.0140 0x0f80 dmio - ok
17:45:30.0187 0x0f80 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:45:30.0187 0x0f80 dmload - ok
17:45:30.0250 0x0f80 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:45:30.0250 0x0f80 dmserver - ok
17:45:30.0296 0x0f80 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:45:30.0296 0x0f80 DMusic - ok
17:45:30.0359 0x0f80 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:45:30.0359 0x0f80 Dnscache - ok
17:45:30.0453 0x0f80 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:45:30.0468 0x0f80 Dot3svc - ok
17:45:30.0515 0x0f80 [ BD05306428DA63369692477DDC0F6F5F, DE2FC729A64695AF604D2DC64DF2A0C89598EB81E6D9953732B23E509116C398 ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
17:45:30.0515 0x0f80 Dot4Scan - ok
17:45:30.0531 0x0f80 dpti2o - ok
17:45:30.0593 0x0f80 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:45:30.0593 0x0f80 drmkaud - ok
17:45:30.0625 0x0f80 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:45:30.0625 0x0f80 EapHost - ok
17:45:30.0671 0x0f80 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:45:30.0703 0x0f80 ERSvc - ok
17:45:30.0843 0x0f80 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
17:45:30.0843 0x0f80 Eventlog - ok
17:45:30.0984 0x0f80 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
17:45:30.0984 0x0f80 EventSystem - ok
17:45:31.0406 0x0f80 [ 4C6FA3FD55087B7C35707068723A1710, C9595A1962AD98A68FF31428543E86494FE76A4CB11040DBCF46C203DB60FA45 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
17:45:31.0453 0x0f80 EvtEng - ok
17:45:31.0531 0x0f80 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:45:31.0546 0x0f80 Fastfat - ok
17:45:31.0656 0x0f80 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:45:31.0671 0x0f80 FastUserSwitchingCompatibility - ok
17:45:31.0734 0x0f80 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:45:31.0750 0x0f80 Fdc - ok
17:45:31.0796 0x0f80 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:45:31.0796 0x0f80 Fips - ok
17:45:31.0828 0x0f80 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:45:31.0828 0x0f80 Flpydisk - ok
17:45:31.0906 0x0f80 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:45:31.0921 0x0f80 FltMgr - ok
17:45:32.0046 0x0f80 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:45:32.0046 0x0f80 FontCache3.0.0.0 - ok
17:45:32.0062 0x0f80 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:45:32.0062 0x0f80 Fs_Rec - ok
17:45:32.0109 0x0f80 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:45:32.0125 0x0f80 Ftdisk - ok
17:45:32.0171 0x0f80 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:45:32.0171 0x0f80 Gpc - ok
17:45:32.0359 0x0f80 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:45:32.0359 0x0f80 helpsvc - ok
17:45:32.0437 0x0f80 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
17:45:32.0437 0x0f80 HidServ - ok
17:45:32.0515 0x0f80 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:45:32.0515 0x0f80 hidusb - ok
17:45:32.0609 0x0f80 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:45:32.0609 0x0f80 hkmsvc - ok
17:45:32.0609 0x0f80 hpn - ok
17:45:32.0687 0x0f80 [ 32FE92018E28DF54BF94D41FC7FF92AC, 13112E1773B58C89D65DAB6A9C593C698612A4C265038AE7CCDE01730F4AAD7C ] HPPLSBULK C:\WINDOWS\system32\drivers\hpplsbulk.sys
17:45:32.0687 0x0f80 HPPLSBULK - ok
17:45:32.0734 0x0f80 [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:45:32.0734 0x0f80 HPZid412 - ok
17:45:32.0750 0x0f80 [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:45:32.0750 0x0f80 HPZipr12 - ok
17:45:32.0781 0x0f80 [ 7AC43C38CA8FD7ED0B0A4466F753E06E, B4D44B366170D247E0145B9435CC678BEE2A2A42CFF7B485E077B3B582557B5A ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:45:32.0781 0x0f80 HPZius12 - ok
17:45:32.0875 0x0f80 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:45:32.0890 0x0f80 HTTP - ok
17:45:32.0937 0x0f80 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:45:32.0937 0x0f80 HTTPFilter - ok
17:45:32.0953 0x0f80 i2omgmt - ok
17:45:32.0953 0x0f80 i2omp - ok
17:45:33.0015 0x0f80 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:45:33.0015 0x0f80 i8042prt - ok
17:45:33.0328 0x0f80 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:45:33.0546 0x0f80 idsvc - ok
17:45:33.0593 0x0f80 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:45:33.0609 0x0f80 Imapi - ok
17:45:33.0765 0x0f80 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:45:33.0781 0x0f80 ImapiService - ok
17:45:33.0796 0x0f80 ini910u - ok
17:45:33.0843 0x0f80 [ 69C4E3C9E67A1F103B94E14FDD5F3213, 894ABDDBF95E3FFE59A4621AF94AFA7E6F6D780420845078622C76624C0326D2 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:45:33.0843 0x0f80 IntelIde - ok
17:45:33.0890 0x0f80 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:45:33.0890 0x0f80 intelppm - ok
17:45:33.0921 0x0f80 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:45:33.0937 0x0f80 Ip6Fw - ok
17:45:34.0031 0x0f80 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:45:34.0031 0x0f80 IpFilterDriver - ok
17:45:34.0062 0x0f80 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:45:34.0078 0x0f80 IpInIp - ok
17:45:34.0140 0x0f80 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:45:34.0156 0x0f80 IpNat - ok
17:45:34.0187 0x0f80 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:45:34.0203 0x0f80 IPSec - ok
17:45:34.0250 0x0f80 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:45:34.0250 0x0f80 IRENUM - ok
17:45:34.0281 0x0f80 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:45:34.0296 0x0f80 isapnp - ok
17:45:34.0484 0x0f80 [ 4F4D4AA1E0849FECC0CF5AACD59030B5, F90F33F59926A8F3599B2711C3F4D8F638068D3BE83B390CECD81F9F71DA0DE2 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
17:45:34.0500 0x0f80 JavaQuickStarterService - ok
17:45:34.0531 0x0f80 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:45:34.0531 0x0f80 Kbdclass - ok
17:45:34.0562 0x0f80 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:45:34.0562 0x0f80 kbdhid - ok
17:45:34.0656 0x0f80 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:45:34.0671 0x0f80 kmixer - ok
17:45:34.0750 0x0f80 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:45:34.0765 0x0f80 KSecDD - ok
17:45:34.0812 0x0f80 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:45:34.0828 0x0f80 lanmanserver - ok
17:45:34.0921 0x0f80 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:45:34.0937 0x0f80 lanmanworkstation - ok
17:45:34.0937 0x0f80 lbrtfdc - ok
17:45:35.0000 0x0f80 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:45:35.0000 0x0f80 LmHosts - ok
17:45:35.0046 0x0f80 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:45:35.0046 0x0f80 Messenger - ok
17:45:35.0093 0x0f80 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:45:35.0093 0x0f80 mnmdd - ok
17:45:35.0156 0x0f80 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:45:35.0171 0x0f80 mnmsrvc - ok
17:45:35.0265 0x0f80 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:45:35.0265 0x0f80 Modem - ok
17:45:35.0296 0x0f80 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:45:35.0296 0x0f80 Mouclass - ok
17:45:35.0343 0x0f80 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:45:35.0343 0x0f80 mouhid - ok
17:45:35.0375 0x0f80 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:45:35.0375 0x0f80 MountMgr - ok
17:45:35.0500 0x0f80 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:45:35.0515 0x0f80 MozillaMaintenance - ok
17:45:35.0515 0x0f80 mraid35x - ok
17:45:35.0578 0x0f80 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:45:35.0578 0x0f80 MRxDAV - ok
17:45:35.0781 0x0f80 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:45:35.0812 0x0f80 MRxSmb - ok
17:45:35.0906 0x0f80 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:45:35.0906 0x0f80 MSDTC - ok
17:45:35.0937 0x0f80 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:45:35.0937 0x0f80 Msfs - ok
17:45:35.0953 0x0f80 MSIServer - ok
17:45:36.0000 0x0f80 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:45:36.0000 0x0f80 MSKSSRV - ok
17:45:36.0046 0x0f80 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:45:36.0046 0x0f80 MSPCLOCK - ok
17:45:36.0078 0x0f80 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:45:36.0078 0x0f80 MSPQM - ok
17:45:36.0125 0x0f80 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:45:36.0125 0x0f80 mssmbios - ok
17:45:36.0187 0x0f80 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:45:36.0203 0x0f80 Mup - ok
17:45:36.0312 0x0f80 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:45:36.0343 0x0f80 napagent - ok
17:45:36.0421 0x0f80 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:45:36.0437 0x0f80 NDIS - ok
17:45:36.0484 0x0f80 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:45:36.0500 0x0f80 NdisTapi - ok
17:45:36.0531 0x0f80 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:45:36.0546 0x0f80 Ndisuio - ok
17:45:36.0562 0x0f80 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:45:36.0562 0x0f80 NdisWan - ok
