Usb Stick zeigt nur noch Ordner in Verknüpfungen an #2

Ruffytaker · 04.02.2015, 16:58

so also nun folgendes^^
heut als ich wieder den pc angemacht habe startete auf einmal combofix und hat dann das scannen angefangen ( was gestern ja nicht ging) na gut hab ihn machen lassen nun folgendes problem combofix hängt nun seit ca 20 min bei 50 % fertiggestellt hat aber irgendwie schon angefangen daten zu löschen

siehe screen

cosinus · 04.02.2015, 16:59

Einfach in Ruhe lassen und warten...

Ruffytaker · 04.02.2015, 17:22

so hat dann doch geklappt

Code:

ATTFilter

ComboFix 15-02-02.01 - lisa 04.02.2015   3:30.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1015.582 [GMT -12:00]
ausgeführt von:: c:\dokumente und einstellungen\lisa\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\1.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\a.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\b.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\c.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\d.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\e.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\f.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\g.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\h.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\i.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\J.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\k.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\l.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\m.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\mru.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\n.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\o.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\p.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\q.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\r.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\s.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\t.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\u.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\v.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\w.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\x.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\y.xml
c:\dokumente und einstellungen\lisa\Anwendungsdaten\PriceGong\Data\z.xml
c:\dokumente und einstellungen\lisa\Recent\Thumbs.db
c:\windows\msdownld.tmp
c:\windows\WindowsUpdate.log . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-01-04 bis 2015-02-04  ))))))))))))))))))))))))))))))
.
.
2015-02-03 22:56 . 2015-02-03 22:56	--------	d-sh--w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-03 22:55 . 2015-02-03 22:55	--------	d--h--w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Common Files
2015-02-03 22:55 . 2015-02-03 22:56	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\TuneUp Software
2015-02-03 22:50 . 2015-02-03 22:50	--------	d-----w-	c:\dokumente und einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\ScreenCapture
2015-02-03 22:50 . 2015-02-03 22:50	--------	d-----w-	c:\programme\Screen Capturer
2015-02-03 22:49 . 2015-02-03 22:49	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\ScreenCapture
2015-02-03 21:56 . 2015-02-03 21:58	--------	d-----w-	C:\FRST
2015-02-01 22:12 . 2015-02-01 22:12	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-02-01 22:11 . 2015-02-01 23:04	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-02-01 22:11 . 2015-02-01 22:11	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-01 22:10 . 2015-02-03 22:29	108632	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-02-01 20:52 . 2015-02-01 20:52	--------	d-----w-	c:\programme\MyKeyFinder
2015-02-01 20:40 . 2015-02-01 20:43	--------	d-----w-	c:\dokumente und einstellungen\Administrator
2015-02-01 14:49 . 2015-02-01 14:52	--------	d-----w-	c:\programme\Google
2015-01-30 16:23 . 2015-01-31 13:20	--------	d-----w-	c:\windows\system32\MpEngineStore
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 02:56 . 2014-11-19 02:56	1202848	----a-w-	c:\windows\system32\FM20.DLL
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-18 04:54	175912	----a-w-	c:\programme\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 14:54	175912	----a-w-	c:\programme\DVDVideoSoftTB\prxtbDVD0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\programme\ConduitEngine\prxConduitEngine.dll" [2011-01-18 175912]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\programme\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\programme\ASUS\Eee Docking\Eee Docking.exe" [2009-07-27 397312]
"ICQ"="c:\programme\ICQ7.2\ICQ.exe" [2011-01-05 133432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"AsusACPIServer"="c:\programme\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\programme\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\programme\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2009-04-09 1512744]
"SynAsusAcpi"="c:\programme\Synaptics\SynTP\SynAsusAcpi.exe" [2009-04-09 79144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\lisa\Startmenü\Programme\Autostart\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\programme\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
Screen Capturer.lnk - c:\programme\Screen Capturer\ScreenCapturer.exe [2008-12-8 147456]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
 SuperHybridEngine.lnk - c:\programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-8-13 376832]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Programme\\ICQ7.2\\ICQ.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Dokumente und Einstellungen\\manuela\\Lokale Einstellungen\\Anwendungsdaten\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
.
R2 BBSvc;BingBar Service;c:\programme\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [11.03.2014 23:36 193696]
R2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [02.06.2010 09:26 246520]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [27.04.2009 13:59 38912]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [19.08.2009 19:36 1015424]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [23.10.2013 08:15 172192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [13.08.2009 21:32 1684736]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS --> c:\windows\system32\drivers\AmUStor.SYS [?]
S3 BBUpdate;BBUpdate;c:\programme\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [11.03.2014 23:36 247968]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [01.02.2015 10:10 108632]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [01.02.2015 10:11 119512]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [27.04.2009 17:47 39040]
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-02 05:57]
.
2015-02-04 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
- c:\windows\system32\xp_eos.exe [2014-03-21 23:28]
.
2015-01-12 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2014-03-21 23:28]
.
2015-01-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-113607857-3820037453-3115687014-1006Core.job
- c:\dokumente und einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe [2012-05-28 08:37]
.
2015-01-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-113607857-3820037453-3115687014-1006UA.job
- c:\dokumente und einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe [2012-05-28 08:37]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE: Free YouTube Download - c:\dokumente und einstellungen\lisa\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\lisa\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://plasmoo.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=
FF - ExtSQL: !HIDDEN! 2010-05-27 11:21; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-MBAMSwissArmy
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-02-04 04:14
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(3192)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Zune\ZuneBusEnum.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\programme\Microsoft Office\Office12\ONENOTEM.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-02-04  04:20:17 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-02-04 16:20
.
Vor Suchlauf: 8 Verzeichnis(se), 37.285.720.064 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 39.735.361.536 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 89E18C94F39D829169573061F87E0EBD
8F558EB6672622401DA993E1E865C861

cosinus · 04.02.2015, 23:06

Dann probier jetzt bitte nochmal MBAR

Ruffytaker · 05.02.2015, 17:56

Mbar probiert wieder beim starten nur bluescreen

cosinus · 05.02.2015, 22:49

Dein Rechner fängt langsam an zu nerven

Probier bitte jetzt mal den TDSS-Killer:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Ruffytaker · 06.02.2015, 18:09

Sry kann leider auch nix für haha :-D

Code:

ATTFilter

05:04:04.0902 0x0f60  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
05:04:09.0355 0x0f60  ============================================================
05:04:09.0355 0x0f60  Current date / time: 2015/02/06 05:04:09.0355
05:04:09.0355 0x0f60  SystemInfo:
05:04:09.0355 0x0f60  
05:04:09.0355 0x0f60  OS Version: 5.1.2600 ServicePack: 3.0
05:04:09.0355 0x0f60  Product type: Workstation
05:04:09.0355 0x0f60  ComputerName: NAME-PJ192R4VL8
05:04:09.0355 0x0f60  UserName: lisa
05:04:09.0355 0x0f60  Windows directory: C:\WINDOWS
05:04:09.0355 0x0f60  System windows directory: C:\WINDOWS
05:04:09.0355 0x0f60  Processor architecture: Intel x86
05:04:09.0355 0x0f60  Number of processors: 2
05:04:09.0355 0x0f60  Page size: 0x1000
05:04:09.0355 0x0f60  Boot type: Normal boot
05:04:09.0355 0x0f60  ============================================================
05:04:11.0198 0x0f60  KLMD registered as C:\WINDOWS\system32\drivers\74299457.sys
05:04:11.0792 0x0f60  System UUID: {D6E74072-D490-FACD-7652-3E8605ECB366}
05:04:13.0948 0x0f60  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
05:04:13.0964 0x0f60  ============================================================
05:04:13.0964 0x0f60  \Device\Harddisk0\DR0:
05:04:13.0964 0x0f60  MBR partitions:
05:04:13.0964 0x0f60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x901F5C0
05:04:13.0964 0x0f60  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x901F5FF, BlocksNum 0x901B73E
05:04:13.0964 0x0f60  ============================================================
05:04:14.0136 0x0f60  C: <-> \Device\Harddisk0\DR0\Partition1
05:04:14.0230 0x0f60  D: <-> \Device\Harddisk0\DR0\Partition2
05:04:14.0480 0x0f60  ============================================================
05:04:14.0480 0x0f60  Initialize success
05:04:14.0480 0x0f60  ============================================================
05:04:18.0667 0x0fe4  ============================================================
05:04:18.0667 0x0fe4  Scan started
05:04:18.0667 0x0fe4  Mode: Manual; 
05:04:18.0667 0x0fe4  ============================================================
05:04:18.0667 0x0fe4  KSN ping started
05:04:33.0277 0x0fe4  KSN ping finished: true
05:04:35.0323 0x0fe4  ================ Scan system memory ========================
05:04:35.0323 0x0fe4  System memory - ok
05:04:35.0323 0x0fe4  ================ Scan services =============================
05:04:35.0620 0x0fe4  Abiosdsk - ok
05:04:35.0636 0x0fe4  abp480n5 - ok
05:04:35.0698 0x0fe4  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:04:35.0745 0x0fe4  ACPI - ok
05:04:36.0120 0x0fe4  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
05:04:36.0120 0x0fe4  ACPIEC - ok
05:04:36.0136 0x0fe4  adpu160m - ok
05:04:36.0277 0x0fe4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
05:04:36.0292 0x0fe4  aec - ok
05:04:36.0370 0x0fe4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
05:04:36.0386 0x0fe4  AFD - ok
05:04:36.0402 0x0fe4  Aha154x - ok
05:04:36.0417 0x0fe4  aic78u2 - ok
05:04:36.0433 0x0fe4  aic78xx - ok
05:04:36.0511 0x0fe4  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
05:04:36.0511 0x0fe4  Alerter - ok
05:04:36.0558 0x0fe4  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
05:04:36.0573 0x0fe4  ALG - ok
05:04:36.0573 0x0fe4  AliIde - ok
05:04:36.0870 0x0fe4  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
05:04:37.0027 0x0fe4  Ambfilt - ok
05:04:37.0042 0x0fe4  amsint - ok
05:04:37.0058 0x0fe4  AmUStor - ok
05:04:37.0214 0x0fe4  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:04:37.0214 0x0fe4  Apple Mobile Device - ok
05:04:37.0230 0x0fe4  AppMgmt - ok
05:04:37.0370 0x0fe4  [ E0EE769D14128014965E03B433F5F46E, 94B4383B0D965364D0F94F00DF7E04085714CA2F9C491CC6597FAB4E38EB7BAC ] AR5416          C:\WINDOWS\system32\DRIVERS\athw.sys
05:04:37.0480 0x0fe4  AR5416 - ok
05:04:37.0495 0x0fe4  asc - ok
05:04:37.0511 0x0fe4  asc3350p - ok
05:04:37.0527 0x0fe4  asc3550 - ok
05:04:37.0667 0x0fe4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
05:04:37.0683 0x0fe4  aspnet_state - ok
05:04:37.0745 0x0fe4  [ 12415A4B61DED200FE9932B47A35FA42, EA9D32CCD98990F6F20412F919B0477D63771E631755CC593E2CD9B8D70A8E25 ] AsusACPI        C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
05:04:37.0745 0x0fe4  AsusACPI - ok
05:04:37.0823 0x0fe4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:04:37.0823 0x0fe4  AsyncMac - ok
05:04:37.0886 0x0fe4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
05:04:37.0902 0x0fe4  atapi - ok
05:04:37.0917 0x0fe4  Atdisk - ok
05:04:37.0980 0x0fe4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:04:37.0995 0x0fe4  Atmarpc - ok
05:04:38.0136 0x0fe4  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
05:04:38.0136 0x0fe4  AudioSrv - ok
05:04:38.0214 0x0fe4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
05:04:38.0214 0x0fe4  audstub - ok
05:04:38.0370 0x0fe4  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Programme\Microsoft\BingBar\7.3.132.0\BBSvc.exe
05:04:38.0417 0x0fe4  BBSvc - ok
05:04:38.0464 0x0fe4  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Programme\Microsoft\BingBar\7.3.132.0\SeaPort.exe
05:04:38.0511 0x0fe4  BBUpdate - ok
05:04:38.0605 0x0fe4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
05:04:38.0605 0x0fe4  Beep - ok
05:04:38.0761 0x0fe4  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
05:04:38.0886 0x0fe4  BITS - ok
05:04:39.0042 0x0fe4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
05:04:39.0152 0x0fe4  Bonjour Service - ok
05:04:39.0245 0x0fe4  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
05:04:39.0261 0x0fe4  Browser - ok
05:04:39.0277 0x0fe4  btaudio - ok
05:04:39.0308 0x0fe4  BTDriver - ok
05:04:39.0323 0x0fe4  BTWDNDIS - ok
05:04:39.0339 0x0fe4  btwhid - ok
05:04:39.0355 0x0fe4  BTWUSB - ok
05:04:39.0573 0x0fe4  catchme - ok
05:04:39.0683 0x0fe4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
05:04:39.0698 0x0fe4  cbidf2k - ok
05:04:39.0792 0x0fe4  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
05:04:39.0808 0x0fe4  CCDECODE - ok
05:04:39.0823 0x0fe4  cd20xrnt - ok
05:04:39.0995 0x0fe4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
05:04:39.0995 0x0fe4  Cdaudio - ok
05:04:40.0042 0x0fe4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
05:04:40.0058 0x0fe4  Cdfs - ok
05:04:40.0198 0x0fe4  [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:04:40.0214 0x0fe4  Cdrom - ok
05:04:40.0230 0x0fe4  Changer - ok
05:04:40.0323 0x0fe4  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
05:04:40.0323 0x0fe4  CiSvc - ok
05:04:40.0386 0x0fe4  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
05:04:40.0402 0x0fe4  ClipSrv - ok
05:04:40.0495 0x0fe4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:04:40.0683 0x0fe4  clr_optimization_v2.0.50727_32 - ok
05:04:40.0823 0x0fe4  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
05:04:40.0839 0x0fe4  CmBatt - ok
05:04:40.0855 0x0fe4  CmdIde - ok
05:04:40.0933 0x0fe4  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
05:04:40.0933 0x0fe4  Compbatt - ok
05:04:40.0948 0x0fe4  COMSysApp - ok
05:04:40.0980 0x0fe4  Cpqarray - ok
05:04:41.0073 0x0fe4  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
05:04:41.0089 0x0fe4  CryptSvc - ok
05:04:41.0105 0x0fe4  dac2w2k - ok
05:04:41.0120 0x0fe4  dac960nt - ok
05:04:41.0261 0x0fe4  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
05:04:41.0370 0x0fe4  DcomLaunch - ok
05:04:41.0527 0x0fe4  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
05:04:41.0542 0x0fe4  Dhcp - ok
05:04:41.0652 0x0fe4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
05:04:41.0667 0x0fe4  Disk - ok
05:04:41.0683 0x0fe4  dmadmin - ok
05:04:42.0089 0x0fe4  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
05:04:42.0417 0x0fe4  dmboot - ok
05:04:42.0511 0x0fe4  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
05:04:42.0527 0x0fe4  dmio - ok
05:04:42.0667 0x0fe4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
05:04:42.0667 0x0fe4  dmload - ok
05:04:42.0714 0x0fe4  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
05:04:42.0730 0x0fe4  dmserver - ok
05:04:42.0948 0x0fe4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
05:04:42.0964 0x0fe4  DMusic - ok
05:04:43.0058 0x0fe4  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
05:04:43.0058 0x0fe4  Dnscache - ok
05:04:43.0136 0x0fe4  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
05:04:43.0167 0x0fe4  Dot3svc - ok
05:04:43.0198 0x0fe4  dpti2o - ok
05:04:43.0230 0x0fe4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
05:04:43.0230 0x0fe4  drmkaud - ok
05:04:43.0277 0x0fe4  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
05:04:43.0292 0x0fe4  EapHost - ok
05:04:43.0355 0x0fe4  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
05:04:43.0370 0x0fe4  ERSvc - ok
05:04:43.0480 0x0fe4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
05:04:43.0511 0x0fe4  Eventlog - ok
05:04:43.0714 0x0fe4  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
05:04:43.0761 0x0fe4  EventSystem - ok
05:04:43.0948 0x0fe4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
05:04:43.0964 0x0fe4  Fastfat - ok
05:04:44.0105 0x0fe4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:04:44.0120 0x0fe4  FastUserSwitchingCompatibility - ok
05:04:44.0292 0x0fe4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
05:04:44.0292 0x0fe4  Fdc - ok
05:04:44.0370 0x0fe4  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
05:04:44.0386 0x0fe4  Fips - ok
05:04:44.0433 0x0fe4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
05:04:44.0433 0x0fe4  Flpydisk - ok
05:04:44.0558 0x0fe4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
05:04:44.0589 0x0fe4  FltMgr - ok
05:04:44.0745 0x0fe4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:04:44.0745 0x0fe4  FontCache3.0.0.0 - ok
05:04:44.0855 0x0fe4  [ 960F5E5E4E1F720465311AC68A99C2DF, F52E2FB00CA71BB414D97E16BE7A65E90E813D73EA0D303DC9AF93BFEF9F8ADE ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
05:04:44.0870 0x0fe4  fssfltr - ok
05:04:45.0308 0x0fe4  [ 9B1622EBEB31B3411B13382FFCB8737D, 528CBDE1B92EB27B0FE7D7F5944A3828C26E51A27532BB434D66A3886AED3901 ] fsssvc          C:\Programme\Windows Live\Family Safety\fsssvc.exe
05:04:45.0480 0x0fe4  fsssvc - ok
05:04:45.0605 0x0fe4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:04:45.0605 0x0fe4  Fs_Rec - ok
05:04:45.0745 0x0fe4  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:04:45.0761 0x0fe4  Ftdisk - ok
05:04:45.0870 0x0fe4  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
05:04:45.0870 0x0fe4  GEARAspiWDM - ok
05:04:45.0980 0x0fe4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:04:45.0980 0x0fe4  Gpc - ok
05:04:46.0089 0x0fe4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
05:04:46.0120 0x0fe4  HDAudBus - ok
05:04:46.0386 0x0fe4  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:04:46.0386 0x0fe4  helpsvc - ok
05:04:46.0511 0x0fe4  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
05:04:46.0511 0x0fe4  HidServ - ok
05:04:46.0589 0x0fe4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:04:46.0589 0x0fe4  hidusb - ok
05:04:46.0652 0x0fe4  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
05:04:46.0667 0x0fe4  hkmsvc - ok
05:04:46.0683 0x0fe4  hpn - ok
05:04:46.0855 0x0fe4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
05:04:46.0933 0x0fe4  HTTP - ok
05:04:46.0980 0x0fe4  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
05:04:46.0995 0x0fe4  HTTPFilter - ok
05:04:47.0011 0x0fe4  i2omgmt - ok
05:04:47.0042 0x0fe4  i2omp - ok
05:04:47.0214 0x0fe4  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:04:47.0230 0x0fe4  i8042prt - ok
05:04:48.0777 0x0fe4  [ 0F68E2EC713F132FFB19E45415B09679, B1439A5D157F9FF54E803581D2B86411DB079242D837617021A4A0BC195E67BB ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
05:04:51.0370 0x0fe4  ialm - ok
05:04:51.0542 0x0fe4  [ 8EF427C54497C5F8A7A645990E4278C7, 3890391A489DAAFE155345C2E16BE17DF1E3E23DEE73EE849A7F96132AE65417 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
05:04:51.0558 0x0fe4  iaStor - ok
05:04:51.0667 0x0fe4  [ 36D8D68825BEDF687BE2AA203164B030, 749992B59A96073C2622C8CFE10B1F1CE72EED5B297F243F9D69476B9CE7FAC7 ] ICQ Service     C:\Programme\ICQ6Toolbar\ICQ Service.exe
05:04:51.0683 0x0fe4  ICQ Service - ok
05:04:52.0073 0x0fe4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:04:52.0527 0x0fe4  idsvc - ok
05:04:52.0683 0x0fe4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
05:04:52.0683 0x0fe4  Imapi - ok
05:04:52.0823 0x0fe4  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
05:04:52.0855 0x0fe4  ImapiService - ok
05:04:52.0870 0x0fe4  ini910u - ok
05:04:54.0323 0x0fe4  [ 9037C8BD3E896D7F2803A171FDEAEEF4, 4D52DE2D22CC74584E2C54C4E18FAA688072B719091040A4B14FE88CE9FBF1F7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
05:04:56.0417 0x0fe4  IntcAzAudAddService - ok
05:04:56.0448 0x0fe4  IntelIde - ok
05:04:56.0542 0x0fe4  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:04:56.0542 0x0fe4  intelppm - ok
05:04:56.0605 0x0fe4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
05:04:56.0605 0x0fe4  Ip6Fw - ok
05:04:56.0667 0x0fe4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:04:56.0667 0x0fe4  IpFilterDriver - ok
05:04:56.0683 0x0fe4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:04:56.0698 0x0fe4  IpInIp - ok
05:04:56.0745 0x0fe4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:04:56.0745 0x0fe4  IpNat - ok
05:04:57.0073 0x0fe4  [ 49918803B661367023BF325CF602AFDC, 2821451FD31EAFCB5D3081998756F7274B4C2594E9A378EEE5C1D5D92C1FC58C ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
05:04:57.0589 0x0fe4  iPod Service - ok
05:04:57.0698 0x0fe4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:04:57.0698 0x0fe4  IPSec - ok
05:04:57.0761 0x0fe4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
05:04:57.0761 0x0fe4  IRENUM - ok
05:04:57.0902 0x0fe4  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:04:57.0902 0x0fe4  isapnp - ok
05:04:57.0995 0x0fe4  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:04:58.0011 0x0fe4  Kbdclass - ok
05:04:58.0136 0x0fe4  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:04:58.0136 0x0fe4  kbdhid - ok
05:04:58.0292 0x0fe4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
05:04:58.0308 0x0fe4  kmixer - ok
05:04:58.0370 0x0fe4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
05:04:58.0386 0x0fe4  KSecDD - ok
05:04:58.0495 0x0fe4  [ 6C8658587E91EA25B0FD2E71781AD228, EFD9D5E73264175C7E598D8B2DB2CE44A70A0D8B18290338E4FBDE585AA607AF ] L1c             C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
05:04:58.0495 0x0fe4  L1c - ok
05:04:58.0636 0x0fe4  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
05:04:58.0652 0x0fe4  LanmanServer - ok
05:04:58.0855 0x0fe4  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:04:58.0902 0x0fe4  lanmanworkstation - ok
05:04:58.0917 0x0fe4  lbrtfdc - ok
05:04:59.0042 0x0fe4  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
05:04:59.0058 0x0fe4  LmHosts - ok
05:04:59.0120 0x0fe4  [ 6690B6E2530C1371A82280F25D171EA2, EB170D2BAC25D39A412B116EB3C9A1E8C5EFDB24CB6C02114516B599FEEA2C09 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
05:04:59.0136 0x0fe4  Suspicious file ( Forged ): C:\WINDOWS\system32\drivers\mbamchameleon.sys. Real md5: 6690B6E2530C1371A82280F25D171EA2, sha256: EB170D2BAC25D39A412B116EB3C9A1E8C5EFDB24CB6C02114516B599FEEA2C09, fake md5: 6F080D07EC100DA4166573CEB287426A, fake sha256: 28676E3DAC662DBBF0FCD36CB556C501A2163CA7678F00C3CB127A167C7CE9FC
05:04:59.0136 0x0fe4  mbamchameleon - detected ForgedFile.Multi.Generic ( 1 )
05:05:01.0542 0x0fe4  Detect skipped due to KSN trusted
05:05:01.0542 0x0fe4  mbamchameleon - ok
05:05:01.0698 0x0fe4  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
05:05:01.0714 0x0fe4  MBAMSwissArmy - ok
05:05:01.0808 0x0fe4  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
05:05:01.0823 0x0fe4  Messenger - ok
05:05:01.0917 0x0fe4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
05:05:01.0933 0x0fe4  mnmdd - ok
05:05:01.0995 0x0fe4  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
05:05:02.0011 0x0fe4  mnmsrvc - ok
05:05:02.0058 0x0fe4  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
05:05:02.0073 0x0fe4  Modem - ok
05:05:02.0480 0x0fe4  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
05:05:03.0011 0x0fe4  Monfilt - ok
05:05:03.0120 0x0fe4  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:05:03.0120 0x0fe4  Mouclass - ok
05:05:03.0230 0x0fe4  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:05:03.0230 0x0fe4  mouhid - ok
05:05:03.0277 0x0fe4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
05:05:03.0277 0x0fe4  MountMgr - ok
05:05:03.0448 0x0fe4  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
05:05:03.0448 0x0fe4  MozillaMaintenance - ok
05:05:03.0464 0x0fe4  mraid35x - ok
05:05:03.0636 0x0fe4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:05:03.0667 0x0fe4  MRxDAV - ok
05:05:03.0855 0x0fe4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:05:04.0058 0x0fe4  MRxSmb - ok
05:05:04.0136 0x0fe4  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe
05:05:04.0152 0x0fe4  MSDTC - ok
05:05:04.0245 0x0fe4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
05:05:04.0261 0x0fe4  Msfs - ok
05:05:04.0277 0x0fe4  MSIServer - ok
05:05:04.0339 0x0fe4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:05:04.0355 0x0fe4  MSKSSRV - ok
05:05:04.0370 0x0fe4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:05:04.0370 0x0fe4  MSPCLOCK - ok
05:05:04.0480 0x0fe4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
05:05:04.0495 0x0fe4  MSPQM - ok
05:05:04.0589 0x0fe4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:05:04.0589 0x0fe4  mssmbios - ok
05:05:04.0620 0x0fe4  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
05:05:04.0620 0x0fe4  MSTEE - ok
05:05:04.0730 0x0fe4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
05:05:04.0730 0x0fe4  Mup - ok
05:05:04.0808 0x0fe4  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
05:05:04.0870 0x0fe4  NABTSFEC - ok
05:05:05.0073 0x0fe4  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
05:05:05.0136 0x0fe4  napagent - ok
05:05:05.0261 0x0fe4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
05:05:05.0308 0x0fe4  NDIS - ok
05:05:05.0370 0x0fe4  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
05:05:05.0370 0x0fe4  NdisIP - ok
05:05:05.0464 0x0fe4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:05:05.0464 0x0fe4  NdisTapi - ok
05:05:05.0605 0x0fe4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:05:05.0620 0x0fe4  Ndisuio - ok
05:05:05.0683 0x0fe4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:05:05.0698 0x0fe4  NdisWan - ok
05:05:05.0792 0x0fe4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
05:05:05.0808 0x0fe4  NDProxy - ok
05:05:05.0902 0x0fe4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
05:05:05.0902 0x0fe4  NetBIOS - ok
05:05:06.0261 0x0fe4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
05:05:06.0323 0x0fe4  NetBT - ok
05:05:06.0402 0x0fe4  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
05:05:06.0433 0x0fe4  NetDDE - ok
05:05:06.0464 0x0fe4  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
05:05:06.0480 0x0fe4  NetDDEdsdm - ok
05:05:06.0605 0x0fe4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
05:05:06.0620 0x0fe4  Netlogon - ok
05:05:06.0683 0x0fe4  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
05:05:06.0714 0x0fe4  Netman - ok
05:05:06.0839 0x0fe4  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:05:06.0870 0x0fe4  NetTcpPortSharing - ok
05:05:06.0964 0x0fe4  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
05:05:06.0995 0x0fe4  Nla - ok
05:05:07.0105 0x0fe4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
05:05:07.0105 0x0fe4  Npfs - ok
05:05:07.0261 0x0fe4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
05:05:07.0433 0x0fe4  Ntfs - ok
05:05:07.0495 0x0fe4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
05:05:07.0511 0x0fe4  NtLmSsp - ok
05:05:07.0698 0x0fe4  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
05:05:07.0839 0x0fe4  NtmsSvc - ok
05:05:07.0980 0x0fe4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
05:05:07.0980 0x0fe4  Null - ok
05:05:08.0073 0x0fe4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:05:08.0073 0x0fe4  NwlnkFlt - ok
05:05:08.0183 0x0fe4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:05:08.0183 0x0fe4  NwlnkFwd - ok
05:05:08.0636 0x0fe4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
05:05:08.0948 0x0fe4  odserv - ok
05:05:09.0042 0x0fe4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
05:05:09.0073 0x0fe4  ose - ok
05:05:09.0183 0x0fe4  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
05:05:09.0198 0x0fe4  Parport - ok
05:05:09.0308 0x0fe4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
05:05:09.0308 0x0fe4  PartMgr - ok
05:05:09.0370 0x0fe4  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
05:05:09.0386 0x0fe4  ParVdm - ok
05:05:09.0511 0x0fe4  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
05:05:09.0527 0x0fe4  PCI - ok
05:05:09.0573 0x0fe4  PCIDump - ok
05:05:09.0605 0x0fe4  PCIIde - ok
05:05:09.0761 0x0fe4  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
05:05:09.0777 0x0fe4  Pcmcia - ok
05:05:09.0792 0x0fe4  PDCOMP - ok
05:05:09.0808 0x0fe4  PDFRAME - ok
05:05:09.0839 0x0fe4  PDRELI - ok
05:05:09.0855 0x0fe4  PDRFRAME - ok
05:05:09.0870 0x0fe4  perc2 - ok
05:05:09.0902 0x0fe4  perc2hib - ok
05:05:10.0011 0x0fe4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
05:05:10.0027 0x0fe4  PlugPlay - ok
05:05:10.0042 0x0fe4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
05:05:10.0042 0x0fe4  PolicyAgent - ok
05:05:10.0120 0x0fe4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:05:10.0120 0x0fe4  PptpMiniport - ok
05:05:10.0136 0x0fe4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:05:10.0136 0x0fe4  ProtectedStorage - ok
05:05:10.0167 0x0fe4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
05:05:10.0167 0x0fe4  PSched - ok