17:45:36.0609 0x0f80 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:45:36.0609 0x0f80 NDProxy - ok
17:45:36.0687 0x0f80 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:45:36.0687 0x0f80 NetBIOS - ok
17:45:36.0765 0x0f80 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:45:36.0781 0x0f80 NetBT - ok
17:45:36.0828 0x0f80 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
17:45:36.0843 0x0f80 NetDDE - ok
17:45:36.0890 0x0f80 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:45:36.0890 0x0f80 NetDDEdsdm - ok
17:45:36.0968 0x0f80 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:45:36.0984 0x0f80 Netlogon - ok
17:45:37.0078 0x0f80 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
17:45:37.0093 0x0f80 Netman - ok
17:45:37.0187 0x0f80 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:45:37.0203 0x0f80 NetTcpPortSharing - ok
17:45:37.0343 0x0f80 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
17:45:37.0359 0x0f80 Nla - ok
17:45:37.0421 0x0f80 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:45:37.0437 0x0f80 Npfs - ok
17:45:37.0578 0x0f80 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:45:37.0843 0x0f80 Ntfs - ok
17:45:38.0656 0x0f80 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:45:38.0656 0x0f80 NtLmSsp - ok
17:45:38.0859 0x0f80 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:45:38.0859 0x0f80 NtmsSvc - ok
17:45:38.0921 0x0f80 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:45:38.0921 0x0f80 Null - ok
17:45:38.0984 0x0f80 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:45:39.0000 0x0f80 NwlnkFlt - ok
17:45:39.0000 0x0f80 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:45:39.0000 0x0f80 NwlnkFwd - ok
17:45:39.0140 0x0f80 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:45:39.0140 0x0f80 ose - ok
17:45:39.0234 0x0f80 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:45:39.0234 0x0f80 Parport - ok
17:45:39.0281 0x0f80 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:45:39.0281 0x0f80 PartMgr - ok
17:45:39.0359 0x0f80 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:45:39.0359 0x0f80 ParVdm - ok
17:45:39.0406 0x0f80 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:45:39.0421 0x0f80 PCI - ok
17:45:39.0421 0x0f80 PCIDump - ok
17:45:39.0468 0x0f80 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:45:39.0468 0x0f80 PCIIde - ok
17:45:39.0484 0x0f80 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:45:39.0484 0x0f80 Pcmcia - ok
17:45:39.0500 0x0f80 PDCOMP - ok
17:45:39.0500 0x0f80 PDFRAME - ok
17:45:39.0515 0x0f80 PDRELI - ok
17:45:39.0531 0x0f80 PDRFRAME - ok
17:45:39.0531 0x0f80 perc2 - ok
17:45:39.0546 0x0f80 perc2hib - ok
17:45:39.0609 0x0f80 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
17:45:39.0609 0x0f80 PlugPlay - ok
17:45:39.0703 0x0f80 [ B489E534D30F95C6240C7FB6C9BF9EC5, 6AD448CA6933546A49E8560D399F75EEA1D1EDA6476ECDCA918C061466287279 ] Pml Driver HPZ12 C:\WINDOWS\system32\hpzipm12.exe
17:45:39.0703 0x0f80 Pml Driver HPZ12 - ok
17:45:39.0718 0x0f80 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:45:39.0718 0x0f80 PolicyAgent - ok
17:45:39.0765 0x0f80 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:45:39.0765 0x0f80 PptpMiniport - ok
17:45:39.0828 0x0f80 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:45:39.0828 0x0f80 ProtectedStorage - ok
17:45:40.0062 0x0f80 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:45:40.0062 0x0f80 PSched - ok
17:45:40.0531 0x0f80 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:45:40.0531 0x0f80 Ptilink - ok
17:45:40.0546 0x0f80 ql1080 - ok
17:45:40.0546 0x0f80 Ql10wnt - ok
17:45:40.0546 0x0f80 ql12160 - ok
17:45:40.0562 0x0f80 ql1240 - ok
17:45:40.0562 0x0f80 ql1280 - ok
17:45:40.0703 0x0f80 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:45:40.0703 0x0f80 RasAcd - ok
17:45:41.0109 0x0f80 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:45:41.0109 0x0f80 RasAuto - ok
17:45:41.0218 0x0f80 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:45:41.0218 0x0f80 Rasl2tp - ok
17:45:42.0531 0x0f80 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:45:42.0546 0x0f80 RasMan - ok
17:45:42.0578 0x0f80 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:45:42.0593 0x0f80 RasPppoe - ok
17:45:42.0625 0x0f80 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:45:42.0625 0x0f80 Raspti - ok
17:45:44.0406 0x0f80 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:45:44.0421 0x0f80 Rdbss - ok
17:45:45.0406 0x0f80 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:45:45.0406 0x0f80 RDPCDD - ok
17:45:47.0078 0x0f80 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:45:47.0078 0x0f80 rdpdr - ok
17:45:47.0171 0x0f80 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:45:47.0171 0x0f80 RDPWD - ok
17:45:47.0281 0x0f80 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:45:47.0296 0x0f80 RDSessMgr - ok
17:45:47.0328 0x0f80 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:45:47.0328 0x0f80 redbook - ok
17:45:47.0453 0x0f80 [ 8AC155995F5D10FC0D3AD949A1A68075, AF66B760897F2CF6352D726752BF02A64F99EF843906EF2E4C1A63731F6A938E ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
17:45:47.0468 0x0f80 RegSrvc - ok
17:45:47.0546 0x0f80 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:45:47.0546 0x0f80 RemoteAccess - ok
17:45:47.0609 0x0f80 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:45:47.0609 0x0f80 RemoteRegistry - ok
17:45:47.0656 0x0f80 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:45:47.0656 0x0f80 RpcLocator - ok
17:45:47.0828 0x0f80 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:45:47.0843 0x0f80 RpcSs - ok
17:45:47.0968 0x0f80 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:45:47.0984 0x0f80 RSVP - ok
17:45:48.0250 0x0f80 [ 131D50F081D2E29EBD1365B21F6B9736, 402A92A5606C207E38D9AD378C39FC630B177C05D93F1648ADF3329F84DA2908 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
17:45:48.0296 0x0f80 S24EventMonitor - ok
17:45:48.0343 0x0f80 [ E2C6ABCBEFB1D44F6AAEB1CD5D6062D4, 4A9EA5F875F2FF5C5EB551EDAFD5153F024576F40983D8450D3184583A3F2B2F ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
17:45:48.0343 0x0f80 s24trans - ok
17:45:48.0390 0x0f80 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
17:45:48.0390 0x0f80 SamSs - ok
17:45:48.0421 0x0f80 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:45:48.0421 0x0f80 SCardSvr - ok
17:45:48.0562 0x0f80 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:45:48.0562 0x0f80 Schedule - ok
17:45:48.0656 0x0f80 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:45:48.0656 0x0f80 Secdrv - ok
17:45:48.0718 0x0f80 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:45:48.0718 0x0f80 seclogon - ok
17:45:48.0781 0x0f80 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
17:45:48.0781 0x0f80 SENS - ok
17:45:48.0843 0x0f80 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:45:48.0843 0x0f80 serenum - ok
17:45:48.0875 0x0f80 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:45:48.0875 0x0f80 Serial - ok
17:45:48.0953 0x0f80 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:45:48.0953 0x0f80 Sfloppy - ok
17:45:49.0140 0x0f80 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:45:49.0156 0x0f80 SharedAccess - ok
17:45:49.0234 0x0f80 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:45:49.0234 0x0f80 ShellHWDetection - ok
17:45:49.0265 0x0f80 Simbad - ok
17:45:49.0328 0x0f80 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
17:45:49.0328 0x0f80 SONYPVU1 - ok
17:45:49.0343 0x0f80 Sparrow - ok
17:45:49.0375 0x0f80 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:45:49.0375 0x0f80 splitter - ok
17:45:49.0468 0x0f80 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:45:49.0468 0x0f80 Spooler - ok
17:45:49.0578 0x0f80 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:45:49.0578 0x0f80 sr - ok
17:45:49.0656 0x0f80 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
17:45:49.0671 0x0f80 srservice - ok
17:45:49.0781 0x0f80 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:45:49.0812 0x0f80 Srv - ok
17:45:49.0890 0x0f80 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:45:49.0890 0x0f80 SSDPSRV - ok
17:45:50.0000 0x0f80 [ 305CC42945A713347F978D78566113F3, 92D95E1DCCAA5E31AADB061EB7B531337975974961211BFB7C542FB799348034 ] STAC97 C:\WINDOWS\system32\drivers\STAC97.sys
17:45:50.0000 0x0f80 STAC97 - ok
17:45:50.0125 0x0f80 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:45:50.0140 0x0f80 stisvc - ok
17:45:50.0187 0x0f80 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:45:50.0187 0x0f80 swenum - ok
17:45:50.0265 0x0f80 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:45:50.0265 0x0f80 swmidi - ok
17:45:50.0296 0x0f80 SwPrv - ok
17:45:50.0312 0x0f80 symc810 - ok
17:45:50.0312 0x0f80 symc8xx - ok
17:45:50.0328 0x0f80 sym_hi - ok
17:45:50.0328 0x0f80 sym_u3 - ok
17:45:50.0359 0x0f80 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:45:50.0375 0x0f80 sysaudio - ok
17:45:50.0437 0x0f80 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:45:50.0437 0x0f80 SysmonLog - ok
17:45:50.0531 0x0f80 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:45:50.0546 0x0f80 TapiSrv - ok
17:45:50.0718 0x0f80 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:45:50.0718 0x0f80 Tcpip - ok
17:45:50.0750 0x0f80 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:45:50.0750 0x0f80 TDPIPE - ok
17:45:50.0781 0x0f80 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:45:50.0781 0x0f80 TDTCP - ok
17:45:50.0843 0x0f80 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:45:50.0843 0x0f80 TermDD - ok
17:45:50.0953 0x0f80 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
17:45:50.0984 0x0f80 TermService - ok
17:45:51.0046 0x0f80 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:45:51.0062 0x0f80 Themes - ok
17:45:51.0109 0x0f80 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:45:51.0109 0x0f80 TlntSvr - ok
17:45:51.0125 0x0f80 TosIde - ok
17:45:51.0203 0x0f80 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:45:51.0203 0x0f80 TrkWks - ok
17:45:51.0265 0x0f80 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:45:51.0265 0x0f80 Udfs - ok
17:45:51.0281 0x0f80 ultra - ok
17:45:51.0421 0x0f80 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:45:51.0437 0x0f80 Update - ok
17:45:51.0546 0x0f80 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:45:51.0562 0x0f80 upnphost - ok
17:45:51.0625 0x0f80 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
17:45:51.0625 0x0f80 UPS - ok
17:45:51.0843 0x0f80 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:45:51.0843 0x0f80 usbccgp - ok
17:45:52.0203 0x0f80 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:45:52.0203 0x0f80 usbehci - ok
17:45:52.0265 0x0f80 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:45:52.0265 0x0f80 usbhub - ok
17:45:52.0343 0x0f80 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:45:52.0343 0x0f80 usbprint - ok
17:45:52.0406 0x0f80 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:45:52.0421 0x0f80 USBSTOR - ok
17:45:52.0437 0x0f80 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:45:52.0437 0x0f80 usbuhci - ok
17:45:52.0484 0x0f80 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:45:52.0484 0x0f80 VgaSave - ok
17:45:52.0500 0x0f80 ViaIde - ok
17:45:52.0562 0x0f80 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:45:52.0562 0x0f80 VolSnap - ok
17:45:53.0671 0x0f80 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
17:45:53.0687 0x0f80 VSS - ok
17:45:54.0375 0x0f80 [ D6006DE6A6ED423D8016A03BC50CBE6B, DB146F82185274433A474AEFF84EAE517200B9A63F0963348E96BFE8D5454E54 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
17:45:55.0296 0x0f80 w29n51 - ok
17:45:55.0375 0x0f80 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
17:45:55.0390 0x0f80 W32Time - ok
17:45:55.0421 0x0f80 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:45:55.0421 0x0f80 Wanarp - ok
17:45:55.0437 0x0f80 WDICA - ok
17:45:55.0484 0x0f80 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:45:55.0484 0x0f80 wdmaud - ok
17:45:55.0562 0x0f80 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
17:45:55.0562 0x0f80 WebClient - ok
17:45:55.0765 0x0f80 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:45:55.0765 0x0f80 winmgmt - ok
17:45:55.0906 0x0f80 [ 8880769B9F88918E27F8E7332AA1AA01, 5620C9EE1C3E570B289A3C9DF731CD7EA680426FF8673E76DBCDC60C0B915477 ] WLANKEEPER C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
17:45:55.0906 0x0f80 WLANKEEPER - ok
17:45:55.0921 0x0f80 wltrysvc - ok
17:45:55.0984 0x0f80 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:45:55.0984 0x0f80 WmdmPmSN - ok
17:45:56.0203 0x0f80 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:45:56.0218 0x0f80 Wmi - ok
17:45:57.0015 0x0f80 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:45:57.0015 0x0f80 WmiApSrv - ok
17:45:57.0343 0x0f80 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
17:45:57.0562 0x0f80 WMPNetworkSvc - ok
17:45:57.0640 0x0f80 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:45:57.0656 0x0f80 WpdUsb - ok
17:45:57.0937 0x0f80 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:45:57.0968 0x0f80 WPFFontCache_v0400 - ok
17:45:58.0078 0x0f80 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:45:58.0078 0x0f80 wscsvc - ok
17:45:58.0140 0x0f80 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:45:58.0140 0x0f80 wuauserv - ok
17:45:58.0187 0x0f80 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:45:58.0203 0x0f80 WudfPf - ok
17:45:58.0234 0x0f80 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:45:58.0250 0x0f80 WudfRd - ok
17:45:58.0296 0x0f80 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:45:58.0296 0x0f80 WudfSvc - ok
17:45:58.0468 0x0f80 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:45:58.0500 0x0f80 WZCSVC - ok
17:45:58.0593 0x0f80 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:45:58.0609 0x0f80 xmlprov - ok
17:45:58.0609 0x0f80 ================ Scan global ===============================
17:45:58.0703 0x0f80 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
17:45:58.0828 0x0f80 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
17:45:58.0890 0x0f80 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
17:45:58.0968 0x0f80 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
17:45:58.0968 0x0f80 [ Global ] - ok
17:45:58.0968 0x0f80 ================ Scan MBR ==================================
17:45:59.0000 0x0f80 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:46:01.0062 0x0f80 \Device\Harddisk0\DR0 - ok
17:46:01.0062 0x0f80 ================ Scan VBR ==================================
17:46:01.0078 0x0f80 [ 76C1AB3223AF418A267C2A5506BEB975 ] \Device\Harddisk0\DR0\Partition1
17:46:01.0093 0x0f80 \Device\Harddisk0\DR0\Partition1 - ok
17:46:01.0093 0x0f80 ================ Scan generic autorun ======================
17:46:01.0343 0x0f80 [ 0E81905F53B1A2A41558519CDCDC9C61, 50C48BE7FC37FE15D721659A0EA74C968B42E053F50CB52E4A7D873351EB59DE ] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
17:46:01.0375 0x0f80 IntelZeroConfig - ok
17:46:01.0812 0x0f80 [ F8A99D6F2C65C83D9E419164D427F1C6, 42C5249AC6DBB1D60DEE04942A522F5EE9D25B4AD62C28741A33D5A1F870A889 ] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
17:46:01.0843 0x0f80 IntelWireless - ok
17:46:02.0296 0x0f80 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
17:46:02.0328 0x0f80 Adobe ARM - ok
17:46:02.0562 0x0f80 [ E558CDE2913DAA077D4E25732D1AA176, 9A889C1E1EFC85BEEEF184E31888CAA0BC34365C7594543E8798531B4BB9EFB6 ] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
17:46:02.0562 0x0f80 HP Software Update - ok
17:46:02.0625 0x0f80 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
17:46:02.0625 0x0f80 CTFMON.EXE - ok
17:46:02.0640 0x0f80 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
17:46:02.0640 0x0f80 CTFMON.EXE - ok
17:46:02.0640 0x0f80 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
17:46:02.0640 0x0f80 ctfmon.exe - ok
17:46:02.0687 0x0f80 Win FW state via NFM: disabled
17:46:02.0890 0x0f80 ============================================================
17:46:02.0890 0x0f80 Scan finished
17:46:02.0890 0x0f80 ============================================================
17:46:02.0906 0x0944 Detected object count: 0
17:46:02.0906 0x0944 Actual detected object count: 0
Code:
ATTFilter ComboFix 15-01-08.01 - Günni 08.01.2015 17:52:32.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1105 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\G³nni\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$msi31uninstall_kb893803v2$
c:\windows\$msi31uninstall_kb893803v2$\msi.dll
c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe
c:\windows\$msi31uninstall_kb893803v2$\msihnd.dll
c:\windows\$msi31uninstall_kb893803v2$\msimsg.dll
c:\windows\$msi31uninstall_kb893803v2$\msisip.dll
c:\windows\$msi31uninstall_kb893803v2$\reg00013
c:\windows\$msi31uninstall_kb893803v2$\reg00014
c:\windows\$msi31uninstall_kb893803v2$\reg00015
c:\windows\$msi31uninstall_kb893803v2$\reg00016
c:\windows\$msi31uninstall_kb893803v2$\reg00017
c:\windows\$msi31uninstall_kb893803v2$\reg00018
c:\windows\$msi31uninstall_kb893803v2$\reg00019
c:\windows\$msi31uninstall_kb893803v2$\reg00020
c:\windows\$msi31uninstall_kb893803v2$\reg00021
c:\windows\$msi31uninstall_kb893803v2$\reg00022
c:\windows\$msi31uninstall_kb893803v2$\reg00023
c:\windows\$msi31uninstall_kb893803v2$\reg00024
c:\windows\$msi31uninstall_kb893803v2$\reg00025
c:\windows\$msi31uninstall_kb893803v2$\reg00026
c:\windows\$msi31uninstall_kb893803v2$\reg00027
c:\windows\$msi31uninstall_kb893803v2$\reg00028
c:\windows\$msi31uninstall_kb893803v2$\reg00029
c:\windows\$msi31uninstall_kb893803v2$\reg00030
c:\windows\$msi31uninstall_kb893803v2$\reg00031