05:05:10.0183 0x0fe4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:05:10.0198 0x0fe4  Ptilink - ok
05:05:10.0198 0x0fe4  ql1080 - ok
05:05:10.0214 0x0fe4  Ql10wnt - ok
05:05:10.0230 0x0fe4  ql12160 - ok
05:05:10.0245 0x0fe4  ql1240 - ok
05:05:10.0261 0x0fe4  ql1280 - ok
05:05:10.0323 0x0fe4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:05:10.0323 0x0fe4  RasAcd - ok
05:05:10.0417 0x0fe4  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
05:05:10.0433 0x0fe4  RasAuto - ok
05:05:10.0495 0x0fe4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:05:10.0495 0x0fe4  Rasl2tp - ok
05:05:10.0573 0x0fe4  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
05:05:10.0605 0x0fe4  RasMan - ok
05:05:10.0652 0x0fe4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:05:10.0652 0x0fe4  RasPppoe - ok
05:05:10.0792 0x0fe4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
05:05:10.0792 0x0fe4  Raspti - ok
05:05:10.0948 0x0fe4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:05:10.0964 0x0fe4  Rdbss - ok
05:05:11.0136 0x0fe4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:05:11.0136 0x0fe4  RDPCDD - ok
05:05:11.0292 0x0fe4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
05:05:11.0323 0x0fe4  RDPWD - ok
05:05:11.0417 0x0fe4  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
05:05:11.0448 0x0fe4  RDSessMgr - ok
05:05:11.0495 0x0fe4  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
05:05:11.0495 0x0fe4  redbook - ok
05:05:11.0605 0x0fe4  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
05:05:11.0605 0x0fe4  RemoteAccess - ok
05:05:11.0730 0x0fe4  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
05:05:11.0745 0x0fe4  RpcLocator - ok
05:05:11.0902 0x0fe4  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
05:05:11.0948 0x0fe4  RpcSs - ok
05:05:12.0136 0x0fe4  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
05:05:12.0214 0x0fe4  RSVP - ok
05:05:12.0573 0x0fe4  [ 97B59CE2CFBB0884A16DDD8F1781812B, 818A348715E5A043C92613C5251A49CF8DCB8E65E884967FF7E3A8BFEC8910D1 ] RT80x86         C:\WINDOWS\system32\DRIVERS\RT2860.sys
05:05:12.0948 0x0fe4  RT80x86 - ok
05:05:13.0120 0x0fe4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
05:05:13.0136 0x0fe4  SamSs - ok
05:05:13.0245 0x0fe4  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
05:05:13.0277 0x0fe4  SCardSvr - ok
05:05:13.0480 0x0fe4  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
05:05:13.0620 0x0fe4  Schedule - ok
05:05:13.0714 0x0fe4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:05:13.0730 0x0fe4  Secdrv - ok
05:05:13.0777 0x0fe4  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
05:05:13.0777 0x0fe4  seclogon - ok
05:05:13.0917 0x0fe4  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
05:05:13.0917 0x0fe4  SENS - ok
05:05:14.0073 0x0fe4  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
05:05:14.0089 0x0fe4  Serial - ok
05:05:14.0167 0x0fe4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
05:05:14.0167 0x0fe4  Sfloppy - ok
05:05:14.0386 0x0fe4  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
05:05:14.0480 0x0fe4  SharedAccess - ok
05:05:14.0542 0x0fe4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:05:14.0558 0x0fe4  ShellHWDetection - ok
05:05:14.0573 0x0fe4  Simbad - ok
05:05:14.0870 0x0fe4  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
05:05:14.0902 0x0fe4  SkypeUpdate - ok
05:05:14.0964 0x0fe4  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
05:05:14.0964 0x0fe4  SLIP - ok
05:05:15.0480 0x0fe4  [ 473F35E2A378B854731E67C377A3BEA7, 009855547987FB22CE885F9A1213408CBCC6BB734CB9BB4425EAA485C148B1EC ] SNP2UVC         C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
05:05:16.0198 0x0fe4  SNP2UVC - ok
05:05:16.0214 0x0fe4  Sparrow - ok
05:05:16.0323 0x0fe4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
05:05:16.0323 0x0fe4  splitter - ok
05:05:16.0448 0x0fe4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
05:05:16.0448 0x0fe4  Spooler - ok
05:05:16.0542 0x0fe4  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
05:05:16.0558 0x0fe4  sr - ok
05:05:16.0667 0x0fe4  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
05:05:16.0698 0x0fe4  srservice - ok
05:05:16.0948 0x0fe4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
05:05:17.0183 0x0fe4  Srv - ok
05:05:17.0292 0x0fe4  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
05:05:17.0308 0x0fe4  SSDPSRV - ok
05:05:17.0495 0x0fe4  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
05:05:17.0589 0x0fe4  stisvc - ok
05:05:17.0636 0x0fe4  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
05:05:17.0636 0x0fe4  streamip - ok
05:05:17.0761 0x0fe4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
05:05:17.0777 0x0fe4  swenum - ok
05:05:17.0823 0x0fe4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
05:05:17.0839 0x0fe4  swmidi - ok
05:05:17.0886 0x0fe4  SwPrv - ok
05:05:17.0902 0x0fe4  symc810 - ok
05:05:17.0917 0x0fe4  symc8xx - ok
05:05:17.0948 0x0fe4  sym_hi - ok
05:05:17.0964 0x0fe4  sym_u3 - ok
05:05:18.0089 0x0fe4  [ 8E25A1DBB8527B2074AF9B682F818768, 4B9C44BA6D12769920D4FB3D7B6815220FF0537B980E24C9643581776311F9AC ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
05:05:18.0120 0x0fe4  SynTP - ok
05:05:18.0214 0x0fe4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
05:05:18.0214 0x0fe4  sysaudio - ok
05:05:18.0355 0x0fe4  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
05:05:18.0370 0x0fe4  SysmonLog - ok
05:05:18.0495 0x0fe4  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
05:05:18.0542 0x0fe4  TapiSrv - ok
05:05:18.0714 0x0fe4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:05:18.0777 0x0fe4  Tcpip - ok
05:05:18.0823 0x0fe4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
05:05:18.0823 0x0fe4  TDPIPE - ok
05:05:18.0917 0x0fe4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
05:05:18.0917 0x0fe4  TDTCP - ok
05:05:18.0980 0x0fe4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
05:05:18.0980 0x0fe4  TermDD - ok
05:05:19.0136 0x0fe4  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
05:05:19.0386 0x0fe4  TermService - ok
05:05:19.0464 0x0fe4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
05:05:19.0480 0x0fe4  Themes - ok
05:05:19.0511 0x0fe4  TosIde - ok
05:05:19.0605 0x0fe4  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
05:05:19.0636 0x0fe4  TrkWks - ok
05:05:19.0745 0x0fe4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
05:05:19.0745 0x0fe4  Udfs - ok
05:05:19.0761 0x0fe4  ultra - ok
05:05:19.0917 0x0fe4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
05:05:19.0964 0x0fe4  Update - ok
05:05:20.0152 0x0fe4  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
05:05:20.0183 0x0fe4  upnphost - ok
05:05:20.0230 0x0fe4  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
05:05:20.0245 0x0fe4  UPS - ok
05:05:20.0339 0x0fe4  [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
05:05:20.0355 0x0fe4  USBAAPL - ok
05:05:20.0464 0x0fe4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:05:20.0464 0x0fe4  usbccgp - ok
05:05:20.0527 0x0fe4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:05:20.0542 0x0fe4  usbehci - ok
05:05:20.0745 0x0fe4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:05:20.0761 0x0fe4  usbhub - ok
05:05:20.0980 0x0fe4  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:05:20.0995 0x0fe4  usbscan - ok
05:05:21.0058 0x0fe4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:05:21.0058 0x0fe4  usbstor - ok
05:05:21.0183 0x0fe4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:05:21.0183 0x0fe4  usbuhci - ok
05:05:21.0839 0x0fe4  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
05:05:21.0933 0x0fe4  usbvideo - ok
05:05:22.0042 0x0fe4  [ C019889035CDC1A06F2FEBC93CBB6897, 370FAA64E035967220C0873EB7BDD79A18365DC321FD769B2865BB21CC941A8F ] uvclf           C:\WINDOWS\system32\DRIVERS\uvclf.sys
05:05:22.0042 0x0fe4  uvclf - ok
05:05:22.0230 0x0fe4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
05:05:22.0230 0x0fe4  VgaSave - ok
05:05:22.0261 0x0fe4  ViaIde - ok
05:05:22.0370 0x0fe4  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
05:05:22.0402 0x0fe4  VolSnap - ok
05:05:22.0714 0x0fe4  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
05:05:22.0808 0x0fe4  VSS - ok
05:05:23.0167 0x0fe4  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
05:05:23.0183 0x0fe4  W32Time - ok
05:05:23.0495 0x0fe4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:05:23.0527 0x0fe4  Wanarp - ok
05:05:23.0917 0x0fe4  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
05:05:24.0183 0x0fe4  Wdf01000 - ok
05:05:24.0214 0x0fe4  WDICA - ok
05:05:24.0370 0x0fe4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
05:05:24.0386 0x0fe4  wdmaud - ok
05:05:24.0464 0x0fe4  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
05:05:24.0480 0x0fe4  WebClient - ok
05:05:24.0730 0x0fe4  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
05:05:24.0761 0x0fe4  winmgmt - ok
05:05:24.0855 0x0fe4  [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
05:05:24.0855 0x0fe4  WinUSB - ok
05:05:24.0948 0x0fe4  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
05:05:25.0292 0x0fe4  WmdmPmSN - ok
05:05:25.0886 0x0fe4  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:05:25.0902 0x0fe4  WmiApSrv - ok
05:05:26.0620 0x0fe4  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
05:05:26.0933 0x0fe4  WMPNetworkSvc - ok
05:05:27.0167 0x0fe4  [ 017695393AFFFED8DE58ABD1B085BE6D, 447D65499426A745A85289F3EB7CABBC0CC64D2C6B60D612ED34885CFF94B765 ] WMZuneComm      c:\Programme\Zune\WMZuneComm.exe
05:05:27.0230 0x0fe4  WMZuneComm - ok
05:05:27.0339 0x0fe4  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
05:05:27.0355 0x0fe4  WpdUsb - ok
05:05:27.0417 0x0fe4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
05:05:27.0417 0x0fe4  WS2IFSL - ok
05:05:27.0573 0x0fe4  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
05:05:27.0605 0x0fe4  wscsvc - ok
05:05:27.0667 0x0fe4  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
05:05:27.0667 0x0fe4  WSTCODEC - ok
05:05:27.0777 0x0fe4  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
05:05:27.0777 0x0fe4  wuauserv - ok
05:05:27.0886 0x0fe4  [ EAA6324F51214D2F6718977EC9CE0DEF, B9DE1521395E09233FE519873702979C3EAF65FEC4B94B12A46CECB16C488543 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:05:27.0902 0x0fe4  WudfPf - ok
05:05:27.0964 0x0fe4  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:05:27.0980 0x0fe4  WudfRd - ok
05:05:28.0042 0x0fe4  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
05:05:28.0042 0x0fe4  WudfSvc - ok
05:05:28.0370 0x0fe4  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
05:05:28.0589 0x0fe4  WZCSVC - ok
05:05:28.0667 0x0fe4  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
05:05:28.0698 0x0fe4  xmlprov - ok
05:05:28.0823 0x0fe4  [ AE279CD76B38FC079EEC3CA6D65A5926, 6C5B22BA59732D2A1E6017447ABCCD3987C49ED9899819B6BA2EB2E1030CD044 ] zumbus          C:\WINDOWS\system32\DRIVERS\zumbus.sys
05:05:28.0839 0x0fe4  zumbus - ok
05:05:28.0933 0x0fe4  [ 37F339B64F19E2775284ED7161B96683, 24116248DC96A3C4B76489C7E8BF4AD5F4DF4A1C124A993E9FF92B0505278850 ] ZuneBusEnum     c:\Programme\Zune\ZuneBusEnum.exe
05:05:28.0948 0x0fe4  ZuneBusEnum - ok
05:05:30.0433 0x0fe4  [ 1076DF9ADE4E13EA3BF39D2165AEB903, 2CC94E658D02A97D8C02D7748F30A87AD16005720EBE29B7D55B80012BBA63A2 ] ZuneNetworkSvc  c:\Programme\Zune\ZuneNss.exe
05:05:32.0714 0x0fe4  ZuneNetworkSvc - ok
05:05:32.0870 0x0fe4  [ DE1CDB333A402B279F04D627122FA08E, 4ACBC70BBF67F1DE4375543EE3F0D08C9FFCE6736A437E8B237D593F00DD3888 ] ZuneWlanCfgSvc  c:\Programme\Zune\ZuneWlanCfgSvc.exe
05:05:33.0011 0x0fe4  ZuneWlanCfgSvc - ok
05:05:33.0152 0x0fe4  ================ Scan global ===============================
05:05:33.0261 0x0fe4  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
05:05:33.0480 0x0fe4  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
05:05:33.0620 0x0fe4  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
05:05:33.0730 0x0fe4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
05:05:33.0745 0x0fe4  [ Global ] - ok
05:05:33.0745 0x0fe4  ================ Scan MBR ==================================
05:05:33.0792 0x0fe4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:05:40.0730 0x0fe4  \Device\Harddisk0\DR0 - ok
05:05:40.0730 0x0fe4  ================ Scan VBR ==================================
05:05:40.0823 0x0fe4  [ C58391ED22FE3179575617507C8679AF ] \Device\Harddisk0\DR0\Partition1
05:05:40.0823 0x0fe4  \Device\Harddisk0\DR0\Partition1 - ok
05:05:40.0870 0x0fe4  [ D56A3B990EAA43C9BF7798A85CB5E097 ] \Device\Harddisk0\DR0\Partition2
05:05:40.0886 0x0fe4  \Device\Harddisk0\DR0\Partition2 - ok
05:05:40.0886 0x0fe4  ================ Scan generic autorun ======================
05:05:41.0011 0x0fe4  [ 4F0BED169FAB31EA094A649B0473B5C6, 492516BEA51D0A793F055EB789DC0A07477A78FAC6321C0AAB9BEF72EE7FCC80 ] C:\WINDOWS\system32\igfxtray.exe
05:05:41.0042 0x0fe4  IgfxTray - ok
05:05:41.0089 0x0fe4  [ 8B0DE4B972DB725FB9D591E69CD236FB, DF84C7DAE087772C4AAF8D13B48F9BE1E6BC31869DE6BD9642B598C0DF660F12 ] C:\WINDOWS\system32\hkcmd.exe
05:05:41.0120 0x0fe4  HotKeysCmds - ok
05:05:41.0495 0x0fe4  [ 5AEE71F957654D73E0798BBC295DC5A8, 8B4E9C66BF1CB7469789476527C9E78739BBA8D3A60E470C653867A5C8671796 ] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
05:05:41.0573 0x0fe4  AsusACPIServer - ok
05:05:41.0698 0x0fe4  [ 9474B0F93F8C62A9D4981A4482846402, 98D7CEB9476D533EF339655DDABEF606A9973561D6ED4AFEB8B210F9787E67E0 ] C:\Programme\EeePC\ACPI\AsEPCMon.exe
05:05:41.0714 0x0fe4  AsusEPCMonitor - ok
05:05:41.0855 0x0fe4  [ 29C8FD8DE192B3A52E7CB7DCECE552AF, AEE7774A7EB20C50C8BF5F0BCC7EB47CDFA2845A69F92A6A81C28AA7C9262CED ] C:\Programme\EeePC\ACPI\AsTray.exe
05:05:41.0870 0x0fe4  AsusTray - ok
05:05:42.0511 0x0fe4  [ F1E858C7523F3E95286549003A700EF7, D1BE6E05E1898977D2B5B2A50A6AE4D82F62255978BF1CA377661CBA53654135 ] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
05:05:43.0652 0x0fe4  SynTPEnh - ok
05:05:43.0777 0x0fe4  [ 2C16AF20EF4BF79F5120C75FB9413D76, FB6FA1077F418EEBB33E90D1690F4D32552A544B2C5DE5E05CCE0580277F11D2 ] C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe
05:05:43.0777 0x0fe4  SynAsusAcpi - ok
05:05:43.0792 0x0fe4  KernelFaultCheck - ok
05:05:43.0870 0x0fe4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
05:05:43.0870 0x0fe4  CTFMON.EXE - ok
05:05:44.0198 0x0fe4  [ 954986F1E2A1FD7E60A169701C0C40C7, F649A944B200110CE06FF249C5109F2A21304423AC64C0C8DBE0754AA66E5F49 ] C:\Programme\ASUS\Eee Docking\Eee Docking.exe
05:05:44.0245 0x0fe4  Eee Docking - ok
05:05:44.0683 0x0fe4  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe
05:05:44.0714 0x0fe4  Facebook Update - ok
05:05:44.0792 0x0fe4  Ehonzuynyp - ok
05:05:44.0917 0x0fe4  [ 954986F1E2A1FD7E60A169701C0C40C7, F649A944B200110CE06FF249C5109F2A21304423AC64C0C8DBE0754AA66E5F49 ] C:\Programme\ASUS\Eee Docking\Eee Docking.exe
05:05:44.0948 0x0fe4  Eee Docking - ok
05:05:45.0230 0x0fe4  [ 83EBCCC27098B1D1F20F72E10D6BF309, 588C2F8B82AB6C5E8FAC351B6F44A3AA630B64A319F5031D0FC8A769B1E2237D ] C:\Programme\ICQ7.2\ICQ.exe
05:05:45.0245 0x0fe4  ICQ - ok
05:05:45.0308 0x0fe4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
05:05:45.0323 0x0fe4  CTFMON.EXE - ok
05:05:45.0448 0x0fe4  [ 954986F1E2A1FD7E60A169701C0C40C7, F649A944B200110CE06FF249C5109F2A21304423AC64C0C8DBE0754AA66E5F49 ] C:\Programme\ASUS\Eee Docking\Eee Docking.exe
05:05:45.0495 0x0fe4  Eee Docking - ok
05:05:45.0495 0x0fe4  Waiting for KSN requests completion. In queue: 175
05:05:46.0495 0x0fe4  Waiting for KSN requests completion. In queue: 175
05:05:46.0730 0x0c18  Object required for P2P: [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE
05:05:47.0495 0x0fe4  Waiting for KSN requests completion. In queue: 125
05:05:48.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:49.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:50.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:51.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:52.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:53.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:54.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:55.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:56.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:57.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:58.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:05:59.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:00.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:01.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:02.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:03.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:04.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:05.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:06.0495 0x0fe4  Waiting for KSN requests completion. In queue: 111
05:06:06.0730 0x0c18  Object send P2P result: false
05:06:06.0730 0x0c18  Object required for P2P: [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm
05:06:07.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:08.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:09.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:10.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:11.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:12.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:13.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:14.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:15.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:16.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:17.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:18.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:19.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:20.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:21.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:22.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:23.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:24.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:25.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:26.0495 0x0fe4  Waiting for KSN requests completion. In queue: 110
05:06:26.0745 0x0c18  Object send P2P result: false
05:06:26.0745 0x0c18  Object required for P2P: [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr
05:06:27.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:28.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:29.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:30.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:31.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:32.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:33.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:34.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:35.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:36.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:37.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:38.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:39.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:40.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:41.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:42.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:43.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:44.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:45.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:46.0495 0x0fe4  Waiting for KSN requests completion. In queue: 70
05:06:46.0761 0x0c18  Object send P2P result: false
05:06:46.0761 0x0c18  Object required for P2P: [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi
05:06:47.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:48.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:49.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:50.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:51.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:52.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:53.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:54.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:55.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:56.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:57.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:58.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:06:59.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:00.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:01.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:02.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:03.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:04.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:05.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:06.0495 0x0fe4  Waiting for KSN requests completion. In queue: 50
05:07:06.0777 0x0c18  Object send P2P result: false
05:07:06.0777 0x0c18  Object required for P2P: [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio
05:07:06.0777 0x0c18  Object send P2P result: false
05:07:06.0777 0x0c18  Object required for P2P: [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update
05:07:06.0792 0x0c18  Object send P2P result: false
05:07:06.0792 0x0c18  Object required for P2P: [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub
05:07:06.0792 0x0c18  Object send P2P result: false
05:07:06.0792 0x0c18  Object required for P2P: [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor
05:07:06.0792 0x0c18  Object send P2P result: false
05:07:06.0792 0x0c18  Object required for P2P: [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp
05:07:06.0808 0x0c18  Object send P2P result: false
05:07:06.0808 0x0c18  Object required for P2P: [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv
05:07:06.0808 0x0c18  Object send P2P result: false
05:07:07.0730 0x0fe4  Win FW state via NFM: enabled
05:07:07.0730 0x0fe4  ============================================================
05:07:07.0730 0x0fe4  Scan finished
05:07:07.0730 0x0fe4  ============================================================
05:07:07.0777 0x09ac  Detected object count: 0
05:07:07.0777 0x09ac  Actual detected object count: 0