c:\windows\$msi31uninstall_kb893803v2$\reg00032
c:\windows\$msi31uninstall_kb893803v2$\reg00033
c:\windows\$msi31uninstall_kb893803v2$\reg00034
c:\windows\$msi31uninstall_kb893803v2$\reg00035
c:\windows\$msi31uninstall_kb893803v2$\reg00036
c:\windows\$msi31uninstall_kb893803v2$\reg00037
c:\windows\$msi31uninstall_kb893803v2$\reg00038
c:\windows\$msi31uninstall_kb893803v2$\reg00039
c:\windows\$msi31uninstall_kb893803v2$\reg00040
c:\windows\$msi31uninstall_kb893803v2$\reg00041
c:\windows\$msi31uninstall_kb893803v2$\reg00042
c:\windows\$msi31uninstall_kb893803v2$\reg00043
c:\windows\$msi31uninstall_kb893803v2$\reg00044
c:\windows\$msi31uninstall_kb893803v2$\reg00045
c:\windows\$msi31uninstall_kb893803v2$\reg00046
c:\windows\$msi31uninstall_kb893803v2$\reg00047
c:\windows\$msi31uninstall_kb893803v2$\reg00048
c:\windows\$msi31uninstall_kb893803v2$\reg00051
c:\windows\$msi31uninstall_kb893803v2$\reg00052
c:\windows\$msi31uninstall_kb893803v2$\reg00053
c:\windows\$msi31uninstall_kb893803v2$\reg00054
c:\windows\$msi31uninstall_kb893803v2$\reg00055
c:\windows\$msi31uninstall_kb893803v2$\reg00056
c:\windows\$msi31uninstall_kb893803v2$\reg00057
c:\windows\$msi31uninstall_kb893803v2$\reg00058
c:\windows\$msi31uninstall_kb893803v2$\reg00059
c:\windows\$msi31uninstall_kb893803v2$\reg00060
c:\windows\$msi31uninstall_kb893803v2$\reg00061
c:\windows\$msi31uninstall_kb893803v2$\reg00062
c:\windows\$msi31uninstall_kb893803v2$\reg00063
c:\windows\$msi31uninstall_kb893803v2$\reg00064
c:\windows\$msi31uninstall_kb893803v2$\reg00065
c:\windows\$msi31uninstall_kb893803v2$\reg00066
c:\windows\$msi31uninstall_kb893803v2$\reg00067
c:\windows\$msi31uninstall_kb893803v2$\reg00068
c:\windows\$msi31uninstall_kb893803v2$\reg00069
c:\windows\$msi31uninstall_kb893803v2$\reg00070
c:\windows\$msi31uninstall_kb893803v2$\reg00071
c:\windows\$msi31uninstall_kb893803v2$\reg00072
c:\windows\$msi31uninstall_kb893803v2$\reg00073
c:\windows\$msi31uninstall_kb893803v2$\reg00074
c:\windows\$msi31uninstall_kb893803v2$\reg00075
c:\windows\$msi31uninstall_kb893803v2$\reg00076
c:\windows\$msi31uninstall_kb893803v2$\reg00077
c:\windows\$msi31uninstall_kb893803v2$\reg00078
c:\windows\$msi31uninstall_kb893803v2$\reg00079
c:\windows\$msi31uninstall_kb893803v2$\reg00080
c:\windows\$msi31uninstall_kb893803v2$\reg00081
c:\windows\$msi31uninstall_kb893803v2$\reg00082
c:\windows\$msi31uninstall_kb893803v2$\reg00083
c:\windows\$msi31uninstall_kb893803v2$\reg00084
c:\windows\$msi31uninstall_kb893803v2$\reg00085
c:\windows\$msi31uninstall_kb893803v2$\reg00086
c:\windows\$msi31uninstall_kb893803v2$\reg00087
c:\windows\$msi31uninstall_kb893803v2$\reg00088
c:\windows\$msi31uninstall_kb893803v2$\reg00089
c:\windows\$msi31uninstall_kb893803v2$\reg00090
c:\windows\$msi31uninstall_kb893803v2$\reg00091
c:\windows\$msi31uninstall_kb893803v2$\reg00092
c:\windows\$msi31uninstall_kb893803v2$\reg00093
c:\windows\$msi31uninstall_kb893803v2$\reg00094
c:\windows\$msi31uninstall_kb893803v2$\reg00095
c:\windows\$msi31uninstall_kb893803v2$\reg00096
c:\windows\$msi31uninstall_kb893803v2$\reg00097
c:\windows\$msi31uninstall_kb893803v2$\reg00098
c:\windows\$msi31uninstall_kb893803v2$\reg00099
c:\windows\$msi31uninstall_kb893803v2$\reg00100
c:\windows\$msi31uninstall_kb893803v2$\reg00101
c:\windows\$msi31uninstall_kb893803v2$\reg00102
c:\windows\$msi31uninstall_kb893803v2$\reg00103
c:\windows\$msi31uninstall_kb893803v2$\reg00104
c:\windows\$msi31uninstall_kb893803v2$\reg00105
c:\windows\$msi31uninstall_kb893803v2$\reg00106
c:\windows\$msi31uninstall_kb893803v2$\reg00107
c:\windows\$msi31uninstall_kb893803v2$\reg00108
c:\windows\$msi31uninstall_kb893803v2$\reg00109
c:\windows\$msi31uninstall_kb893803v2$\reg00110
c:\windows\$msi31uninstall_kb893803v2$\reg00111
c:\windows\$msi31uninstall_kb893803v2$\reg00112
c:\windows\$msi31uninstall_kb893803v2$\reg00113
c:\windows\$msi31uninstall_kb893803v2$\reg00114
c:\windows\$msi31uninstall_kb893803v2$\reg00115
c:\windows\$msi31uninstall_kb893803v2$\reg00116
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.exe
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.inf
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.txt
c:\windows\$msi31uninstall_kb893803v2$\spuninst\updspapi.dll
c:\windows\IsUn0407.exe
c:\windows\system32\SET18E.tmp
c:\windows\system32\SET18F.tmp
c:\windows\system32\SET19F.tmp
c:\windows\system32\SET1E5.tmp
c:\windows\system32\SET1F8.tmp
c:\windows\system32\SET1F9.tmp
c:\windows\system32\SET1FA.tmp
c:\windows\system32\SET1FD.tmp
c:\windows\system32\SET212.tmp
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3D.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET45.tmp
.
Infizierte Kopie von c:\windows\system32\kernel32.dll wurde gefunden und desinfiziert
Kopie von - c:\windows\$NtUninstallKB2922229$\kernel32.dll wurde wiederhergestellt
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SYSHOST32
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-08 bis 2015-01-08 ))))))))))))))))))))))))))))))
.
.
2015-01-08 16:02 . 2015-01-08 16:02 -------- d-----w- C:\OETemp
2015-01-08 13:36 . 2015-01-08 13:36 -------- d-----w- C:\TDSSKiller_Quarantine
2015-01-08 07:23 . 2015-01-08 07:25 -------- d-----w- C:\FRST
2015-01-07 18:24 . 2015-01-07 18:24 -------- d-----r- c:\dokumente und einstellungen\LocalService\Favoriten
2015-01-07 16:37 . 2015-01-07 16:37 -------- d-----w- c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AviraSpeedup
2015-01-07 16:35 . 2015-01-08 16:57 -------- d-----w- c:\programme\Avira
2015-01-07 16:35 . 2015-01-08 16:57 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Package Cache
2014-12-29 18:29 . 2014-12-29 18:29 -------- d-----w- c:\dokumente und einstellungen\LocalService\Anwendungsdaten\McAfee
2014-12-26 10:49 . 2014-12-26 10:49 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-26 10:49 . 2013-07-20 17:53 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-26 10:49 . 2013-07-20 17:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-11-27 23:24 294456 ----a-w- c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\programme\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\programme\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-07-06 344064]
"TomcatStartup 2.5"="c:\programme\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-11-12 245760]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
HP Image Zone Schnellstart.lnk - c:\programme\HP\Digital Imaging\bin\hpqthb08.exe -s [2004-11-4 53248]
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Günni^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk]
path=c:\dokumente und einstellungen\Günni\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk
backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
S3 HPPLSBULK;HPPLSBULK;c:\windows\system32\drivers\hpplsbulk.sys [02.02.2005 17:29 9344]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20 10:49]
.
2015-01-08 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2014-03-09 23:28]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=a49796d900000000000000166f6068f3
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=a49796d900000000000000166f6068f3&q=
FF - user.js: extensions.Softonic.id - a49796d900000000000000166f6068f3
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16041
FF - user.js: extensions.Softonic.vrsn - 1.8.21.14
FF - user.js: extensions.Softonic.vrsni - 1.8.21.14
FF - user.js: extensions.Softonic.vrsnTs - 1.8.21.1419:06
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - OC
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - opencandy2013
FF - user.js: extensions.Softonic.instlRef - MOY00621
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=a49796d900000000000000166f6068f3
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=a49796d900000000000000166f6068f3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Status Monitor CLJ1500 - c:\programme\Hewlett-Packard\CLJ1500\\Toolbox\HPPOUMUI.exe
SafeBoot-28969432.sys
SafeBoot-56939687.sys
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0407.EXE
AddRemove-Macromedia FreeHand 9 - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-08 17:58
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
- - - - - - - > 'explorer.exe'(3620)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\Intel\Wireless\Bin\EvtEng.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\Intel\Wireless\Bin\S24EvMon.exe
c:\programme\Intel\Wireless\Bin\WLKeeper.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\programme\Java\jre7\bin\jqs.exe
c:\windows\system32\hpzipm12.exe
c:\programme\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programme\Intel\Wireless\Bin\Dot1XCfg.exe
c:\progra~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
c:\programme\HP\Digital Imaging\bin\hpqgalry.exe
c:\programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-08 18:02:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-01-08 17:02
.