cosinus · 06.02.2015, 21:02

Ich glaub du hast das Tool nicht richtig eingestellt...so sollte es sein:

Ruffytaker · 06.02.2015, 21:26

oh entschuldige hatte wirklich nicht richtig eingestellt

nun geändert

Code:

ATTFilter

08:15:57.0781 0x0d30  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:16:01.0703 0x0d30  ============================================================
08:16:01.0703 0x0d30  Current date / time: 2015/02/06 08:16:01.0703
08:16:01.0703 0x0d30  SystemInfo:
08:16:01.0703 0x0d30  
08:16:01.0703 0x0d30  OS Version: 5.1.2600 ServicePack: 3.0
08:16:01.0703 0x0d30  Product type: Workstation
08:16:01.0703 0x0d30  ComputerName: NAME-PJ192R4VL8
08:16:01.0703 0x0d30  UserName: lisa
08:16:01.0703 0x0d30  Windows directory: C:\WINDOWS
08:16:01.0703 0x0d30  System windows directory: C:\WINDOWS
08:16:01.0703 0x0d30  Processor architecture: Intel x86
08:16:01.0703 0x0d30  Number of processors: 2
08:16:01.0703 0x0d30  Page size: 0x1000
08:16:01.0703 0x0d30  Boot type: Normal boot
08:16:01.0703 0x0d30  ============================================================
08:16:03.0093 0x0d30  KLMD registered as C:\WINDOWS\system32\drivers\21583206.sys
08:16:03.0421 0x0d30  System UUID: {D6E74072-D490-FACD-7652-3E8605ECB366}
08:16:04.0468 0x0d30  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:16:04.0468 0x0d30  ============================================================
08:16:04.0468 0x0d30  \Device\Harddisk0\DR0:
08:16:04.0468 0x0d30  MBR partitions:
08:16:04.0468 0x0d30  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x901F5C0
08:16:04.0468 0x0d30  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x901F5FF, BlocksNum 0x901B73E
08:16:04.0468 0x0d30  ============================================================
08:16:04.0531 0x0d30  C: <-> \Device\Harddisk0\DR0\Partition1
08:16:04.0562 0x0d30  D: <-> \Device\Harddisk0\DR0\Partition2
08:16:04.0562 0x0d30  ============================================================
08:16:04.0562 0x0d30  Initialize success
08:16:04.0562 0x0d30  ============================================================
08:16:33.0375 0x0bd0  ============================================================
08:16:33.0375 0x0bd0  Scan started
08:16:33.0375 0x0bd0  Mode: Manual; SigCheck; TDLFS; 
08:16:33.0375 0x0bd0  ============================================================
08:16:33.0375 0x0bd0  KSN ping started
08:16:46.0968 0x0bd0  KSN ping finished: true
08:16:47.0453 0x0bd0  ================ Scan system memory ========================
08:16:47.0468 0x0bd0  System memory - ok
08:16:47.0468 0x0bd0  ================ Scan services =============================
08:16:47.0640 0x0bd0  Abiosdsk - ok
08:16:47.0656 0x0bd0  abp480n5 - ok
08:16:47.0859 0x0bd0  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:16:50.0765 0x0bd0  ACPI - ok
08:16:50.0937 0x0bd0  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
08:16:51.0265 0x0bd0  ACPIEC - ok
08:16:51.0265 0x0bd0  adpu160m - ok
08:16:51.0343 0x0bd0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
08:16:51.0546 0x0bd0  aec - ok
08:16:51.0640 0x0bd0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
08:16:51.0828 0x0bd0  AFD - ok
08:16:51.0843 0x0bd0  Aha154x - ok
08:16:51.0859 0x0bd0  aic78u2 - ok
08:16:51.0875 0x0bd0  aic78xx - ok
08:16:51.0937 0x0bd0  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
08:16:52.0125 0x0bd0  Alerter - ok
08:16:52.0171 0x0bd0  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
08:16:52.0296 0x0bd0  ALG - ok
08:16:52.0296 0x0bd0  AliIde - ok
08:16:52.0453 0x0bd0  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
08:16:52.0859 0x0bd0  Ambfilt - ok
08:16:52.0890 0x0bd0  amsint - ok
08:16:52.0906 0x0bd0  AmUStor - ok
08:16:53.0093 0x0bd0  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:16:53.0156 0x0bd0  Apple Mobile Device - ok
08:16:53.0187 0x0bd0  AppMgmt - ok
08:16:53.0531 0x0bd0  [ E0EE769D14128014965E03B433F5F46E, 94B4383B0D965364D0F94F00DF7E04085714CA2F9C491CC6597FAB4E38EB7BAC ] AR5416          C:\WINDOWS\system32\DRIVERS\athw.sys
08:16:53.0796 0x0bd0  AR5416 - ok
08:16:53.0812 0x0bd0  asc - ok
08:16:53.0828 0x0bd0  asc3350p - ok
08:16:53.0843 0x0bd0  asc3550 - ok
08:16:54.0015 0x0bd0  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:16:54.0046 0x0bd0  aspnet_state - ok
08:16:54.0125 0x0bd0  [ 12415A4B61DED200FE9932B47A35FA42, EA9D32CCD98990F6F20412F919B0477D63771E631755CC593E2CD9B8D70A8E25 ] AsusACPI        C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
08:16:54.0265 0x0bd0  AsusACPI - ok
08:16:54.0343 0x0bd0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:16:54.0656 0x0bd0  AsyncMac - ok
08:16:54.0687 0x0bd0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
08:16:54.0906 0x0bd0  atapi - ok
08:16:54.0906 0x0bd0  Atdisk - ok
08:16:54.0953 0x0bd0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:16:55.0156 0x0bd0  Atmarpc - ok
08:16:55.0218 0x0bd0  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
08:16:55.0468 0x0bd0  AudioSrv - ok
08:16:55.0531 0x0bd0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
08:16:55.0734 0x0bd0  audstub - ok
08:16:55.0921 0x0bd0  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Programme\Microsoft\BingBar\7.3.132.0\BBSvc.exe
08:16:55.0968 0x0bd0  BBSvc - ok
08:16:56.0000 0x0bd0  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Programme\Microsoft\BingBar\7.3.132.0\SeaPort.exe
08:16:56.0046 0x0bd0  BBUpdate - ok
08:16:56.0140 0x0bd0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
08:16:56.0406 0x0bd0  Beep - ok
08:16:56.0500 0x0bd0  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
08:16:56.0734 0x0bd0  BITS - ok
08:16:56.0843 0x0bd0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
08:16:56.0890 0x0bd0  Bonjour Service - ok
08:16:56.0968 0x0bd0  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
08:16:57.0171 0x0bd0  Browser - ok
08:16:57.0171 0x0bd0  btaudio - ok
08:16:57.0187 0x0bd0  BTDriver - ok
08:16:57.0203 0x0bd0  BTWDNDIS - ok
08:16:57.0218 0x0bd0  btwhid - ok
08:16:57.0234 0x0bd0  BTWUSB - ok
08:16:57.0421 0x0bd0  catchme - ok
08:16:57.0484 0x0bd0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
08:16:57.0765 0x0bd0  cbidf2k - ok
08:16:57.0812 0x0bd0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:16:58.0031 0x0bd0  CCDECODE - ok
08:16:58.0031 0x0bd0  cd20xrnt - ok
08:16:58.0078 0x0bd0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
08:16:58.0281 0x0bd0  Cdaudio - ok
08:16:58.0296 0x0bd0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
08:16:58.0515 0x0bd0  Cdfs - ok
08:16:58.0750 0x0bd0  [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:16:58.0937 0x0bd0  Cdrom - ok
08:16:58.0953 0x0bd0  Changer - ok
08:16:59.0015 0x0bd0  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
08:16:59.0312 0x0bd0  CiSvc - ok
08:16:59.0343 0x0bd0  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
08:16:59.0546 0x0bd0  ClipSrv - ok
08:16:59.0625 0x0bd0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:16:59.0656 0x0bd0  clr_optimization_v2.0.50727_32 - ok
08:16:59.0734 0x0bd0  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:16:59.0984 0x0bd0  CmBatt - ok
08:16:59.0984 0x0bd0  CmdIde - ok
08:17:00.0031 0x0bd0  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:17:00.0328 0x0bd0  Compbatt - ok
08:17:00.0328 0x0bd0  COMSysApp - ok
08:17:00.0359 0x0bd0  Cpqarray - ok
08:17:00.0421 0x0bd0  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
08:17:00.0671 0x0bd0  CryptSvc - ok
08:17:00.0671 0x0bd0  dac2w2k - ok
08:17:00.0687 0x0bd0  dac960nt - ok
08:17:00.0765 0x0bd0  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
08:17:00.0921 0x0bd0  DcomLaunch - ok
08:17:01.0000 0x0bd0  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
08:17:01.0218 0x0bd0  Dhcp - ok
08:17:01.0265 0x0bd0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
08:17:01.0500 0x0bd0  Disk - ok
08:17:01.0500 0x0bd0  dmadmin - ok
08:17:01.0625 0x0bd0  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
08:17:01.0890 0x0bd0  dmboot - ok
08:17:01.0937 0x0bd0  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
08:17:02.0156 0x0bd0  dmio - ok
08:17:02.0203 0x0bd0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
08:17:02.0406 0x0bd0  dmload - ok
08:17:02.0421 0x0bd0  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
08:17:02.0625 0x0bd0  dmserver - ok
08:17:02.0687 0x0bd0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
08:17:02.0921 0x0bd0  DMusic - ok
08:17:02.0984 0x0bd0  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
08:17:03.0093 0x0bd0  Dnscache - ok
08:17:03.0156 0x0bd0  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
08:17:03.0437 0x0bd0  Dot3svc - ok
08:17:03.0453 0x0bd0  dpti2o - ok
08:17:03.0500 0x0bd0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
08:17:03.0703 0x0bd0  drmkaud - ok
08:17:03.0718 0x0bd0  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
08:17:03.0937 0x0bd0  EapHost - ok
08:17:03.0984 0x0bd0  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
08:17:04.0234 0x0bd0  ERSvc - ok
08:17:04.0296 0x0bd0  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
08:17:04.0328 0x0bd0  Eventlog - ok
08:17:04.0390 0x0bd0  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
08:17:04.0468 0x0bd0  EventSystem - ok
08:17:04.0562 0x0bd0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
08:17:04.0781 0x0bd0  Fastfat - ok
08:17:04.0859 0x0bd0  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:17:04.0984 0x0bd0  FastUserSwitchingCompatibility - ok
08:17:05.0062 0x0bd0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
08:17:05.0328 0x0bd0  Fdc - ok
08:17:05.0390 0x0bd0  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
08:17:05.0609 0x0bd0  Fips - ok
08:17:05.0625 0x0bd0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
08:17:05.0828 0x0bd0  Flpydisk - ok
08:17:05.0906 0x0bd0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:17:06.0140 0x0bd0  FltMgr - ok
08:17:06.0218 0x0bd0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:17:06.0250 0x0bd0  FontCache3.0.0.0 - ok
08:17:06.0328 0x0bd0  [ 960F5E5E4E1F720465311AC68A99C2DF, F52E2FB00CA71BB414D97E16BE7A65E90E813D73EA0D303DC9AF93BFEF9F8ADE ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
08:17:06.0359 0x0bd0  fssfltr - ok
08:17:06.0578 0x0bd0  [ 9B1622EBEB31B3411B13382FFCB8737D, 528CBDE1B92EB27B0FE7D7F5944A3828C26E51A27532BB434D66A3886AED3901 ] fsssvc          C:\Programme\Windows Live\Family Safety\fsssvc.exe
08:17:06.0671 0x0bd0  fsssvc - ok
08:17:06.0718 0x0bd0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:17:07.0031 0x0bd0  Fs_Rec - ok
08:17:07.0109 0x0bd0  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:17:07.0343 0x0bd0  Ftdisk - ok
08:17:07.0390 0x0bd0  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:17:07.0406 0x0bd0  GEARAspiWDM - ok
08:17:07.0484 0x0bd0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:17:07.0718 0x0bd0  Gpc - ok
08:17:07.0781 0x0bd0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:17:07.0968 0x0bd0  HDAudBus - ok
08:17:08.0125 0x0bd0  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:17:08.0359 0x0bd0  helpsvc - ok
08:17:08.0406 0x0bd0  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
08:17:08.0640 0x0bd0  HidServ - ok
08:17:08.0703 0x0bd0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:17:08.0890 0x0bd0  hidusb - ok
08:17:08.0937 0x0bd0  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
08:17:09.0140 0x0bd0  hkmsvc - ok
08:17:09.0140 0x0bd0  hpn - ok
08:17:09.0218 0x0bd0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
08:17:09.0343 0x0bd0  HTTP - ok
08:17:09.0390 0x0bd0  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
08:17:09.0578 0x0bd0  HTTPFilter - ok
08:17:09.0593 0x0bd0  i2omgmt - ok
08:17:09.0593 0x0bd0  i2omp - ok
08:17:09.0671 0x0bd0  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:17:09.0953 0x0bd0  i8042prt - ok
08:17:10.0437 0x0bd0  [ 0F68E2EC713F132FFB19E45415B09679, B1439A5D157F9FF54E803581D2B86411DB079242D837617021A4A0BC195E67BB ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
08:17:11.0062 0x0bd0  ialm - ok
08:17:11.0187 0x0bd0  [ 8EF427C54497C5F8A7A645990E4278C7, 3890391A489DAAFE155345C2E16BE17DF1E3E23DEE73EE849A7F96132AE65417 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
08:17:11.0375 0x0bd0  iaStor - ok
08:17:11.0500 0x0bd0  [ 36D8D68825BEDF687BE2AA203164B030, 749992B59A96073C2622C8CFE10B1F1CE72EED5B297F243F9D69476B9CE7FAC7 ] ICQ Service     C:\Programme\ICQ6Toolbar\ICQ Service.exe
08:17:11.0562 0x0bd0  ICQ Service - ok
08:17:11.0718 0x0bd0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:17:11.0875 0x0bd0  idsvc - ok
08:17:11.0968 0x0bd0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
08:17:12.0281 0x0bd0  Imapi - ok
08:17:12.0312 0x0bd0  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
08:17:12.0515 0x0bd0  ImapiService - ok
08:17:12.0531 0x0bd0  ini910u - ok
08:17:12.0984 0x0bd0  [ 9037C8BD3E896D7F2803A171FDEAEEF4, 4D52DE2D22CC74584E2C54C4E18FAA688072B719091040A4B14FE88CE9FBF1F7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:17:13.0546 0x0bd0  IntcAzAudAddService - ok
08:17:13.0578 0x0bd0  IntelIde - ok
08:17:13.0640 0x0bd0  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:17:13.0843 0x0bd0  intelppm - ok
08:17:13.0859 0x0bd0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:17:14.0046 0x0bd0  Ip6Fw - ok
08:17:14.0062 0x0bd0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:17:14.0250 0x0bd0  IpFilterDriver - ok
08:17:14.0250 0x0bd0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:17:14.0437 0x0bd0  IpInIp - ok
08:17:14.0468 0x0bd0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:17:14.0671 0x0bd0  IpNat - ok
08:17:14.0781 0x0bd0  [ 49918803B661367023BF325CF602AFDC, 2821451FD31EAFCB5D3081998756F7274B4C2594E9A378EEE5C1D5D92C1FC58C ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
08:17:14.0875 0x0bd0  iPod Service - ok
08:17:14.0937 0x0bd0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:17:15.0109 0x0bd0  IPSec - ok
08:17:15.0203 0x0bd0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
08:17:15.0312 0x0bd0  IRENUM - ok
08:17:15.0390 0x0bd0  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:17:15.0593 0x0bd0  isapnp - ok
08:17:15.0671 0x0bd0  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:17:15.0843 0x0bd0  Kbdclass - ok
08:17:15.0921 0x0bd0  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:17:16.0125 0x0bd0  kbdhid - ok
08:17:16.0203 0x0bd0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
08:17:16.0453 0x0bd0  kmixer - ok
08:17:16.0562 0x0bd0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
08:17:16.0703 0x0bd0  KSecDD - ok
08:17:16.0781 0x0bd0  [ 6C8658587E91EA25B0FD2E71781AD228, EFD9D5E73264175C7E598D8B2DB2CE44A70A0D8B18290338E4FBDE585AA607AF ] L1c             C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
08:17:16.0843 0x0bd0  L1c - ok
08:17:16.0921 0x0bd0  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
08:17:17.0046 0x0bd0  LanmanServer - ok
08:17:17.0171 0x0bd0  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:17:17.0359 0x0bd0  lanmanworkstation - ok
08:17:17.0375 0x0bd0  lbrtfdc - ok
08:17:17.0484 0x0bd0  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
08:17:17.0812 0x0bd0  LmHosts - ok
08:17:17.0859 0x0bd0  [ 6690B6E2530C1371A82280F25D171EA2, EB170D2BAC25D39A412B116EB3C9A1E8C5EFDB24CB6C02114516B599FEEA2C09 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
08:17:17.0859 0x0bd0  Suspicious file ( Forged ): C:\WINDOWS\system32\drivers\mbamchameleon.sys. Real md5: 6690B6E2530C1371A82280F25D171EA2, sha256: EB170D2BAC25D39A412B116EB3C9A1E8C5EFDB24CB6C02114516B599FEEA2C09, fake md5: 6F080D07EC100DA4166573CEB287426A, fake sha256: 28676E3DAC662DBBF0FCD36CB556C501A2163CA7678F00C3CB127A167C7CE9FC
08:17:17.0859 0x0bd0  mbamchameleon - detected ForgedFile.Multi.Generic ( 1 )
08:17:23.0312 0x07dc  Object required for P2P: [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt
08:17:25.0578 0x0bd0  Detect skipped due to KSN trusted
08:17:25.0578 0x0bd0  mbamchameleon - ok
08:17:25.0640 0x0bd0  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
08:17:25.0703 0x0bd0  MBAMSwissArmy - ok
08:17:25.0750 0x0bd0  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
08:17:25.0875 0x07dc  Object send P2P result: true
08:17:26.0031 0x0bd0  Messenger - ok
08:17:26.0093 0x0bd0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
08:17:26.0281 0x0bd0  mnmdd - ok
08:17:26.0328 0x0bd0  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
08:17:26.0500 0x0bd0  mnmsrvc - ok
08:17:26.0531 0x0bd0  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
08:17:26.0718 0x0bd0  Modem - ok
08:17:26.0843 0x0bd0  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
08:17:27.0078 0x0bd0  Monfilt - ok
08:17:27.0156 0x0bd0  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:17:27.0390 0x0bd0  Mouclass - ok
08:17:27.0437 0x0bd0  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:17:27.0671 0x0bd0  mouhid - ok
08:17:27.0718 0x0bd0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
08:17:27.0937 0x0bd0  MountMgr - ok
08:17:28.0015 0x0bd0  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
08:17:28.0062 0x0bd0  MozillaMaintenance - ok
08:17:28.0062 0x0bd0  mraid35x - ok
08:17:28.0093 0x0bd0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:17:28.0296 0x0bd0  MRxDAV - ok
08:17:28.0406 0x0bd0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:17:28.0562 0x0bd0  MRxSmb - ok
08:17:28.0750 0x0bd0  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe
08:17:29.0015 0x0bd0  MSDTC - ok
08:17:29.0078 0x0bd0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
08:17:29.0296 0x0bd0  Msfs - ok
08:17:29.0312 0x0bd0  MSIServer - ok
08:17:29.0343 0x0bd0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:17:29.0531 0x0bd0  MSKSSRV - ok
08:17:29.0546 0x0bd0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:17:29.0750 0x0bd0  MSPCLOCK - ok
08:17:29.0781 0x0bd0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
08:17:30.0000 0x0bd0  MSPQM - ok
08:17:30.0046 0x0bd0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:17:30.0265 0x0bd0  mssmbios - ok
08:17:30.0281 0x0bd0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
08:17:30.0484 0x0bd0  MSTEE - ok
08:17:30.0531 0x0bd0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
08:17:30.0609 0x0bd0  Mup - ok
08:17:30.0656 0x0bd0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:17:30.0859 0x0bd0  NABTSFEC - ok
08:17:30.0921 0x0bd0  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
08:17:31.0140 0x0bd0  napagent - ok
08:17:31.0265 0x0bd0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
08:17:31.0515 0x0bd0  NDIS - ok
08:17:31.0546 0x0bd0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:17:31.0765 0x0bd0  NdisIP - ok
08:17:31.0812 0x0bd0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:17:31.0984 0x0bd0  NdisTapi - ok
08:17:32.0062 0x0bd0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:17:32.0296 0x0bd0  Ndisuio - ok
08:17:32.0328 0x0bd0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:17:32.0640 0x0bd0  NdisWan - ok
08:17:32.0703 0x0bd0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
08:17:32.0843 0x0bd0  NDProxy - ok
08:17:32.0921 0x0bd0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
08:17:33.0093 0x0bd0  NetBIOS - ok
08:17:33.0203 0x0bd0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
08:17:33.0500 0x0bd0  NetBT - ok
08:17:33.0531 0x0bd0  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
08:17:33.0718 0x0bd0  NetDDE - ok
08:17:33.0750 0x0bd0  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
08:17:33.0937 0x0bd0  NetDDEdsdm - ok
08:17:34.0000 0x0bd0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
08:17:34.0203 0x0bd0  Netlogon - ok
08:17:34.0265 0x0bd0  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
08:17:34.0500 0x0bd0  Netman - ok
08:17:34.0625 0x0bd0  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:17:34.0656 0x0bd0  NetTcpPortSharing - ok
08:17:34.0718 0x0bd0  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
08:17:34.0796 0x0bd0  Nla - ok
08:17:34.0875 0x0bd0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
08:17:35.0078 0x0bd0  Npfs - ok
08:17:35.0125 0x0bd0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
08:17:35.0390 0x0bd0  Ntfs - ok