Vor Suchlauf: 15 Verzeichnis(se), 35.260.530.688 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 36.199.657.472 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F5C7C96426C4E9C21CB0850DC754C003
72B8CE41AF0DE751C946802B3ED844B4
Geändert von hitboxer (08.01.2015 um 17:58 Uhr) |
|
08.01.2015, 18:55
| #12 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.01.2015, 07:15
| #13 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-Mails Sooo... Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 09.01.2015 Scan Time: 06:31:36 Logfile: malwarebytes.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.01.09.04 Rootkit Database: v2015.01.07.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: Günni Scan Type: Threat Scan Result: Completed Objects Scanned: 315555 Time Elapsed: 13 min, 22 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 5 PUP.Optional.OpenCandy, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\OpenCandy, , [be9aa451ec9d55e16701a1906c9714ec], PUP.Optional.OpenCandy, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\OpenCandy\7AF532B575A54141944C032933E3806C, , [be9aa451ec9d55e16701a1906c9714ec], PUP.Optional.OpenCandy, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\OpenCandy\FCEF29E701E74E849C464B2E165E1789, , [be9aa451ec9d55e16701a1906c9714ec], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0, , [2632f1044445f442862eff39a55e46ba], Files: 46 PUP.Optional.OpenCandy.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\OpenCandy\FCEF29E701E74E849C464B2E165E1789\Setupsft_chr_p1v7.exe, , [5206bf36bacf033331551244d23316ea], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\searchplugins\softonic.xml, , [ed6b47aee6a3e94db538534b63a0e020], PUP.Optional.OpenCandy, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\OpenCandy\7AF532B575A54141944C032933E3806C\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe, , [be9aa451ec9d55e16701a1906c9714ec], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json, , [2632f1044445f442862eff39a55e46ba], PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.admin", false);), ,[3a1e33c20386013533e104c49b6acc34] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ferences /* Do not edit this file. * ), ,[5cfc14e1c4c51a1c22f2b612759006fa] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (references /* Do not edit this file. * * If you make changes to this file ), ,[4d0b20d5c6c3e353d3416d5b60a57f81] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (e. * * If you make changes to this file while t), ,[a6b226cf3455fe380e060bbd1ce902fe] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ces /* Do not edit this file. * * If you), ,[99bf19dca1e89c9a50c49c2c30d57b85] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (erences /* Do not edit this file. * * If ), ,[2b2d08ed96f36fc725ef5771877ecf31] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (rences /* Do not edit this file. * * If), ,[5800d421bdcc59dd25effdcb13f2837d] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ferences /* Do not edit this file. * * If), ,[9abe60952663a096b65ee2e61aebdf21] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (rences /* Do not edit this file. * * If you m), ,[fd5b4baaf0994cea91834187c5404fb1] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (es /* Do not edit this file. * * If y), ,[f95fe11478119c9aa56f0abee91ceb15] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (references /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be ove), ,[5701ed08d5b47eb83fd53e8ac83dc43c] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (tion is running, * the changes will be overwritten when the applicatio), ,[da7e01f4e1a8d85ef3214286e02522de] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: ( this file. * * If you make changes to this fil), ,[90c82dc8a7e2b185a3713e8a9075cb35] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ces /* Do not edit this file. * * If you make c), ,[95c3b243583154e2ec289830ae57a35d] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: ( /* Do not edit this file. * * If you m), ,[e96fae47c0c916206ea6775161a42ed2] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwrit), ,[60f8b83d6f1a2e08b460656343c243bd] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (n is running, * the changes will be overwritten w), ,[c5930ce92762e84e0b09e9df44c19c64] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ces /* Do not edit this file. * * If you make ), ,[15438c69a6e3bb7b22f23791bc49cf31] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (s /* Do not edit this file. * * If you m), ,[1e3a61943a4f0c2a0311c008dd28a759] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (erences /* Do not edit this file. * * If y), ,[e078797ca2e79c9a3cd8fccc58ad9e62] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ences /* Do not edit this file. * * If you make changes to this f), ,[b0a82bca6f1aef4755bf5f6952b360a0] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: ( this file. * * If you make changes to this file whil), ,[58004fa6a3e646f020f40eba61a449b7] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: ( /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the a), ,[68f04baa622796a0b95b3d8b74910bf5] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (s running, * the changes will be overwritten when), ,[8ace896cfd8c0a2cf61e5a6edb2a4bb5] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ces /* Do not edit this file. * * If you make changes ), ,[4711a84d0485f44237dd973117ee728e] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (Do not edit this file. * * If you make changes t), ,[a4b46e870f7a1c1a0311a127ee171be5] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=a49796d900000000000000166f6068f3");), ,[93c5f6ffd5b486b044d88246e3226b95] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (ity.typeaheadfind.flashBar", 0); user_pref("app.update.backgroundErrors", 1); user_pref("app.update.lastUpdateTime.addon-background-update-time), ,[d682a05505844cea0d0f8e3ab74ebd43] PUP.Optional.Softonic.A, C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\prefs.js, Good: (), Bad: (eTime.addon-background-update-timer", 1420781430); user_pref("app.update.lastUpdateTime.background-update-timer", 1420706242); user_pref("app.upda), ,[bc9ca451afda132340dc676139cc04fc] Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v4.107 - Bericht erstellt am 09/01/2015 um 07:01:18
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzername : Günni - G-95B0E170C0764
# Gestartet von : C:\Dokumente und Einstellungen\Günni\Desktop\AdwCleaner_4.107.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\foxydeal.sqlite
Datei Gelöscht : C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E32160D6-15C3-4F11-9715-5514E6E950B6}
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v8.0.6001.18702
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v34.0.5 (x86 de)
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=a49796d900000000000000166f6068f3");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.id", "a49796d900000000000000166f6068f3");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16041");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=a49796d900000000000000166f6068f3");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=a49796d900000000000000166f6068f3&q=");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1419:06:59");
[kc8u2sfr.default\prefs.js] - Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [4890 octets] - [09/01/2015 06:59:19]
AdwCleaner[S0].txt - [4954 octets] - [09/01/2015 07:01:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5014 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by Gnni on 09.01.2015 at 7:04:59,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.01.2015 at 7:07:27,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Günni (administrator) on G-95B0E170C0764 on 09-01-2015 07:17:08
Running from C:\Dokumente und Einstellungen\Günni\Desktop
Loaded Profile: Günni (Available profiles: Günni)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
(Hewlett-Packard Company) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
(Hewlett-Packard) C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
() C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelZeroConfig] => C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe [819200 2007-02-21] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe [970752 2007-02-21] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2004-09-13] (Hewlett-Packard Company)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [1392640 2007-03-16] (Dell Inc.)
HKLM\...\Run: [ATIPTA] => C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-07-06] (ATI Technologies, Inc.)
HKLM\...\Run: [TomcatStartup 2.5] => C:\Programme\Hewlett-Packard\Toolbox\hpbpsttp.exe [245760 2004-11-12] (Hewlett-Packard)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
ShortcutTarget: HP Image Zone Schnellstart.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\abs@avira.com [2015-01-07]
FF Extension: ProxTube - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-22]
Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-07-20] (Oracle Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2014-12-10] (Mozilla Foundation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
R2 WLANKEEPER; C:\Programme\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-02-21] (Intel(R) Corporation) [File not signed]
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.) [File not signed]
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2013-07-20] (Meetinghouse Data Communications) [File not signed]
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-03-29] (Adaptec, Inc.) [File not signed]
S3 Dot4Scan; C:\WINDOWS\System32\DRIVERS\Dot4Scan.sys [8704 2001-08-17] (Microsoft Corporation)
S3 HPPLSBULK; C:\WINDOWS\System32\drivers\hpplsbulk.sys [9344 2005-02-02] (Hewlett Packard)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2005-01-17] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2004-12-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2004-12-24] (HP)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [273168 2005-03-10] (SigmaTel, Inc.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2209408 2007-02-08] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 07:07 - 2015-01-09 07:07 - 00000581 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\JRT.txt
2015-01-09 07:05 - 2015-01-09 07:05 - 00000000 ____D () C:\WINDOWS\LastGood
2015-01-09 07:04 - 2015-01-09 07:04 - 01707939 _____ (Thisisu) C:\Dokumente und Einstellungen\Günni\Desktop\JRT.exe
2015-01-09 07:04 - 2015-01-09 07:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-09 07:03 - 2015-01-09 07:03 - 00005094 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\AdwCleaner[S0].txt
2015-01-09 06:59 - 2015-01-09 07:01 - 00000000 ____D () C:\AdwCleaner
2015-01-09 06:59 - 2015-01-09 06:59 - 02191360 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\AdwCleaner_4.107.exe
2015-01-09 06:57 - 2015-01-09 06:57 - 00013257 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\malwarebytes.txt
2015-01-09 06:31 - 2015-01-09 06:31 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 06:30 - 2015-01-09 06:30 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-09 06:30 - 2015-01-09 06:30 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware
2015-01-09 06:30 - 2015-01-09 06:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware
2015-01-09 06:30 - 2015-01-09 06:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-01-09 06:30 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-09 06:30 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-08 18:02 - 2015-01-08 18:02 - 00016095 _____ () C:\ComboFix.txt