08:17:35.0421 0x0bd0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
08:17:35.0609 0x0bd0  NtLmSsp - ok
08:17:35.0671 0x0bd0  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
08:17:35.0937 0x0bd0  NtmsSvc - ok
08:17:35.0984 0x0bd0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
08:17:36.0171 0x0bd0  Null - ok
08:17:36.0234 0x0bd0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:17:36.0406 0x0bd0  NwlnkFlt - ok
08:17:36.0421 0x0bd0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:17:36.0609 0x0bd0  NwlnkFwd - ok
08:17:36.0890 0x0bd0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
08:17:36.0953 0x0bd0  odserv - ok
08:17:37.0015 0x0bd0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
08:17:37.0062 0x0bd0  ose - ok
08:17:37.0140 0x0bd0  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
08:17:37.0437 0x0bd0  Parport - ok
08:17:37.0500 0x0bd0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
08:17:37.0718 0x0bd0  PartMgr - ok
08:17:37.0750 0x0bd0  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
08:17:37.0921 0x0bd0  ParVdm - ok
08:17:37.0937 0x0bd0  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
08:17:38.0140 0x0bd0  PCI - ok
08:17:38.0140 0x0bd0  PCIDump - ok
08:17:38.0156 0x0bd0  PCIIde - ok
08:17:38.0218 0x0bd0  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
08:17:38.0406 0x0bd0  Pcmcia - ok
08:17:38.0421 0x0bd0  PDCOMP - ok
08:17:38.0437 0x0bd0  PDFRAME - ok
08:17:38.0453 0x0bd0  PDRELI - ok
08:17:38.0453 0x0bd0  PDRFRAME - ok
08:17:38.0468 0x0bd0  perc2 - ok
08:17:38.0484 0x0bd0  perc2hib - ok
08:17:38.0562 0x0bd0  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
08:17:38.0640 0x0bd0  PlugPlay - ok
08:17:38.0640 0x0bd0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
08:17:38.0828 0x0bd0  PolicyAgent - ok
08:17:38.0875 0x0bd0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:17:39.0046 0x0bd0  PptpMiniport - ok
08:17:39.0062 0x0bd0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:17:39.0250 0x0bd0  ProtectedStorage - ok
08:17:39.0265 0x0bd0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
08:17:39.0453 0x0bd0  PSched - ok
08:17:39.0468 0x0bd0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:17:39.0640 0x0bd0  Ptilink - ok
08:17:39.0656 0x0bd0  ql1080 - ok
08:17:39.0671 0x0bd0  Ql10wnt - ok
08:17:39.0671 0x0bd0  ql12160 - ok
08:17:39.0687 0x0bd0  ql1240 - ok
08:17:39.0703 0x0bd0  ql1280 - ok
08:17:39.0750 0x0bd0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:17:39.0953 0x0bd0  RasAcd - ok
08:17:39.0984 0x0bd0  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
08:17:40.0171 0x0bd0  RasAuto - ok
08:17:40.0218 0x0bd0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:17:40.0437 0x0bd0  Rasl2tp - ok
08:17:40.0484 0x0bd0  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
08:17:40.0718 0x0bd0  RasMan - ok
08:17:40.0734 0x0bd0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:17:40.0921 0x0bd0  RasPppoe - ok
08:17:40.0953 0x0bd0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
08:17:41.0125 0x0bd0  Raspti - ok
08:17:41.0203 0x0bd0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:17:41.0406 0x0bd0  Rdbss - ok
08:17:41.0484 0x0bd0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:17:41.0687 0x0bd0  RDPCDD - ok
08:17:41.0765 0x0bd0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
08:17:41.0906 0x0bd0  RDPWD - ok
08:17:41.0968 0x0bd0  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
08:17:42.0218 0x0bd0  RDSessMgr - ok
08:17:42.0265 0x0bd0  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
08:17:42.0437 0x0bd0  redbook - ok
08:17:42.0500 0x0bd0  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
08:17:42.0671 0x0bd0  RemoteAccess - ok
08:17:42.0687 0x0bd0  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
08:17:42.0890 0x0bd0  RpcLocator - ok
08:17:42.0984 0x0bd0  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
08:17:43.0093 0x0bd0  RpcSs - ok
08:17:43.0171 0x0bd0  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
08:17:43.0359 0x0bd0  RSVP - ok
08:17:43.0546 0x0bd0  [ 97B59CE2CFBB0884A16DDD8F1781812B, 818A348715E5A043C92613C5251A49CF8DCB8E65E884967FF7E3A8BFEC8910D1 ] RT80x86         C:\WINDOWS\system32\DRIVERS\RT2860.sys
08:17:43.0718 0x0bd0  RT80x86 - ok
08:17:43.0781 0x0bd0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
08:17:43.0953 0x0bd0  SamSs - ok
08:17:44.0015 0x0bd0  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
08:17:44.0234 0x0bd0  SCardSvr - ok
08:17:44.0312 0x0bd0  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
08:17:44.0531 0x0bd0  Schedule - ok
08:17:44.0593 0x0bd0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:17:44.0687 0x0bd0  Secdrv - ok
08:17:44.0718 0x0bd0  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
08:17:44.0906 0x0bd0  seclogon - ok
08:17:44.0984 0x0bd0  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
08:17:45.0171 0x0bd0  SENS - ok
08:17:45.0218 0x0bd0  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
08:17:45.0406 0x0bd0  Serial - ok
08:17:45.0437 0x0bd0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
08:17:45.0640 0x0bd0  Sfloppy - ok
08:17:45.0734 0x0bd0  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
08:17:45.0968 0x0bd0  SharedAccess - ok
08:17:46.0015 0x0bd0  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:17:46.0046 0x0bd0  ShellHWDetection - ok
08:17:46.0062 0x0bd0  Simbad - ok
08:17:46.0171 0x0bd0  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
08:17:46.0218 0x0bd0  SkypeUpdate - ok
08:17:46.0234 0x0bd0  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:17:46.0250 0x0780  Object required for P2P: [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan
08:17:46.0421 0x0bd0  SLIP - ok
08:17:46.0609 0x0bd0  [ 473F35E2A378B854731E67C377A3BEA7, 009855547987FB22CE885F9A1213408CBCC6BB734CB9BB4425EAA485C148B1EC ] SNP2UVC         C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
08:17:46.0843 0x0bd0  SNP2UVC - ok
08:17:46.0875 0x0bd0  Sparrow - ok
08:17:46.0937 0x0bd0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
08:17:47.0140 0x0bd0  splitter - ok
08:17:47.0218 0x0bd0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
08:17:47.0265 0x0bd0  Spooler - ok
08:17:47.0343 0x0bd0  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
08:17:47.0515 0x0bd0  sr - ok
08:17:47.0578 0x0bd0  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
08:17:47.0734 0x0bd0  srservice - ok
08:17:47.0796 0x0bd0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
08:17:47.0968 0x0bd0  Srv - ok
08:17:48.0046 0x0bd0  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
08:17:48.0171 0x0bd0  SSDPSRV - ok
08:17:48.0296 0x0bd0  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
08:17:48.0671 0x0bd0  stisvc - ok
08:17:48.0734 0x0bd0  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:17:48.0906 0x0bd0  streamip - ok
08:17:48.0968 0x0bd0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
08:17:49.0171 0x0bd0  swenum - ok
08:17:49.0218 0x0bd0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
08:17:49.0390 0x0bd0  swmidi - ok
08:17:49.0406 0x0bd0  SwPrv - ok
08:17:49.0421 0x0bd0  symc810 - ok
08:17:49.0437 0x0bd0  symc8xx - ok
08:17:49.0437 0x0bd0  sym_hi - ok
08:17:49.0453 0x0bd0  sym_u3 - ok
08:17:49.0546 0x0bd0  [ 8E25A1DBB8527B2074AF9B682F818768, 4B9C44BA6D12769920D4FB3D7B6815220FF0537B980E24C9643581776311F9AC ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:17:49.0625 0x0bd0  SynTP - ok
08:17:49.0671 0x0bd0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
08:17:49.0875 0x0bd0  sysaudio - ok
08:17:49.0937 0x0bd0  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
08:17:50.0140 0x0bd0  SysmonLog - ok
08:17:50.0218 0x0bd0  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
08:17:50.0468 0x0bd0  TapiSrv - ok
08:17:50.0562 0x0bd0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:17:50.0671 0x0bd0  Tcpip - ok
08:17:50.0718 0x0bd0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
08:17:50.0984 0x0bd0  TDPIPE - ok
08:17:51.0000 0x0bd0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
08:17:51.0187 0x0bd0  TDTCP - ok
08:17:51.0265 0x0bd0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
08:17:51.0468 0x0bd0  TermDD - ok
08:17:51.0531 0x0bd0  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
08:17:51.0765 0x0bd0  TermService - ok
08:17:51.0828 0x0bd0  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
08:17:51.0875 0x0bd0  Themes - ok
08:17:51.0890 0x0bd0  TosIde - ok
08:17:51.0984 0x0bd0  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
08:17:52.0234 0x0bd0  TrkWks - ok
08:17:52.0296 0x0bd0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
08:17:52.0500 0x0bd0  Udfs - ok
08:17:52.0515 0x0bd0  ultra - ok
08:17:52.0593 0x0bd0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
08:17:52.0796 0x0bd0  Update - ok
08:17:52.0859 0x0bd0  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
08:17:52.0984 0x0bd0  upnphost - ok
08:17:53.0031 0x0bd0  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
08:17:53.0203 0x0bd0  UPS - ok
08:17:53.0296 0x0bd0  [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
08:17:53.0343 0x0bd0  USBAAPL - ok
08:17:53.0421 0x0bd0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:17:53.0593 0x0bd0  usbccgp - ok
08:17:53.0687 0x0bd0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:17:53.0718 0x0bd0  usbehci - ok
08:17:53.0796 0x0bd0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:17:54.0093 0x0bd0  usbhub - ok
08:17:54.0171 0x0bd0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:17:54.0296 0x0bd0  usbscan - ok
08:17:54.0359 0x0bd0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:17:54.0578 0x0bd0  usbstor - ok
08:17:54.0640 0x0bd0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:17:54.0859 0x0bd0  usbuhci - ok
08:17:54.0906 0x0bd0  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
08:17:55.0031 0x0bd0  usbvideo - ok
08:17:55.0046 0x0bd0  [ C019889035CDC1A06F2FEBC93CBB6897, 370FAA64E035967220C0873EB7BDD79A18365DC321FD769B2865BB21CC941A8F ] uvclf           C:\WINDOWS\system32\DRIVERS\uvclf.sys
08:17:55.0125 0x0bd0  uvclf - ok
08:17:55.0203 0x0bd0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
08:17:55.0421 0x0bd0  VgaSave - ok
08:17:55.0437 0x0bd0  ViaIde - ok
08:17:55.0500 0x0bd0  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
08:17:55.0812 0x0bd0  VolSnap - ok
08:17:55.0890 0x0bd0  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
08:17:56.0000 0x0bd0  VSS - ok
08:17:56.0062 0x0bd0  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
08:17:56.0296 0x0bd0  W32Time - ok
08:17:56.0343 0x0bd0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:17:56.0562 0x0bd0  Wanarp - ok
08:17:56.0640 0x0bd0  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
08:17:56.0703 0x0bd0  Wdf01000 - ok
08:17:56.0718 0x0bd0  WDICA - ok
08:17:56.0765 0x0bd0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
08:17:56.0984 0x0bd0  wdmaud - ok
08:17:57.0031 0x0bd0  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
08:17:57.0234 0x0bd0  WebClient - ok
08:17:57.0390 0x0bd0  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
08:17:57.0578 0x0bd0  winmgmt - ok
08:17:57.0656 0x0bd0  [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
08:17:57.0687 0x0bd0  WinUSB - ok
08:17:57.0734 0x0bd0  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
08:17:57.0859 0x0bd0  WmdmPmSN - ok
08:17:57.0937 0x0bd0  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:17:58.0156 0x0bd0  WmiApSrv - ok
08:17:58.0281 0x0bd0  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
08:17:58.0406 0x0bd0  WMPNetworkSvc - ok
08:17:58.0578 0x0bd0  [ 017695393AFFFED8DE58ABD1B085BE6D, 447D65499426A745A85289F3EB7CABBC0CC64D2C6B60D612ED34885CFF94B765 ] WMZuneComm      c:\Programme\Zune\WMZuneComm.exe
08:17:58.0625 0x0bd0  WMZuneComm - ok
08:17:58.0765 0x0bd0  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:17:58.0828 0x0bd0  WpdUsb - ok
08:17:58.0859 0x0bd0  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:17:59.0109 0x0bd0  WS2IFSL - ok
08:17:59.0171 0x0bd0  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
08:17:59.0343 0x0bd0  wscsvc - ok
08:17:59.0375 0x0bd0  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:17:59.0562 0x0bd0  WSTCODEC - ok
08:17:59.0609 0x0bd0  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
08:17:59.0765 0x0780  Object send P2P result: true
08:17:59.0765 0x0780  Object required for P2P: [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE
08:17:59.0828 0x0bd0  wuauserv - ok
08:17:59.0890 0x0bd0  [ EAA6324F51214D2F6718977EC9CE0DEF, B9DE1521395E09233FE519873702979C3EAF65FEC4B94B12A46CECB16C488543 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:17:59.0968 0x0bd0  WudfPf - ok
08:18:00.0015 0x0bd0  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:18:00.0093 0x0bd0  WudfRd - ok
08:18:00.0171 0x0bd0  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
08:18:00.0234 0x0bd0  WudfSvc - ok
08:18:00.0328 0x0bd0  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
08:18:00.0656 0x0bd0  WZCSVC - ok
08:18:00.0687 0x070c  Object required for P2P: [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr
08:18:00.0703 0x0bd0  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
08:18:00.0890 0x0bd0  xmlprov - ok
08:18:00.0937 0x0bd0  [ AE279CD76B38FC079EEC3CA6D65A5926, 6C5B22BA59732D2A1E6017447ABCCD3987C49ED9899819B6BA2EB2E1030CD044 ] zumbus          C:\WINDOWS\system32\DRIVERS\zumbus.sys
08:18:01.0203 0x058c  Object required for P2P: [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS
08:18:01.0328 0x0bd0  zumbus - ok
08:18:01.0406 0x0bd0  [ 37F339B64F19E2775284ED7161B96683, 24116248DC96A3C4B76489C7E8BF4AD5F4DF4A1C124A993E9FF92B0505278850 ] ZuneBusEnum     c:\Programme\Zune\ZuneBusEnum.exe
08:18:01.0437 0x0bd0  ZuneBusEnum - ok
08:18:01.0953 0x0bd0  [ 1076DF9ADE4E13EA3BF39D2165AEB903, 2CC94E658D02A97D8C02D7748F30A87AD16005720EBE29B7D55B80012BBA63A2 ] ZuneNetworkSvc  c:\Programme\Zune\ZuneNss.exe
08:18:02.0218 0x0780  Object send P2P result: true
08:18:02.0218 0x0780  Object required for P2P: [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm
08:18:02.0671 0x0bd0  ZuneNetworkSvc - ok
08:18:02.0812 0x0bd0  [ DE1CDB333A402B279F04D627122FA08E, 4ACBC70BBF67F1DE4375543EE3F0D08C9FFCE6736A437E8B237D593F00DD3888 ] ZuneWlanCfgSvc  c:\Programme\Zune\ZuneWlanCfgSvc.exe
08:18:02.0890 0x0bd0  ZuneWlanCfgSvc - ok
08:18:02.0921 0x0bd0  ================ Scan global ===============================
08:18:02.0984 0x0bd0  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
08:18:03.0046 0x0bd0  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
08:18:03.0109 0x0bd0  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
08:18:03.0187 0x0bd0  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
08:18:03.0203 0x0bd0  [ Global ] - ok
08:18:03.0203 0x0bd0  ================ Scan MBR ==================================
08:18:03.0234 0x070c  Object send P2P result: true
08:18:03.0234 0x070c  Object required for P2P: [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio
08:18:03.0250 0x0bd0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:18:03.0828 0x058c  Object send P2P result: true
08:18:04.0171 0x0bd0  \Device\Harddisk0\DR0 - ok
08:18:04.0171 0x0bd0  ================ Scan VBR ==================================
08:18:04.0171 0x0bd0  [ C58391ED22FE3179575617507C8679AF ] \Device\Harddisk0\DR0\Partition1
08:18:04.0187 0x0bd0  \Device\Harddisk0\DR0\Partition1 - ok
08:18:04.0203 0x0bd0  [ D56A3B990EAA43C9BF7798A85CB5E097 ] \Device\Harddisk0\DR0\Partition2
08:18:04.0203 0x0bd0  \Device\Harddisk0\DR0\Partition2 - ok
08:18:04.0203 0x0bd0  ================ Scan generic autorun ======================
08:18:04.0281 0x0bd0  [ 4F0BED169FAB31EA094A649B0473B5C6, 492516BEA51D0A793F055EB789DC0A07477A78FAC6321C0AAB9BEF72EE7FCC80 ] C:\WINDOWS\system32\igfxtray.exe
08:18:04.0406 0x0bd0  IgfxTray - ok
08:18:04.0437 0x0bd0  [ 8B0DE4B972DB725FB9D591E69CD236FB, DF84C7DAE087772C4AAF8D13B48F9BE1E6BC31869DE6BD9642B598C0DF660F12 ] C:\WINDOWS\system32\hkcmd.exe
08:18:04.0546 0x0bd0  HotKeysCmds - ok
08:18:04.0671 0x0bd0  [ 5AEE71F957654D73E0798BBC295DC5A8, 8B4E9C66BF1CB7469789476527C9E78739BBA8D3A60E470C653867A5C8671796 ] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
08:18:04.0796 0x0bd0  AsusACPIServer - detected UnsignedFile.Multi.Generic ( 1 )
08:18:05.0187 0x0780  Object send P2P result: true
08:18:05.0187 0x0780  Object required for P2P: [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman
08:18:05.0812 0x070c  Object send P2P result: true
08:18:07.0750 0x0780  Object send P2P result: true
08:18:07.0750 0x0780  Object required for P2P: [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink
08:18:08.0781 0x0bd0  Detect skipped due to KSN trusted
08:18:08.0781 0x0bd0  AsusACPIServer - ok
08:18:08.0843 0x0bd0  [ 9474B0F93F8C62A9D4981A4482846402, 98D7CEB9476D533EF339655DDABEF606A9973561D6ED4AFEB8B210F9787E67E0 ] C:\Programme\EeePC\ACPI\AsEPCMon.exe
08:18:08.0859 0x0bd0  AsusEPCMonitor - detected UnsignedFile.Multi.Generic ( 1 )
08:18:10.0296 0x0780  Object send P2P result: true
08:18:10.0296 0x0780  Object required for P2P: [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr
08:18:11.0421 0x0bd0  Detect skipped due to KSN trusted
08:18:11.0421 0x0bd0  AsusEPCMonitor - ok
08:18:11.0546 0x0bd0  [ 29C8FD8DE192B3A52E7CB7DCECE552AF, AEE7774A7EB20C50C8BF5F0BCC7EB47CDFA2845A69F92A6A81C28AA7C9262CED ] C:\Programme\EeePC\ACPI\AsTray.exe
08:18:11.0578 0x0bd0  AsusTray - detected UnsignedFile.Multi.Generic ( 1 )
08:18:12.0875 0x0780  Object send P2P result: true
08:18:16.0250 0x0bd0  Detect skipped due to KSN trusted
08:18:16.0250 0x0bd0  AsusTray - ok
08:18:16.0515 0x0bd0  [ F1E858C7523F3E95286549003A700EF7, D1BE6E05E1898977D2B5B2A50A6AE4D82F62255978BF1CA377661CBA53654135 ] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
08:18:16.0656 0x0bd0  SynTPEnh - ok
08:18:16.0671 0x0bd0  [ 2C16AF20EF4BF79F5120C75FB9413D76, FB6FA1077F418EEBB33E90D1690F4D32552A544B2C5DE5E05CCE0580277F11D2 ] C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe
08:18:16.0703 0x0bd0  SynAsusAcpi - ok
08:18:16.0718 0x0bd0  KernelFaultCheck - ok
08:18:16.0750 0x0bd0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
08:18:16.0968 0x0bd0  CTFMON.EXE - ok
08:18:17.0093 0x0bd0  [ 954986F1E2A1FD7E60A169701C0C40C7, F649A944B200110CE06FF249C5109F2A21304423AC64C0C8DBE0754AA66E5F49 ] C:\Programme\ASUS\Eee Docking\Eee Docking.exe
08:18:17.0171 0x0bd0  Eee Docking - detected UnsignedFile.Multi.Generic ( 1 )
08:18:19.0765 0x0bd0  Detect skipped due to KSN trusted
08:18:19.0765 0x0bd0  Eee Docking - ok
08:18:19.0953 0x0bd0  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe
08:18:20.0015 0x0bd0  Facebook Update - ok
08:18:20.0015 0x0bd0  Ehonzuynyp - ok
08:18:20.0109 0x0bd0  [ 954986F1E2A1FD7E60A169701C0C40C7, F649A944B200110CE06FF249C5109F2A21304423AC64C0C8DBE0754AA66E5F49 ] C:\Programme\ASUS\Eee Docking\Eee Docking.exe
08:18:20.0218 0x0bd0  Eee Docking - detected UnsignedFile.Multi.Generic ( 1 )
08:18:20.0218 0x0bd0  Detect skipped due to KSN trusted
08:18:20.0218 0x0bd0  Eee Docking - ok
08:18:20.0359 0x0bd0  [ 83EBCCC27098B1D1F20F72E10D6BF309, 588C2F8B82AB6C5E8FAC351B6F44A3AA630B64A319F5031D0FC8A769B1E2237D ] C:\Programme\ICQ7.2\ICQ.exe
08:18:20.0421 0x0bd0  ICQ - ok
08:18:20.0437 0x0bd0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
08:18:20.0656 0x0bd0  CTFMON.EXE - ok
08:18:20.0687 0x0bd0  [ 954986F1E2A1FD7E60A169701C0C40C7, F649A944B200110CE06FF249C5109F2A21304423AC64C0C8DBE0754AA66E5F49 ] C:\Programme\ASUS\Eee Docking\Eee Docking.exe
08:18:20.0734 0x0bd0  Eee Docking - detected UnsignedFile.Multi.Generic ( 1 )
08:18:20.0734 0x0bd0  Detect skipped due to KSN trusted
08:18:20.0734 0x0bd0  Eee Docking - ok
08:18:20.0734 0x0bd0  Waiting for KSN requests completion. In queue: 6
08:18:21.0734 0x0bd0  Waiting for KSN requests completion. In queue: 6
08:18:22.0734 0x0bd0  Waiting for KSN requests completion. In queue: 6
08:18:23.0828 0x0bd0  Win FW state via NFM: enabled
08:18:26.0281 0x0bd0  ============================================================
08:18:26.0281 0x0bd0  Scan finished
08:18:26.0281 0x0bd0  ============================================================
08:18:26.0296 0x0bdc  Detected object count: 0
08:18:26.0296 0x0bdc  Actual detected object count: 0