2015-01-08 18:02 - 2015-01-08 18:02 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-01-08 18:02 - 2015-01-08 18:02 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-01-08 17:56 - 2015-01-08 17:56 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2015-01-08 17:51 - 2015-01-08 17:51 - 00000000 _RSHD () C:\cmdcons
2015-01-08 17:51 - 2015-01-08 17:05 - 00000211 _____ () C:\Boot.bak
2015-01-08 17:51 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2015-01-08 17:47 - 2015-01-08 18:02 - 00000000 ____D () C:\Qoobox
2015-01-08 17:47 - 2015-01-08 18:01 - 00000000 ____D () C:\WINDOWS\erdnt
2015-01-08 17:47 - 2015-01-08 17:47 - 00000000 ___RD () C:\Dokumente und Einstellungen\Günni\Startmenü\Programme\Verwaltung
2015-01-08 17:47 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-01-08 17:47 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-01-08 17:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-01-08 17:45 - 2015-01-08 17:46 - 05609736 ____R (Swearware) C:\Dokumente und Einstellungen\Günni\Desktop\ComboFix.exe
2015-01-08 17:02 - 2015-01-08 17:02 - 00000000 ____D () C:\OETemp
2015-01-08 14:36 - 2015-01-08 14:36 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-08 09:39 - 2015-01-08 09:40 - 01174352 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\TDSSKiller - CHIP-Installer.exe
2015-01-08 08:25 - 2015-01-08 08:25 - 00044803 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\Addition2.txt
2015-01-08 08:23 - 2015-01-09 07:17 - 00010882 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\FRST.txt
2015-01-08 08:23 - 2015-01-09 07:17 - 00000000 ____D () C:\FRST
2015-01-08 08:23 - 2015-01-08 08:25 - 00023137 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\FRST2.txt
2015-01-08 08:23 - 2015-01-08 08:23 - 01115648 _____ (Farbar) C:\Dokumente und Einstellungen\Günni\Desktop\FRST.exe
2015-01-07 20:16 - 2015-01-08 17:56 - 00269310 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2015-01-07 20:16 - 2015-01-08 17:56 - 00269310 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1482476501-1409082233-682003330-1003-0.dat
2015-01-07 17:37 - 2015-01-07 17:37 - 00063600 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AviraSpeedup
2015-01-07 17:35 - 2015-01-08 17:57 - 00000000 ____D () C:\Programme\Avira
2015-01-07 17:35 - 2015-01-07 17:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
2014-12-29 19:29 - 2014-12-29 19:29 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
2014-12-26 11:49 - 2014-12-26 11:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
2014-12-10 19:26 - 2014-12-10 19:27 - 00000000 ____D () C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 07:17 - 2013-07-20 18:53 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-09 07:17 - 2013-07-20 18:11 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp
2015-01-09 07:05 - 2014-04-09 17:23 - 00018588 _____ () C:\WINDOWS\KB2922229.log
2015-01-09 07:05 - 2013-07-20 18:05 - 01572184 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 07:02 - 2013-07-22 11:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2015-01-09 07:02 - 2013-07-20 18:59 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-09 07:02 - 2013-07-20 18:59 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-01-09 07:02 - 2013-07-20 18:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-09 07:02 - 2004-08-04 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-09 07:01 - 2013-07-20 18:11 - 00000300 ___SH () C:\Dokumente und Einstellungen\Günni\ntuser.ini
2015-01-09 07:01 - 2013-07-20 18:10 - 00032466 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-09 06:30 - 2013-07-20 18:56 - 00000000 ___RD () C:\Programme
2015-01-09 06:30 - 2013-07-20 18:56 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-08 18:21 - 2013-07-20 18:10 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-01-08 17:58 - 2004-08-04 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-08 17:57 - 2013-07-20 19:53 - 27787264 _____ () C:\WINDOWS\system32\config\software.bak
2015-01-08 17:57 - 2013-07-20 19:53 - 04194304 _____ () C:\WINDOWS\system32\config\system.bak
2015-01-08 17:57 - 2013-07-20 19:53 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2015-01-08 17:57 - 2013-07-20 18:55 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2015-01-08 17:57 - 2013-07-20 18:55 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2015-01-08 17:51 - 2013-07-20 19:54 - 00000327 __RSH () C:\boot.ini
2015-01-08 17:47 - 2013-07-20 18:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\Günni\Startmenü\Programme
2015-01-08 17:11 - 2013-08-15 19:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-08 17:05 - 2013-07-22 10:46 - 00000000 ____D () C:\WINDOWS\pss
2015-01-08 17:05 - 2013-07-20 18:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\Günni\Startmenü\Programme\Autostart
2015-01-08 17:05 - 2004-08-04 13:00 - 00000623 _____ () C:\WINDOWS\win.ini
2015-01-08 17:03 - 2013-07-20 18:56 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-01-08 17:02 - 2013-07-20 18:55 - 00685487 _____ () C:\WINDOWS\setupapi.log
2015-01-08 15:00 - 2014-03-09 19:13 - 00000216 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-08 14:42 - 2014-04-10 17:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Eigene Dateien\Mein Steuer-Sparbuch Heute
2015-01-07 19:45 - 2014-01-22 19:35 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-01-07 19:24 - 2013-07-20 18:10 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService
2015-01-07 17:56 - 2013-07-20 19:47 - 00000000 ____D () C:\WINDOWS\repair
2015-01-07 17:56 - 2013-07-20 18:03 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-07 17:33 - 2013-07-20 18:56 - 01250612 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-29 19:54 - 2013-08-14 20:23 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Eigene Dateien\Günni
2014-12-26 11:49 - 2013-07-20 18:53 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-26 11:49 - 2013-07-20 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-26 11:48 - 2013-07-20 18:52 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-12-12 20:10 - 2013-07-20 18:46 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\Quarantine.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by Günni at 2015-01-09 07:17:55
Running from C:\Dokumente und Einstellungen\Günni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ATI - Dienstprogramm zur Deinstallation der Software (HKLM\...\All ATI Software) (Version: 6.14.10.1012 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5154 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.131.1.2-050706a-025030C-Dell - )
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 42xx - SigmaTel)
CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.)
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dolphin Futures XPS Viewer version 1.1.0 (HKLM\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.18.1128 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version: - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB932716-v2) (HKLM\...\KB932716-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
HP Color LaserJet 2820/2830/2840 2.0 (HKLM\...\{1030DCDC-2425-407d-BEE1-13558B837FCA}) (Version: 2.0 - HP)
HP Extended Capabilities 4.7 (HKLM\...\HPExtendedCapabilities) (Version: 4.7 - HP)
HP Image Zone 4.7 (HKLM\...\HP Photo & Imaging) (Version: 4.7 - HP)
HP Software Update (HKLM\...\{64FC0C98-B035-4530-B15D-3D30610B6DF1}) (Version: 3.0.2.991 - Hewlett-Packard)
hpp2800usg (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppCLJ2800 (Version: 002.000.00004 - Ihr Firmenname) Hidden
hppDustDevil (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppFaxDrv (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppFonts (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppIOFiles (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppManuals2800 (Version: 002.000.00004 - Ihr Firmenname) Hidden
hppscan2800 (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppScanTo (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppSendFax (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppTooCool (Version: 002.000.00004 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 45.4.158.000 - Hewlett-Packard) Hidden
mCore (Version: 9.03.0000 - Intel Corporation) Hidden
mDriver (Version: 9.03.0000 - Intel) Hidden
mDrWiFi (Version: 9.03.0000 - Intel Corporation) Hidden
mHlpDell (Version: 9.03.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{91110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIWA (Version: 9.03.0000 - Intel Corporation) Hidden
mLogView (Version: 9.03.0000 - Intel Corporation) Hidden
mMHouse (Version: 9.03.0000 - Intel Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
mPfMgr (Version: 9.03.0000 - Intel Corporation) Hidden
mPfWiz (Version: 9.03.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSCfg (Version: 9.03.0000 - Intel Corporation) Hidden
mSSO (Version: 9.03.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mWMI (Version: 9.03.0000 - Intel Corporation) Hidden
mZConfig (Version: 9.03.0000 - Intel Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Scan (Version: 4.9.0.0 - Hewlett-Packard) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2803821) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB973540) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB975558) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB978695) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2846071) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-1482476501-1409082233-682003330-1003\...\{3813890B-1DC2-414C-BDED-833ECC575B97}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Restore Points =========================
25-10-2014 13:49:52 Systemprüfpunkt
15-11-2014 17:19:25 Systemprüfpunkt
08-01-2015 08:46:33 Systemprüfpunkt
08-01-2015 17:06:55 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 13:00 - 2015-01-08 17:58 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2007-02-21 10:13 - 2007-02-21 10:13 - 00118784 _____ () C:\Programme\Intel\Wireless\Bin\IWMSPROV.DLL
2013-07-20 18:13 - 2007-03-16 17:10 - 00020480 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2013-07-20 18:13 - 2007-03-16 17:10 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2014-01-26 16:07 - 2014-01-26 16:07 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f79e5a2c\mscorlib.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9ff81078\system.windows.forms.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_413305d7\system.dll
2014-01-26 16:07 - 2014-01-26 16:07 - 00843776 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_04fb2de0\system.drawing.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_a7f44f6e\system.xml.dll
2006-10-17 15:13 - 2006-10-17 15:13 - 01167360 _____ () C:\Programme\Intel\Wireless\Bin\acAuth.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00020572 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
2014-01-22 19:57 - 2014-01-22 19:57 - 00802901 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\hotspot\jvm.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00028776 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\hpi.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00053342 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\verify.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00094308 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\java.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00053349 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\zip.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00032864 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\net.dll