noch ne frage nebenbei wenn ich alles auf diesen acc scanne scannt der dann beide benutzernamen ?

cosinus · 06.02.2015, 21:31

Unauffällig...

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Ruffytaker · 06.02.2015, 21:57

so schonmal der adw log

Code:

ATTFilter

# AdwCleaner v4.110 - Bericht erstellt 06/02/2015 um 08:41:59
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Microsoft Windows XP Service Pack 3 (x86)
# Benutzername : lisa - NAME-PJ192R4VL8
# Gestarted von : C:\Dokumente und Einstellungen\lisa\Desktop\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : ICQ Service

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ\ICQToolbar
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\ConduitEngine
Ordner Gelöscht : C:\Programme\DVDVideoSoftTB
Ordner Gelöscht : C:\Programme\ICQ6Toolbar
Ordner Gelöscht : C:\Programme\Gemeinsame Dateien\DVDVideoSoft\TB
Ordner Gelöscht : C:\Programme\Gemeinsame Dateien\Plasmoo
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\Conduit
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\ConduitEngine
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Conduit
Ordner Gelöscht : C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\ConduitEngine
Ordner Gelöscht : C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB
Ordner Gelöscht : C:\Dokumente und Einstellungen\manuela\Anwendungsdaten\PriceGong
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\Extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
Ordner Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\Extensions\engine@plasmoo.com
Datei Gelöscht : C:\WINDOWS\system32\conduitEngine.tmp
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin.gif
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin.src
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-6.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-7.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\icqplugin-8.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\searchplugins\plasmoo.xml

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKCU\Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.Localizer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\Plasmoo
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar

***** [ Internetbrowser ] *****

-\\ Internet Explorer v8.0.6001.18702

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v35.0.1 (x86 de)

[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/default.aspx");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.CT2269050.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://www.trovigo.com/?gd=&ctid=CT2269050&octid=CT2269050&ISID=ISID_ID&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.HomepageBeforeUnload", "hxxp://plasmoo.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.SearchEngine", "Searchhxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.SearchInNewTabURLFromSearchAPI", "hxxp://www.trovigo.com/?gd=&ctid=CT2269050&octid=CT2269050&ISID=ISID_ID&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,tbclient.tbccint.com,codefuel.com,tbccint.com,trovi.com,seccint.com,cpccint.com,appstrm.com,OurToolbar.co[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.backendstorage.autocompletepro_enable", "31");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.backendstorage.autocompletepro_enable_auto", "31");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"9dc1c6e34d53226dbda615b47cffda073\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"c7cefce78b3babd14c0796f038023c9e\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1365594729\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "SA8f/YRfs6V19wkAK/I6CA==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT2269050", "SA8f/YRfs6V19wkAK/I6CA==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "B6IX5R5ADEz7jZ1dTY4lpQ==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT2269050", "B6IX5R5ADEz7jZ1dTY4lpQ==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "8Pf+ZNlIALQFEm53aS9FRw==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT2269050", "8Pf+ZNlIALQFEm53aS9FRw==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "Eqyi+rnB/8DP7DHXRtMrLg==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT2269050&UM=UM_UNINSTALL_ID", "9tP0a9tLQ7LYpUSrjHx9xA==");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"f4cb1557a8bece1:4ce\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"6a637346d78ccc1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0e0a4327275cd1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"dfe74040abc2ce1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"4ead38b3e6bcd1:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://ip2location.conduit-services.com/ip/?ctid=CT2269050&ver=3.20.0.4&client=ToolbarConfiguration", "\"2855d099437d9a3527e8a974bc00c67b\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050", "\"a238378f7d0708034a0defa297cb8b8b\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2269050&octid=CT2269050", "\"1322501035\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"1313595511\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif", "\"0a8c48d3330c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif", "\"091b5fe2e30c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif", "\"0e2106f3030c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif", "\"0f475394430c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini.gif", "\"02fce414430c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif", "\"08d9ef44430c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif", "\"066e8863030c81:0\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"199de7c4c12c1450eed0bd9bf64fe589\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"71b38c0ea19de594d5b8442946da1691\"");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.IsEngineShown", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Dokumente und Einstellungen\\lisa\\Anwendungsdaten\\Mozilla\\Firefox\\Profiles\\p3tisnc6.default\\conduitCommon\\modules\\3.20.0.4");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.20.0.4");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_193432a1", "356x332");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://plasmoo.com/index.htm?SearchMashine=true&q=");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Apr 05 2011 04:36:38 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Oct 26 2011 06:39:25 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Oct 26 2011 06:32:18 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.userId", "9f46b05d-51bc-4b45-9276-68d547f94f39");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jan 06 2011 04:17:52 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.globalUserId", "7f658c78-b864-4228-b011-98d44832d5d7");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.killedEngine", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Feb 02 2015 05:12:25 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Feb 06 2015 05:00:44 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alertsnotifications.ourtoolbar.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Feb 06 2015 05:00:38 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1401369664");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.tbccint.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.notifications.userId", "1eae5875-ea7a-4665-9261-a16177b08c32");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.undefined", "");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Oct 26 2011 06:39:12 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.CTID", "ConduitEngine");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Oct 26 2011 06:32:29 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.FirstServerDate", "10/26/2011 21");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.FirstTime", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.Initialize", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.InstalledDate", "Wed Oct 26 2011 06:39:12 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Oct 26 2011 06:32:27 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed Oct 26 2011 06:32:27 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Oct 26 2011 06:32:26 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.UserID", "UN48933640556184810");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.componentAlertEnabled", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Oct 26 2011 06:32:27 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Oct 26 2011 06:32:27 GMT-1200 (Datumsgrenze Normalzeit)");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.initDone", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultthis.engineName", "Plasmoo");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaulturl", "hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://plasmoo.com");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.enabledAddons", "engine%40plasmoo.com:1.0.0.32,%7B800b5000-a755-47e1-992b-48a1c1357f07%7D:2.0.1.6,%7B872b5b88-9db5-4310-bdd0-ac189557e5f5%7D:3.20.0.4,%7B972ce4c6-7e08-4474-a285-3[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.enabledItems", "{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1,{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{800b5000-a755-47e1-992b-[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.xpiState", "{\"app-profile\":{\"engine@plasmoo.com\":{\"d\":\"C:\\\\Dokumente und Einstellungen\\\\lisa\\\\Anwendungsdaten\\\\Mozilla\\\\Firefox\\\\Profiles\\\\p3tisnc6.default\\[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.engineVerified", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.geolastmodified", 1422897146);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.history", "vanessa%20hudgens%20mit%20freundslowenien%20portorozkroatienfasching%20kost%C3%BCme%20damenfacebook.detheresa%20moserlisa%20f%C3%BCrsttobias%20pritzelt[...]
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.icqgeo", 49);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.installTime", "1338567304");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.installsource", "1");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.itbsitescount", 0);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.previousFFVersion", "35.0.1");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.suggestions", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uniqueID", "127542621212754258481275517132510");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1423242050);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.version", "2.0.1.6");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.prevkeywordurl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.prevsearchdefaultenginename", "ICQ Search");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.prevsearchdefaultthisenginename", "Search");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.prevsearchdefaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.prevsearchselectedengine", "ICQ Search");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.prevstartuphomepage", "hxxp://start.icq.com/skins7/");
[p3tisnc6.default\prefs.js] - Zeile Gelöscht : user_pref("plasmoo.search.engine.status", "INSTALLED");