2014-01-22 19:58 - 2004-08-20 14:02 - 00102400 _____ () C:\WINDOWS\system32\PMLJNI.dll
2014-01-22 19:58 - 2005-02-03 18:31 - 00032768 _____ () C:\WINDOWS\system32\compJNI.dll
2014-01-22 19:58 - 2003-06-16 22:52 - 00074752 _____ () C:\WINDOWS\system32\jst.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^Günni^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk => C:\WINDOWS\pss\WISO Mein Steuer-Sparbuch heute.lnkStartup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1482476501-1409082233-682003330-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1482476501-1409082233-682003330-1004 - Limited - Enabled)
Gast (S-1-5-21-1482476501-1409082233-682003330-501 - Limited - Disabled)
Günni (S-1-5-21-1482476501-1409082233-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Günni
Hilfeassistent (S-1-5-21-1482476501-1409082233-682003330-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1482476501-1409082233-682003330-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Modem
Description: PCI-Modem
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
System errors:
=============
Error: (01/09/2015 07:05:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/09/2015 07:03:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 07:03:14 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (01/09/2015 07:03:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 07:03:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 07:02:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 07:02:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error: (01/09/2015 07:02:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 07:01:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Pml Driver HPZ12" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/09/2015 06:28:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) M processor 2.13GHz
Percentage of memory in use: 23%
Total physical RAM: 2047.39 MB
Available physical RAM: 1562.06 MB
Total Pagefile: 3940.23 MB
Available Pagefile: 3608.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:33.58 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 23F12D67)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
09.01.2015, 09:27
| #14 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team Sicherheitswarnung: Spam-MailsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.01.2015, 10:50
| #15 |
| | Telekom Abuse Team Sicherheitswarnung: Spam-MailsCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4ca3f73b3e1046408587e75c31c99ee8
# engine=21881
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-09 09:40:11
# local_time=2015-01-09 10:40:11 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1031
# osver=5.1.2600 NT Service Pack 3
# scanned=72373
# found=3
# cleaned=0
# scan_time=3428
sh=F0F6CD79E7291129B01CE1B409E78410A2222C47 ft=1 fh=5c370a7205b4e47c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Günni\Desktop\TDSSKiller - CHIP-Installer.exe"
sh=9F88FAFD3EC8D859CF1572EDC559C9A9D28FDAF6 ft=1 fh=40d54a77a22c7c02 vn="Variante von Win32/Rootkit.Kryptik.ZG Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\08.01.2015_09.47.57\necurs0000\svc0000\tsk0000.dta"
sh=7FF4F9EA1A4D9D936727679D35ABE1F84F7B8565 ft=1 fh=315b23a41cb66ac2 vn="Variante von Win32/Kryptik.CHDW Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\08.01.2015_09.47.57\uds0000\svc0000\tsk0000.dta"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Günni (administrator) on G-95B0E170C0764 on 09-01-2015 10:57:27
Running from C:\Dokumente und Einstellungen\Günni\Desktop
Loaded Profile: Günni (Available profiles: Günni)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation ) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
(Hewlett-Packard Company) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
(Intel Corporation) C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
(Hewlett-Packard) C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
() C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelZeroConfig] => C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe [819200 2007-02-21] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe [970752 2007-02-21] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2004-09-13] (Hewlett-Packard Company)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [1392640 2007-03-16] (Dell Inc.)
HKLM\...\Run: [ATIPTA] => C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-07-06] (ATI Technologies, Inc.)
HKLM\...\Run: [TomcatStartup 2.5] => C:\Programme\Hewlett-Packard\Toolbox\hpbpsttp.exe [245760 2004-11-12] (Hewlett-Packard)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
ShortcutTarget: HP Image Zone Schnellstart.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1482476501-1409082233-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\abs@avira.com [2015-01-07]
FF Extension: ProxTube - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Günni\Anwendungsdaten\Mozilla\Firefox\Profiles\kc8u2sfr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-22]
Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 EvtEng; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-07-20] (Oracle Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2014-12-10] (Mozilla Foundation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S2 RegSrvc; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
R2 WLANKEEPER; C:\Programme\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-02-21] (Intel(R) Corporation) [File not signed]
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.) [File not signed]
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2013-07-20] (Meetinghouse Data Communications) [File not signed]
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-03-29] (Adaptec, Inc.) [File not signed]
S3 Dot4Scan; C:\WINDOWS\System32\DRIVERS\Dot4Scan.sys [8704 2001-08-17] (Microsoft Corporation)
S3 HPPLSBULK; C:\WINDOWS\System32\drivers\hpplsbulk.sys [9344 2005-02-02] (Hewlett Packard)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2005-01-17] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2004-12-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2004-12-24] (HP)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [273168 2005-03-10] (SigmaTel, Inc.)
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2209408 2007-02-08] (Intel® Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 10:56 - 2015-01-09 10:56 - 00852505 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\SecurityCheck.exe
2015-01-09 10:54 - 2015-01-09 10:54 - 00000383 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\esetttt.txt
2015-01-09 09:38 - 2015-01-09 09:38 - 02347384 _____ (ESET) C:\Dokumente und Einstellungen\Günni\Desktop\esetsmartinstaller_deu.exe
2015-01-09 09:38 - 2015-01-09 09:38 - 00000000 ____D () C:\Programme\ESET
2015-01-09 07:07 - 2015-01-09 07:07 - 00000581 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\JRT.txt
2015-01-09 07:05 - 2015-01-09 07:05 - 00000000 ____D () C:\WINDOWS\LastGood
2015-01-09 07:04 - 2015-01-09 07:04 - 01707939 _____ (Thisisu) C:\Dokumente und Einstellungen\Günni\Desktop\JRT.exe
2015-01-09 07:04 - 2015-01-09 07:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-09 07:03 - 2015-01-09 07:03 - 00005094 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\AdwCleaner[S0].txt
2015-01-09 06:59 - 2015-01-09 07:01 - 00000000 ____D () C:\AdwCleaner
2015-01-09 06:59 - 2015-01-09 06:59 - 02191360 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\AdwCleaner_4.107.exe
2015-01-09 06:57 - 2015-01-09 06:57 - 00013257 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\malwarebytes.txt
2015-01-09 06:31 - 2015-01-09 06:31 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 06:30 - 2015-01-09 06:30 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-09 06:30 - 2015-01-09 06:30 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware
2015-01-09 06:30 - 2015-01-09 06:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware
2015-01-09 06:30 - 2015-01-09 06:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-01-09 06:30 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-09 06:30 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-08 18:02 - 2015-01-08 18:02 - 00016095 _____ () C:\ComboFix.txt
2015-01-08 18:02 - 2015-01-08 18:02 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-01-08 18:02 - 2015-01-08 18:02 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-01-08 17:56 - 2015-01-08 17:56 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2015-01-08 17:56 - 2015-01-08 17:56 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2015-01-08 17:51 - 2015-01-08 17:51 - 00000000 _RSHD () C:\cmdcons
2015-01-08 17:51 - 2015-01-08 17:05 - 00000211 _____ () C:\Boot.bak
2015-01-08 17:51 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2015-01-08 17:47 - 2015-01-08 18:02 - 00000000 ____D () C:\Qoobox
2015-01-08 17:47 - 2015-01-08 18:01 - 00000000 ____D () C:\WINDOWS\erdnt
2015-01-08 17:47 - 2015-01-08 17:47 - 00000000 ___RD () C:\Dokumente und Einstellungen\Günni\Startmenü\Programme\Verwaltung
2015-01-08 17:47 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-01-08 17:47 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-01-08 17:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-01-08 17:47 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-01-08 17:45 - 2015-01-08 17:46 - 05609736 ____R (Swearware) C:\Dokumente und Einstellungen\Günni\Desktop\ComboFix.exe
2015-01-08 17:02 - 2015-01-08 17:02 - 00000000 ____D () C:\OETemp
2015-01-08 14:36 - 2015-01-08 14:36 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-08 09:39 - 2015-01-08 09:40 - 01174352 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\TDSSKiller - CHIP-Installer.exe
2015-01-08 08:25 - 2015-01-08 08:25 - 00044803 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\Addition2.txt
2015-01-08 08:23 - 2015-01-09 10:57 - 00010907 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\FRST.txt
2015-01-08 08:23 - 2015-01-09 10:57 - 00000000 ____D () C:\FRST
2015-01-08 08:23 - 2015-01-08 08:25 - 00023137 _____ () C:\Dokumente und Einstellungen\Günni\Desktop\FRST2.txt
2015-01-08 08:23 - 2015-01-08 08:23 - 01115648 _____ (Farbar) C:\Dokumente und Einstellungen\Günni\Desktop\FRST.exe
2015-01-07 20:16 - 2015-01-08 17:56 - 00269310 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2015-01-07 20:16 - 2015-01-08 17:56 - 00269310 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1482476501-1409082233-682003330-1003-0.dat
2015-01-07 17:37 - 2015-01-07 17:37 - 00063600 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-01-07 17:37 - 2015-01-07 17:37 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AviraSpeedup
2015-01-07 17:35 - 2015-01-08 17:57 - 00000000 ____D () C:\Programme\Avira
2015-01-07 17:35 - 2015-01-07 17:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
2014-12-29 19:29 - 2014-12-29 19:29 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
2014-12-26 11:49 - 2014-12-26 11:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
2014-12-10 19:26 - 2014-12-10 19:27 - 00000000 ____D () C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-09 10:57 - 2013-07-20 18:11 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp
2015-01-09 10:17 - 2013-07-20 18:53 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-09 09:38 - 2013-07-20 18:56 - 00000000 ___RD () C:\Programme
2015-01-09 07:05 - 2014-04-09 17:23 - 00018588 _____ () C:\WINDOWS\KB2922229.log