*************************

AdwCleaner[R0].txt - [32746 Bytes] - [06/02/2015 08:35:34]
AdwCleaner[S0].txt - [33967 Bytes] - [06/02/2015 08:41:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [34027  Bytes] ##########

rest folgt noch

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Microsoft Windows XP x86
Ran by lisa on 06.02.2015 at  8:49:54,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\mozilla\firefox\profiles\p3tisnc6.default\conduitcommon
Successfully deleted the following from C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\mozilla\firefox\profiles\p3tisnc6.default\prefs.js

user_pref("CT2269050..clientLogIsEnabled", false);
user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.tbccint.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.tbccint.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2269050.AppTrackingLastCheckTime", "Fri Jun 01 2012 06:47:30 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.BrowserCompStateIsOpen_129575150554007677", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129705015340022508", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true);
user_pref("CT2269050.BrowserCompStateIsOpen_130100683276316706", true);
user_pref("CT2269050.BrowserCompStateIsOpen_1359634297000", true);
user_pref("CT2269050.CTID", "CT2269050");
user_pref("CT2269050.ConfigurationLastCheckTime", "Fri Feb 06 2015 05:00:39 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.CurrentServerDate", "6-2-2015");
user_pref("CT2269050.DialogsAlignMode", "LTR");
user_pref("CT2269050.DialogsGetterLastCheckTime", "Fri May 16 2014 22:01:38 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.DownloadReferralCookieData", "");
user_pref("CT2269050.EMailNotifierPollDate", "Fri Feb 06 2015 08:30:43 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.FirstServerDate", "25-5-2010");
user_pref("CT2269050.FirstTime", true);
user_pref("CT2269050.FirstTimeFF3", true);
user_pref("CT2269050.FirstTimeSettingsDone", true);
user_pref("CT2269050.FixPageNotFoundErrors", true);
user_pref("CT2269050.GroupingServerCheckInterval", 1440);
user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.tbccint.com/");
user_pref("CT2269050.HasUserGlobalKeys", true);
user_pref("CT2269050.HomePageProtectorEnabled", false);
user_pref("CT2269050.Initialize", true);
user_pref("CT2269050.InitializeCommonPrefs", true);
user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
user_pref("CT2269050.InstalledDate", "Tue May 25 2010 19:56:56 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.InvalidateCache", false);
user_pref("CT2269050.IsAlertDBUpdated", true);
user_pref("CT2269050.IsGrouping", false);
user_pref("CT2269050.IsMulticommunity", false);
user_pref("CT2269050.IsOpenThankYouPage", false);
user_pref("CT2269050.IsOpenUninstallPage", false);
user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Feb 06 2015 05:00:39 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.tbccint.com/Translation.ashx");
user_pref("CT2269050.LastLogin_2.5.8.6", "Wed Jan 18 2012 05:46:57 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_2.7.2.0", "Fri Apr 01 2011 05:52:07 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_3.12.2.3", "Fri Jun 01 2012 04:15:00 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Aug 15 2012 08:16:51 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_3.15.1.0", "Tue Feb 05 2013 05:40:49 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_3.20.0.4", "Fri Feb 06 2015 05:00:42 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_3.3.3.2", "Wed Oct 26 2011 06:38:48 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LastLogin_3.7.0.6", "Sat Apr 14 2012 04:01:25 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.LatestVersion", "3.20.0.4");
user_pref("CT2269050.Locale", "en");
user_pref("CT2269050.LoginCache", 4);
user_pref("CT2269050.MCDetectTooltipHeight", "83");
user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2269050.MCDetectTooltipWidth", "295");
user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
user_pref("CT2269050.RadioIsPodcast", false);
user_pref("CT2269050.RadioLastCheckTime", "Fri Feb 06 2015 05:00:36 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.RadioLastUpdateIPServer", "3");
user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
user_pref("CT2269050.RadioMediaID", "12473383");
user_pref("CT2269050.RadioMediaType", "Media Player");
user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
user_pref("CT2269050.RadioShrinked", "shrinked");
user_pref("CT2269050.RadioStationName", "Hotmix%20108");
user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
user_pref("CT2269050.SHRINK_TOOLBAR", 1);
user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
user_pref("CT2269050.SearchAPILastCheckTime", "Fri Feb 06 2015 05:00:39 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.SearchEngineBeforeUnload", "ICQ Search");
user_pref("CT2269050.SearchFromAddressBarIsInit", true);
user_pref("CT2269050.SearchInNewTabEnabled", true);
user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
user_pref("CT2269050.SearchInNewTabLastCheckTime", "Tue Feb 05 2013 05:40:34 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.SearchProtectorEnabled", false);
user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
user_pref("CT2269050.ServiceMapLastCheckTime", "Fri Feb 06 2015 05:00:39 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.SettingsCheckIntervalMin", 120);
user_pref("CT2269050.SettingsLastCheckTime", "Fri Feb 06 2015 08:32:44 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.SettingsLastUpdate", "1423202414");
user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Feb 02 2015 05:12:16 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.cpccint.com");
user_pref("CT2269050.UserID", "UN96102405374296342");
user_pref("CT2269050.ValidationData_Toolbar", 2);
user_pref("CT2269050.WeatherNetwork", "");
user_pref("CT2269050.WeatherPollDate", "Fri Feb 06 2015 08:15:37 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.WeatherUnit", "C");
user_pref("CT2269050.[object Object]", "396C3B3F3F7275737A4370457A464A7D794C504E50");
user_pref("CT2269050.alertChannelId", "666138");
user_pref("CT2269050.approveUntrustedApps", false);
user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426D6265523B544243464959505B
user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B
user_pref("CT2269050.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F395047525C4173686B6965677B
user_pref("CT2269050.backendstorage./9b+7e.:2z527", "247E70756B74757934383A3837392045412F773120217E2024372E392B2D52455E335E5356432C4534353334364B424D3D406D635D6F634974696C5942
user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D6850
user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A66
user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6C6F6F7374736E7473");
user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74727575797A79747A79242F4B49474F42357D5D5C3D");
user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D
user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A49
user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D
user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A
user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B
user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B
user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D
user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347513F445559424C5A315C5154412A4333323037483F4A5E68565B5970606E6C666164734C776C6F
user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B
user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A43
user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68
user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A72
user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37504C4757514B4F47345F5457442D4637343A3A4B424D665E705B646571634A756A6D5A43
user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D
user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A51
user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F67757868
user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C44
user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4B524B4445494B49485450585952535F513863585B48314A3C3B363D4F46516F6B6E6D63776D687666
user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E4131303637393A4436343D3B433C48424226514649367E382325293C333E5D5D4D555B4F615555643D685D604D364F3A3C3F534A5574696C75674F
user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B48
user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D
user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C32293423524C5457474A4E50565D4A61515F5D575255643D685D604D364F3D3E3E3D544B5645486A736D
user_pref("CT2269050.backendstorage./9b-0?3g>d", "396B696B6A4074447A7079727420764D7A7825515253522A5357282555285B595E2E5F2B");
user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A2329282A31323334353A455F67566B5D67566F596B5F5F6A6567553E72786E
user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3C6B6E3F7172406D7A71774948487A7E4E21224E20");
user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6C6F6F7374736E7273797A7A");
user_pref("CT2269050.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E");
user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2269050.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
user_pref("CT2269050.backendstorage.mam_gk_appsconfig", "7B2241707073436F6E66696775726174696F6E223A5B7B226964223A22436C61726974795F416374697665222C2275726C223A22687474703A2F2F
user_pref("CT2269050.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
user_pref("CT2269050.backendstorage.mam_gk_appstate_clarity_active", "6F6E");
user_pref("CT2269050.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
user_pref("CT2269050.backendstorage.mam_gk_appstate_easytobook", "6F6E");
user_pref("CT2269050.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
user_pref("CT2269050.backendstorage.mam_gk_appstate_pricegong", "6F6E");
user_pref("CT2269050.backendstorage.mam_gk_appstate_windowshopper", "6F6E");
user_pref("CT2269050.backendstorage.mam_gk_appstatereporttime", "31343233323432303531303230");
user_pref("CT2269050.backendstorage.mam_gk_calledsetupservice", "31");
user_pref("CT2269050.backendstorage.mam_gk_currentversion", "312E31332E302E3137");
user_pref("CT2269050.backendstorage.mam_gk_existingusersrecoverydone", "31");
user_pref("CT2269050.backendstorage.mam_gk_first_time", "31");
user_pref("CT2269050.backendstorage.mam_gk_lastlogintime", "31343233323432303532323230");
user_pref("CT2269050.backendstorage.mam_gk_localization", "7B226469616C6F674F4B223A7B2254657874223A224F4B227D2C22646D626F7831223A7B2254657874223A22416E6765626F745C6E6465732054
user_pref("CT2269050.backendstorage.mam_gk_mamenabled", "74727565");
user_pref("CT2269050.backendstorage.mam_gk_new_welcome_experience", "31");
user_pref("CT2269050.backendstorage.mam_gk_settings1.13.0.17", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313530323036222C2
user_pref("CT2269050.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
user_pref("CT2269050.backendstorage.mam_gk_stamp", "313130315F30");
user_pref("CT2269050.backendstorage.mam_gk_user_approval_interacted", "31");
user_pref("CT2269050.backendstorage.mam_gk_userborndate", "4E2F41");
user_pref("CT2269050.backendstorage.mam_gk_userid", "31373634383033332D363364642D343964622D383836332D623262356536353061656562");
user_pref("CT2269050.backendstorage.mam_gk_welcomedialogmode", "31");
user_pref("CT2269050.backendstorage.pg_enable", "74727565");
user_pref("CT2269050.backendstorage.searchappstate", "33");
user_pref("CT2269050.backendstorage.searchapptracking", "31");
user_pref("CT2269050.backendstorage.sf_just_installed", "46414C5345");
user_pref("CT2269050.backendstorage.sf_status", "454E41424C4544");
user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "4672692053657020323120323031322030383A32343A323920474D542D313230302028446174756D736772656E7A65204E6F726D616C7A656
user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
user_pref("CT2269050.clientLogIsEnabled", true);
user_pref("CT2269050.countryCode", "DE");
user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Fri May 16 2014 22:01:38 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.homepageProtectorEnableByLogin", true);
user_pref("CT2269050.initDone", true);
user_pref("CT2269050.isAppTrackingManagerOn", false);
user_pref("CT2269050.myStuffEnabled", true);
user_pref("CT2269050.myStuffPublihserMinWidth", 400);
user_pref("CT2269050.myStuffSearchUrl", "hxxp://appstrm.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129466585399606892,129881140170815901,129391330693125668,129863783591067571,129881141106886992,12
user_pref("CT2269050.revertSettingsEnabled", true);
user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
user_pref("CT2269050.searchProtectorEnableByLogin", true);
user_pref("CT2269050.testingCtid", "");
user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Fri May 16 2014 22:01:38 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Fri May 16 2014 22:01:38 GMT-1200 (Datumsgrenze Normalzeit)");
user_pref("CT2269050.usagesFlag", 2);





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2015 at  8:55:03,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

frst scan folgt

Ruffytaker · 06.02.2015, 22:00

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015
Ran by lisa (administrator) on NAME-PJ192R4VL8 on 06-02-2015 08:56:28
Running from C:\Dokumente und Einstellungen\lisa\Desktop
Loaded Profiles: lisa (Available profiles: manuela & lisa & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
(ASUSTeK Computer Inc.) C:\Programme\EeePC\ACPI\AsEPCMon.exe
(ASUSTeK Computer Inc.) C:\Programme\EeePC\ACPI\AsTray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Programme\Synaptics\SynTP\SynTPEnh.exe
(ICQ, LLC.) C:\Programme\ICQ7.2\ICQ.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(ASUSTeK Computer Inc.) C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Programme\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Programme\Zune\ZuneBusEnum.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AsusACPIServer] => C:\Programme\EeePC\ACPI\AsAcpiSvr.exe [630784 2009-04-16] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AsusEPCMonitor] => C:\Programme\EeePC\ACPI\AsEPCMon.exe [98304 2009-03-13] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AsusTray] => C:\Programme\EeePC\ACPI\AsTray.exe [118784 2009-04-16] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Programme\Synaptics\SynTP\SynTPEnh.exe [1512744 2009-04-09] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe [79144 2009-04-09] (Synaptics Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-113607857-3820037453-3115687014-1007\...\Run: [Eee Docking] => C:\Programme\ASUS\Eee Docking\Eee Docking.exe [397312 2009-07-27] ()
HKU\S-1-5-21-113607857-3820037453-3115687014-1007\...\Run: [ICQ] => C:\Programme\ICQ7.2\ICQ.exe [133432 2011-01-04] (ICQ, LLC.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ SuperHybridEngine.lnk
ShortcutTarget:  SuperHybridEngine.lnk -> C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
Startup: C:\Dokumente und Einstellungen\lisa\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\lisa\Startmenü\Programme\Autostart\Screen Capturer.lnk
ShortcutTarget: Screen Capturer.lnk -> C:\Programme\Screen Capturer\ScreenCapturer.exe (ScreenCapturer.com)
Startup: C:\Dokumente und Einstellungen\manuela\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-113607857-3820037453-3115687014-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-113607857-3820037453-3115687014-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-113607857-3820037453-3115687014-1007 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ\ICQNewTab\newTab.html" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-113607857-3820037453-3115687014-1007 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: Microsoft .NET Framework Assistant - C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\Mozilla\Firefox\Profiles\p3tisnc6.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-04-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-26]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144 2011-10-24] (Apple Inc.)
R2 BBSvc; C:\Programme\Microsoft\BingBar\7.3.132.0\BBSvc.exe [193696 2014-03-11] (Microsoft Corporation.)
S3 BBUpdate; C:\Programme\Microsoft\BingBar\7.3.132.0\SeaPort.exe [247968 2014-03-11] (Microsoft Corporation.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S3 fsssvc; C:\Programme\Windows Live\Family Safety\fsssvc.exe [533360 2009-02-06] (Microsoft Corporation)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2012-01-16] (Apple Inc.)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-02-03] (Mozilla Foundation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-02] (Microsoft Corporation)
S3 WMZuneComm; c:\Programme\Zune\WMZuneComm.exe [268512 2011-08-05] (Microsoft Corporation)
R2 ZuneBusEnum; c:\Programme\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; c:\Programme\Zune\ZuneNss.exe [6363872 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; c:\Programme\Zune\ZuneWlanCfgSvc.exe [444640 2011-08-05] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1528928 2009-03-13] (Atheros Communications, Inc.)
R3 AsusACPI; C:\WINDOWS\System32\DRIVERS\ASUSACPI.sys [10752 2008-04-08] (ASUSTeK Computer Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [55152 2009-02-06] (Microsoft Corporation)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [38912 2009-03-01] (Atheros Communications, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [108632 2015-02-05] () [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-02-01] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-03] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [1015424 2009-07-10] (Ralink Technology, Corp.)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] ()
S3 uvclf; C:\WINDOWS\System32\DRIVERS\uvclf.sys [39040 2008-11-18] (GenesysLogic Technologies, Inc.)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwhid; system32\DRIVERS\btwhid.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 catchme; \??\C:\DOKUME~1\lisa\LOKALE~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 08:55 - 2015-02-06 08:55 - 00018699 _____ () C:\Dokumente und Einstellungen\lisa\Desktop\JRT.txt
2015-02-06 08:35 - 2015-02-06 08:45 - 00000000 ____D () C:\AdwCleaner
2015-02-06 08:33 - 2015-02-06 08:33 - 01388274 _____ (Thisisu) C:\Dokumente und Einstellungen\lisa\Desktop\JRT.exe
2015-02-06 08:32 - 2015-02-06 08:32 - 02112512 _____ () C:\Dokumente und Einstellungen\lisa\Desktop\AdwCleaner_4.110.exe
2015-02-06 05:02 - 2015-02-06 05:02 - 04197016 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\lisa\Desktop\tdsskiller.exe
2015-02-05 04:55 - 2015-02-05 04:55 - 00106496 _____ () C:\WINDOWS\Minidump\Mini020515-02.dmp
2015-02-05 04:49 - 2015-02-05 04:49 - 00000000 ____D () C:\Dokumente und Einstellungen\lisa\Screenshots
2015-02-05 04:48 - 2015-02-05 04:48 - 00106496 _____ () C:\WINDOWS\Minidump\Mini020515-01.dmp
2015-02-04 04:20 - 2015-02-06 08:57 - 00000000 ____D () C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\temp
2015-02-04 04:20 - 2015-02-04 04:20 - 00013721 _____ () C:\ComboFix.txt
2015-02-04 04:20 - 2015-02-04 04:20 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-02-04 04:20 - 2015-02-04 04:20 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-02-04 04:13 - 2015-02-06 08:47 - 00050943 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-03 11:16 - 2015-02-03 11:16 - 00000000 _RSHD () C:\cmdcons
2015-02-03 11:12 - 2015-02-03 11:12 - 05611380 ____R (Swearware) C:\Dokumente und Einstellungen\lisa\Desktop\ComboFix.exe
2015-02-03 10:56 - 2015-02-03 10:56 - 00000000 __SHD () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-03 10:55 - 2015-02-03 10:56 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
2015-02-03 10:50 - 2015-02-05 04:49 - 00000000 ____D () C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\ScreenCapture
2015-02-03 10:50 - 2015-02-03 10:51 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-02-03 10:50 - 2015-02-03 10:50 - 00000000 ____D () C:\Programme\Screen Capturer
2015-02-03 10:50 - 2015-02-03 10:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\ScreenCapture
2015-02-03 10:50 - 2015-02-03 10:50 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Screen Capturer
2015-02-03 10:49 - 2015-02-03 10:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScreenCapture
2015-02-03 10:41 - 2015-02-03 10:45 - 00000327 _____ () C:\Boot.bak
2015-02-03 10:41 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2015-02-03 10:37 - 2011-06-25 18:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-02-03 10:37 - 2010-11-07 05:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-02-03 10:37 - 2009-04-19 16:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-02-03 10:37 - 2000-08-30 12:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-02-03 10:37 - 2000-08-30 12:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-02-03 10:37 - 2000-08-30 12:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-02-03 10:37 - 2000-08-30 12:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-02-03 10:37 - 2000-08-30 12:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-02-03 10:37 - 2000-08-30 12:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-02-03 10:36 - 2015-02-03 10:36 - 00000000 ___RD () C:\Dokumente und Einstellungen\lisa\Startmenü\Programme\Verwaltung
2015-02-03 10:29 - 2015-02-03 10:29 - 00106496 _____ () C:\WINDOWS\Minidump\Mini020315-02.dmp
2015-02-03 10:28 - 2015-02-03 10:29 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-03 10:28 - 2015-02-03 10:27 - 00106496 _____ () C:\WINDOWS\Minidump\Mini020315-01.dmp
2015-02-03 10:27 - 2015-02-05 04:54 - 00000000 ____D () C:\Dokumente und Einstellungen\lisa\Desktop\mbar
2015-02-03 10:26 - 2015-02-05 04:53 - 16466552 _____ (Malwarebytes Corp.) C:\Dokumente und Einstellungen\lisa\Desktop\mbar-1.08.3.1004.exe
2015-02-03 09:58 - 2015-02-03 09:58 - 00055954 _____ () C:\Dokumente und Einstellungen\lisa\Desktop\Addition.txt
2015-02-03 09:56 - 2015-02-06 08:57 - 00013362 _____ () C:\Dokumente und Einstellungen\lisa\Desktop\FRST.txt
2015-02-03 09:56 - 2015-02-06 08:56 - 00000000 ____D () C:\FRST
2015-02-03 09:55 - 2015-02-06 08:33 - 01123328 _____ (Farbar) C:\Dokumente und Einstellungen\lisa\Desktop\FRST.exe
2015-02-01 10:12 - 2015-02-01 10:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-02-01 10:11 - 2015-02-01 11:04 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-02-01 10:11 - 2015-02-01 10:11 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 10:10 - 2015-02-05 04:54 - 00108632 _____ () C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-01 10:10 - 2015-02-01 11:03 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Desktop\mbar
2015-02-01 10:09 - 2015-02-01 10:10 - 16466552 _____ (Malwarebytes Corp.) C:\Dokumente und Einstellungen\Administrator\Desktop\mbar-1.08.3.1004.exe
2015-02-01 10:07 - 2015-02-04 04:20 - 00000000 ____D () C:\Qoobox
2015-02-01 10:07 - 2015-02-04 04:18 - 00000000 ____D () C:\WINDOWS\erdnt
2015-02-01 10:07 - 2015-02-01 10:07 - 05611408 ____R (Swearware) C:\Dokumente und Einstellungen\Administrator\Desktop\ComboFix.exe
2015-02-01 10:07 - 2015-02-01 10:07 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Verwaltung
2015-02-01 08:52 - 2015-02-01 08:52 - 02816736 _____ (Abelssoft ) C:\Dokumente und Einstellungen\Administrator\Desktop\mykeyfinder.exe
2015-02-01 08:52 - 2015-02-01 08:52 - 00001546 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\MyKeyFinder.lnk
2015-02-01 08:52 - 2015-02-01 08:52 - 00000000 ____D () C:\Programme\MyKeyFinder
2015-02-01 08:52 - 2015-02-01 08:52 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MyKeyFinder
2015-02-01 08:52 - 2015-02-01 08:52 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Abelssoft
2015-02-01 08:49 - 2015-02-01 08:49 - 01393511 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\licensecrawler_1.43.732.zip
2015-02-01 08:49 - 2015-02-01 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Desktop\licensecrawler_1.43.732
2015-02-01 08:48 - 2015-02-01 08:48 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
2015-02-01 08:45 - 2015-02-01 08:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
2015-02-01 08:43 - 2015-02-01 08:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\PrivacIE
2015-02-01 08:40 - 2015-02-01 11:32 - 00000190 ___SH () C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2015-02-01 08:40 - 2015-02-01 11:32 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp
2015-02-01 08:40 - 2015-02-01 10:07 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme
2015-02-01 08:40 - 2015-02-01 08:52 - 00041448 _____ () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-02-01 08:40 - 2015-02-01 08:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator
2015-02-01 08:40 - 2010-05-19 21:55 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf
2015-02-01 08:40 - 2010-05-19 21:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\PassMark
2015-02-01 08:40 - 2010-05-19 21:19 - 00000783 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
2015-02-01 08:40 - 2010-05-19 21:19 - 00000718 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Outlook Express.lnk
2015-02-01 08:40 - 2010-05-19 21:19 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik
2015-02-01 08:40 - 2010-05-19 21:19 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder
2015-02-01 08:40 - 2009-08-14 01:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\My Office
2015-02-01 08:40 - 2009-08-14 01:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\My Ebooks
2015-02-01 08:40 - 2009-08-13 22:22 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IETldCache
2015-02-01 08:40 - 2009-08-13 22:22 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
2015-02-01 08:40 - 2009-08-13 22:16 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft Help
2015-02-01 08:40 - 2009-08-13 22:13 - 00000671 _____ () C:\Dokumente und Einstellungen\Administrator\Desktop\Install Norton Internet Security.lnk
2015-02-01 08:40 - 2009-08-13 22:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-02-01 08:40 - 2009-08-13 21:46 - 00000141 _____ () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
2015-02-01 08:40 - 2009-08-13 21:33 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InstallShield
2015-02-01 08:40 - 2009-08-13 07:39 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
2015-02-01 08:40 - 2009-08-13 07:39 - 00000000 ___RD () C:\Dokumente und Einstellungen\Administrator\Startmenü
2015-02-01 08:40 - 2009-08-13 07:39 - 00000000 ___HD () C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
2015-02-01 08:40 - 2009-08-13 07:39 - 00000000 ___HD () C:\Dokumente und Einstellungen\Administrator\Druckumgebung
2015-02-01 08:40 - 2009-08-13 06:44 - 00001599 _____ () C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
2015-02-01 02:55 - 2015-02-01 02:56 - 00000000 ____D () C:\Dokumente und Einstellungen\manuela\Desktop\ff2
2015-02-01 02:49 - 2015-02-01 02:52 - 00000000 ____D () C:\Programme\Google
2015-02-01 02:49 - 2015-02-01 02:49 - 00000000 ____D () C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Google
2015-02-01 02:48 - 2015-02-01 02:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in
2015-01-30 04:23 - 2015-01-31 01:20 - 00000000 ____D () C:\WINDOWS\system32\MpEngineStore