2015-01-09 07:05 - 2013-07-20 18:05 - 01572409 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 07:02 - 2013-07-22 11:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2015-01-09 07:02 - 2013-07-20 18:59 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-09 07:02 - 2013-07-20 18:59 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-01-09 07:02 - 2013-07-20 18:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-09 07:02 - 2004-08-04 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-09 07:01 - 2013-07-20 18:11 - 00000300 ___SH () C:\Dokumente und Einstellungen\Günni\ntuser.ini
2015-01-09 07:01 - 2013-07-20 18:10 - 00032466 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-09 06:30 - 2013-07-20 18:56 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-08 18:21 - 2013-07-20 18:10 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-01-08 17:58 - 2004-08-04 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-08 17:57 - 2013-07-20 19:53 - 27787264 _____ () C:\WINDOWS\system32\config\software.bak
2015-01-08 17:57 - 2013-07-20 19:53 - 04194304 _____ () C:\WINDOWS\system32\config\system.bak
2015-01-08 17:57 - 2013-07-20 19:53 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2015-01-08 17:57 - 2013-07-20 18:55 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2015-01-08 17:57 - 2013-07-20 18:55 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2015-01-08 17:51 - 2013-07-20 19:54 - 00000327 __RSH () C:\boot.ini
2015-01-08 17:47 - 2013-07-20 18:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\Günni\Startmenü\Programme
2015-01-08 17:11 - 2013-08-15 19:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-08 17:05 - 2013-07-22 10:46 - 00000000 ____D () C:\WINDOWS\pss
2015-01-08 17:05 - 2013-07-20 18:11 - 00000000 ___RD () C:\Dokumente und Einstellungen\Günni\Startmenü\Programme\Autostart
2015-01-08 17:05 - 2004-08-04 13:00 - 00000623 _____ () C:\WINDOWS\win.ini
2015-01-08 17:03 - 2013-07-20 18:56 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-01-08 17:02 - 2013-07-20 18:55 - 00685487 _____ () C:\WINDOWS\setupapi.log
2015-01-08 15:00 - 2014-03-09 19:13 - 00000216 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-08 14:42 - 2014-04-10 17:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Eigene Dateien\Mein Steuer-Sparbuch Heute
2015-01-07 19:45 - 2014-01-22 19:35 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-01-07 19:24 - 2013-07-20 18:10 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService
2015-01-07 17:56 - 2013-07-20 19:47 - 00000000 ____D () C:\WINDOWS\repair
2015-01-07 17:56 - 2013-07-20 18:03 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-07 17:33 - 2013-07-20 18:56 - 01250612 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-29 19:54 - 2013-08-14 20:23 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Eigene Dateien\Günni
2014-12-26 11:49 - 2013-07-20 18:53 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-26 11:49 - 2013-07-20 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-26 11:48 - 2013-07-20 18:52 - 00000000 ____D () C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-12-12 20:10 - 2013-07-20 18:46 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\Quarantine.exe
C:\Dokumente und Einstellungen\Günni\Lokale Einstellungen\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by Günni at 2015-01-09 10:58:06
Running from C:\Dokumente und Einstellungen\Günni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ATI - Dienstprogramm zur Deinstallation der Software (HKLM\...\All ATI Software) (Version: 6.14.10.1012 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5154 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.131.1.2-050706a-025030C-Dell - )
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 42xx - SigmaTel)
CP_PLSBusinessFlyers (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.)
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Dolphin Futures XPS Viewer version 1.1.0 (HKLM\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.18.1128 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version: - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB932716-v2) (HKLM\...\KB932716-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
HP Color LaserJet 2820/2830/2840 2.0 (HKLM\...\{1030DCDC-2425-407d-BEE1-13558B837FCA}) (Version: 2.0 - HP)
HP Extended Capabilities 4.7 (HKLM\...\HPExtendedCapabilities) (Version: 4.7 - HP)
HP Image Zone 4.7 (HKLM\...\HP Photo & Imaging) (Version: 4.7 - HP)
HP Software Update (HKLM\...\{64FC0C98-B035-4530-B15D-3D30610B6DF1}) (Version: 3.0.2.991 - Hewlett-Packard)
hpp2800usg (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppCLJ2800 (Version: 002.000.00004 - Ihr Firmenname) Hidden
hppDustDevil (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppFaxDrv (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppFonts (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppIOFiles (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppManuals2800 (Version: 002.000.00004 - Ihr Firmenname) Hidden
hppscan2800 (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppScanTo (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppSendFax (Version: 002.000.00004 - Hewlett-Packard) Hidden
hppTooCool (Version: 002.000.00004 - Hewlett-Packard) Hidden
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 45.4.158.000 - Hewlett-Packard) Hidden
mCore (Version: 9.03.0000 - Intel Corporation) Hidden
mDriver (Version: 9.03.0000 - Intel) Hidden
mDrWiFi (Version: 9.03.0000 - Intel Corporation) Hidden
mHlpDell (Version: 9.03.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{91110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIWA (Version: 9.03.0000 - Intel Corporation) Hidden
mLogView (Version: 9.03.0000 - Intel Corporation) Hidden
mMHouse (Version: 9.03.0000 - Intel Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
mPfMgr (Version: 9.03.0000 - Intel Corporation) Hidden
mPfWiz (Version: 9.03.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSCfg (Version: 9.03.0000 - Intel Corporation) Hidden
mSSO (Version: 9.03.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mWMI (Version: 9.03.0000 - Intel Corporation) Hidden
mZConfig (Version: 9.03.0000 - Intel Corporation) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Scan (Version: 4.9.0.0 - Hewlett-Packard) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2803821) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB973540) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB975558) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB978695) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2846071) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-1482476501-1409082233-682003330-1003\...\{3813890B-1DC2-414C-BDED-833ECC575B97}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1409082233-682003330-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Restore Points =========================
25-10-2014 13:49:52 Systemprüfpunkt
15-11-2014 17:19:25 Systemprüfpunkt
08-01-2015 08:46:33 Systemprüfpunkt
08-01-2015 17:06:55 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 13:00 - 2015-01-08 17:58 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2007-02-21 10:13 - 2007-02-21 10:13 - 00118784 _____ () C:\Programme\Intel\Wireless\Bin\IWMSPROV.DLL
2013-07-20 18:13 - 2007-03-16 17:10 - 00020480 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2013-07-20 18:13 - 2007-03-16 17:10 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2014-01-26 16:07 - 2014-01-26 16:07 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f79e5a2c\mscorlib.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9ff81078\system.windows.forms.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_413305d7\system.dll
2014-01-26 16:07 - 2014-01-26 16:07 - 00843776 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_04fb2de0\system.drawing.dll
2014-01-26 16:06 - 2014-01-26 16:06 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_a7f44f6e\system.xml.dll
2006-10-17 15:13 - 2006-10-17 15:13 - 01167360 _____ () C:\Programme\Intel\Wireless\Bin\acAuth.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00020572 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
2014-01-22 19:57 - 2014-01-22 19:57 - 00802901 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\hotspot\jvm.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00028776 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\hpi.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00053342 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\verify.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00094308 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\java.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00053349 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\zip.dll
2014-01-22 19:57 - 2014-01-22 19:57 - 00032864 _____ () C:\Programme\Hewlett-Packard\Toolbox\jre\bin\net.dll
2014-01-22 19:58 - 2004-08-20 14:02 - 00102400 _____ () C:\WINDOWS\system32\PMLJNI.dll
2014-01-22 19:58 - 2005-02-03 18:31 - 00032768 _____ () C:\WINDOWS\system32\compJNI.dll
2014-01-22 19:58 - 2003-06-16 22:52 - 00074752 _____ () C:\WINDOWS\system32\jst.dll
2014-12-10 19:26 - 2014-12-10 19:26 - 03758192 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^Günni^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk => C:\WINDOWS\pss\WISO Mein Steuer-Sparbuch heute.lnkStartup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1482476501-1409082233-682003330-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1482476501-1409082233-682003330-1004 - Limited - Enabled)
Gast (S-1-5-21-1482476501-1409082233-682003330-501 - Limited - Disabled)
Günni (S-1-5-21-1482476501-1409082233-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Günni
Hilfeassistent (S-1-5-21-1482476501-1409082233-682003330-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1482476501-1409082233-682003330-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Modem
Description: PCI-Modem
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
System errors:
=============
Error: (01/09/2015 09:37:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 09:37:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 09:37:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:47:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:46:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:46:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:45:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:20:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:19:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/09/2015 08:19:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (01/07/2015 08:14:16 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{1e7bf544-f164-11e2-8bb3-806d6172696f},0xc0000000,0x00000003,...)0x80070005
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) M processor 2.13GHz
Percentage of memory in use: 38%
Total physical RAM: 2047.39 MB
Available physical RAM: 1251.13 MB
Total Pagefile: 3940.23 MB
Available Pagefile: 3264.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:33.44 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 23F12D67)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
| Themen zu Telekom Abuse Team Sicherheitswarnung: Spam-Mails |
| abuse team, anschluss, behauptet, betreff, computer, emails, erhalte, erhalten, hinweise, interne, internetzugang, nutzen, rootkit.win32.necurs.gen, sicherheitsexperten, sicherheitswarnung, spam-mails, system, telekom, uds:dangerousobject.multi.generic, versand, versendet, welchem, wichtige, windows, zugang |
WARNUNG an die MITLESER: 
Linear-Darstellung