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 08:46 - 2014-03-21 21:32 - 00000220 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-02-06 08:46 - 2009-08-13 07:41 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-06 08:46 - 2009-08-13 07:41 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-02-06 08:46 - 2009-08-13 06:47 - 00032624 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-06 08:46 - 2009-08-13 06:47 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-06 08:45 - 2010-05-22 06:40 - 00000190 ___SH () C:\Dokumente und Einstellungen\lisa\ntuser.ini
2015-02-06 08:42 - 2012-05-28 02:32 - 00001236 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-113607857-3820037453-3115687014-1006UA.job
2015-02-06 08:42 - 2010-06-02 09:26 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
2015-02-06 08:42 - 2009-08-13 07:39 - 00000000 ___RD () C:\Programme
2015-02-06 04:59 - 2009-08-13 06:32 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-05 04:49 - 2010-05-22 06:40 - 00000000 ____D () C:\Dokumente und Einstellungen\lisa
2015-02-04 04:20 - 2009-08-13 06:47 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-02-04 04:14 - 2009-08-13 06:32 - 00000227 _____ () C:\WINDOWS\system.ini
2015-02-04 04:13 - 2012-04-24 06:25 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-02-03 11:16 - 2009-08-13 06:32 - 00000327 __RSH () C:\boot.ini
2015-02-03 11:13 - 2012-02-04 02:31 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-02-03 10:50 - 2010-05-22 06:40 - 00000000 ___RD () C:\Dokumente und Einstellungen\lisa\Startmenü\Programme\Autostart
2015-02-03 10:50 - 2009-08-13 07:39 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-02-03 10:36 - 2010-05-22 06:40 - 00000000 ___RD () C:\Dokumente und Einstellungen\lisa\Startmenü\Programme
2015-02-02 05:04 - 2010-11-22 07:55 - 00000000 ____D () C:\Dokumente und Einstellungen\lisa\Eigene Dateien\Referate GH 10a Berufschule
2015-02-01 11:23 - 2012-02-14 21:35 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-02-01 11:03 - 2010-05-22 05:17 - 00000000 ____D () C:\Dokumente und Einstellungen\manuela
2015-02-01 02:56 - 2013-12-05 04:04 - 00000000 ____D () C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Temp
2015-02-01 02:55 - 2014-04-22 06:20 - 00000000 ____H () C:\Dokumente und Einstellungen\manuela\Anwendungsdaten\windrvconfig.txt
2015-02-01 02:50 - 2010-05-22 05:17 - 00000190 ___SH () C:\Dokumente und Einstellungen\manuela\ntuser.ini
2015-02-01 02:49 - 2013-12-27 19:51 - 00042228 _____ () C:\WINDOWS\setupapi.log
2015-01-30 04:20 - 2010-07-08 03:33 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-12 21:26 - 2013-12-29 18:37 - 00111309 _____ () C:\WINDOWS\FaxSetup.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00053208 _____ () C:\WINDOWS\ocgen.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00043598 _____ () C:\WINDOWS\tsoc.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00036834 _____ () C:\WINDOWS\comsetup.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00022328 _____ () C:\WINDOWS\ntdtcsetup.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00017820 _____ () C:\WINDOWS\iis6.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00006156 _____ () C:\WINDOWS\ocmsn.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00005562 _____ () C:\WINDOWS\msgsocm.log
2015-01-12 21:26 - 2013-12-29 18:37 - 00001429 _____ () C:\WINDOWS\imsins.log
2015-01-12 05:32 - 2014-03-21 21:32 - 00000214 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-10 20:42 - 2012-05-28 02:32 - 00001214 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-113607857-3820037453-3115687014-1006Core.job

==================== Files in the root of some directories =======

2014-05-17 11:49 - 2014-05-17 11:49 - 3496015 _____ () C:\Programme\IMG_3805.jpg
2011-11-28 06:08 - 2014-10-24 22:08 - 0000000 ____H () C:\Dokumente und Einstellungen\lisa\Anwendungsdaten\windrvconfig.txt
2012-06-01 04:32 - 2012-06-01 04:32 - 0003584 _____ () C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-05-22 06:40 - 2010-05-23 07:51 - 0000137 _____ () C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\temp\Quarantine.exe
C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\temp\sqlite3.dll
C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\temp\{8879B0F6-726E-4930-BD24-ACCC30EF20A3}-40.0.2214.94_chrome_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015
Ran by lisa at 2015-02-06 08:58:20
Running from C:\Dokumente und Einstellungen\lisa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.26 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8153ED9A-C94A-426E-9880-5E6775C08B62}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asus ACPI Driver (HKLM\...\{19F5658D-92E8-4A08-8657-D38ABB1574B2}) (Version: 6.1.1.1008 - AsusTek Computer)
ASUS USB2.0 UVC VGA WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52108.207_WHQL - Sonix)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Data Sync (HKLM\...\{D806E63B-0C11-4061-8DA9-1E980FB9A9EB}) (Version: 1.0.2 - ASUS)
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.3.3.3 - DVDVideoSoftTB)
Eee Docking 1.3.6.0 (HKLM\...\Eee Docking_is1) (Version: 1.3.6.0 - ASUSTEK)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.1.0021 - ASUS)
EzMessenger (HKLM\...\{C72CA49A-9237-4810-8449-45DA3BD26D64}) (Version: 1.0.2 - ASUS)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FontResizer (HKLM\...\{47BACF74-5A07-48BD-BADB-A769550F0F5A}) (Version: 1.00.0010 - ASUSTek)
Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Studio version 5.0.9 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.0.16.923 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.9.33 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)
Hotfix für Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB932716-v2) (HKLM\...\KB932716-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}) (Version: 10.5.3.3 - Apple Inc.)
Junk Mail filter update (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.13 - Asus)
MFC RunTime files (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0 - Mozilla)
MyKeyFinder (HKLM\...\MyKeyFinder_is1) (Version: 2012 - Abelssoft)
Ralink Wireless LAN (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.0.7.0 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5841 - Realtek Semiconductor Corp.)
Screen Capturer (HKLM\...\Screen Capturer) (Version: 1.0.4.42 - ScreenCapturer.com)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (HKLM\...\KB2530548-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 11 (KB936782) (HKLM\...\KB936782_WMP11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464-v2) (HKLM\...\KB938464-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950759) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB953155) (HKLM\...\KB953155) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB953838) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954459) (HKLM\...\KB954459) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956390) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958215) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958690) (HKLM\...\KB958690) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960714) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961371) (HKLM\...\KB961371) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961373) (HKLM\...\KB961373) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB963027) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB968537) (HKLM\...\KB968537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973346) (HKLM\...\KB973346) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981957) (HKLM\...\KB981957) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3810 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 1.18 - ASUS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.0.1.0 - Synaptics Incorporated)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB942763) (HKLM\...\KB942763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB951618-v2) (HKLM\...\KB951618-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
USB2.0 UVC Camera Device (HKLM\...\{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}) (Version: 0.1.0.0 - UVCPCC)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

15-11-2014 17:48:19 Software Distribution Service 3.0
15-11-2014 18:34:45 Software Distribution Service 3.0
08-12-2014 01:22:49 Systemprüfpunkt
10-12-2014 16:53:13 Software Distribution Service 3.0
11-12-2014 04:10:05 Software Distribution Service 3.0
12-12-2014 17:56:16 Software Distribution Service 3.0
30-01-2015 04:20:32 Software Distribution Service 3.0
01-02-2015 02:46:37 Software Distribution Service 3.0
03-02-2015 10:37:19 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-08-13 06:32 - 2015-02-04 04:14 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-113607857-3820037453-3115687014-1006Core.job => C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-113607857-3820037453-3115687014-1006UA.job => C:\Dokumente und Einstellungen\manuela\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-06-02 09:24 - 2011-01-04 20:18 - 00733184 _____ () C:\Programme\ICQ7.2\MDb.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
2015-02-03 10:50 - 2015-02-03 10:51 - 03925104 _____ () C:\Programme\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-113607857-3820037453-3115687014-1007\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\lisa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-113607857-3820037453-3115687014-500 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Administrator
ASPNET (S-1-5-21-113607857-3820037453-3115687014-1004 - Limited - Enabled)
Gast (S-1-5-21-113607857-3820037453-3115687014-501 - Limited - Disabled)
Hilfeassistent (S-1-5-21-113607857-3820037453-3115687014-1005 - Limited - Disabled)
lisa (S-1-5-21-113607857-3820037453-3115687014-1007 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\lisa
manuela (S-1-5-21-113607857-3820037453-3115687014-1006 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\manuela
SUPPORT_388945a0 (S-1-5-21-113607857-3820037453-3115687014-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2015 08:15:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2359

Error: (02/06/2015 08:15:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2359

Error: (02/06/2015 08:15:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2015 04:46:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 85266188

Error: (02/05/2015 04:46:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 85266188

Error: (02/05/2015 04:46:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/04/2015 03:25:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16734

Error: (02/04/2015 03:25:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16734

Error: (02/04/2015 03:25:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/04/2015 03:25:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14672


System errors:
=============
Error: (02/05/2015 04:55:42 AM) (Source: 0) (EventID: 43) (User: )
Description: 

Error: (02/05/2015 04:49:05 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Fehlercode 000000f7, 1. Parameter ce9d1a39, 2. Parameter a94e04b7, 3. Parameter 56b1fb48, 4. Parameter 00000000.

Error: (02/05/2015 04:46:51 AM) (Source: W32Time) (EventID: 29) (User: )
Description: Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen
konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb
der nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung
mit der Quelle herzustellen.
Der NtpClient verfügt über keine Quelle mit genauer Zeit.

Error: (02/05/2015 04:46:51 AM) (Source: W32Time) (EventID: 17) (User: )
Description: Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer
"time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten
wiederholt.
Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751)

Error: (02/05/2015 04:46:50 AM) (Source: W32Time) (EventID: 29) (User: )
Description: Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen
konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb
der nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung
mit der Quelle herzustellen.
Der NtpClient verfügt über keine Quelle mit genauer Zeit.

Error: (02/05/2015 04:46:50 AM) (Source: W32Time) (EventID: 17) (User: )
Description: Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer
"time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten
wiederholt.
Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751)

Error: (02/03/2015 10:31:48 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Fehlercode 000000f7, 1. Parameter c4523a11, 2. Parameter a311b7fa, 3. Parameter 5cee4805, 4. Parameter 00000000.

Error: (02/03/2015 10:28:48 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Fehlercode 000000f7, 1. Parameter 881c9a11, 2. Parameter a886e59f, 3. Parameter 57791a60, 4. Parameter 00000000.

Error: (02/01/2015 11:32:33 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/01/2015 11:07:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Fips
intelppm


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor:  Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Percentage of memory in use: 46%
Total physical RAM: 1015.17 MB
Available physical RAM: 546.53 MB
Total Pagefile: 2441.56 MB
Available Pagefile: 2061.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:72.06 GB) (Free:36.93 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:72.05 GB) (Free:71.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 845A4551)
Partition 1: (Active) - (Size=72.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=72.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.9 GB) - (Type=1C)
Partition 4: (Not Active) - (Size=47 MB) - (Type=EF)

==================== End Of Log ============================

cosinus · 06.02.2015, 22:06

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\S-1-5-21-113607857-3820037453-3115687014-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-113607857-3820037453-3115687014-1007 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ\ICQNewTab\newTab.html" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-113607857-3820037453-3115687014-1007 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
EmptyTemp:
Hosts:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Ruffytaker · 06.02.2015, 22:32

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2015
Ran by lisa at 2015-02-06 09:10:00 Run:1
Running from C:\Dokumente und Einstellungen\lisa\Desktop
Loaded Profiles: lisa (Available profiles: manuela & lisa & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-113607857-3820037453-3115687014-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-113607857-3820037453-3115687014-1007 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ\ICQNewTab\newTab.html" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-113607857-3820037453-3115687014-1007 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
EmptyTemp:
Hosts:
         
*****************

"HKU\S-1-5-21-113607857-3820037453-3115687014-1007\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKU\S-1-5-21-113607857-3820037453-3115687014-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-113607857-3820037453-3115687014-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found. 
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.3 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 09:26:53 ====

Neustart wurde durchgeführt

cosinus · 06.02.2015, 22:32

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

04.02.2015, 16:59	#17
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Usb Stick zeigt nur noch Ordner in Verknüpfungen an #2 Einfach in Ruhe lassen und warten... __________________ __________________

04.02.2015, 23:06	#19
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Usb Stick zeigt nur noch Ordner in Verknüpfungen an #2 Dann probier jetzt bitte nochmal MBAR __________________ Logfiles bitte immer in CODE-Tags posten

06.02.2015, 21:02	#23
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Usb Stick zeigt nur noch Ordner in Verknüpfungen an #2 Ich glaub du hast das Tool nicht richtig eingestellt...so sollte es sein: __________________ Logfiles bitte immer in CODE-Tags posten

Usb Stick zeigt nur noch Ordner in Verknüpfungen an #2

Plagegeister aller Art und deren Bekämpfung: Usb Stick zeigt nur noch Ordner in Verknüpfungen an #2