Virus: Gen:Variant.Zusy.133061 (Engine A)

Grit1962 · 12.04.2015, 07:37

Guten Tag zusammen,

ich benötige Hilfe um mein altes Schätzchen zu retten. Und ja, ich hab ich wahrscheinlich wieder da rumgetrieben, wo man es nicht sollte.
Oben genannter Schädling auf dem System. Wird von G-Data auch immer nett in die Quaratäne geschoben, nervt mich sehr. Da ich Blond bin, bitte antwortet auf entsprechendem Niveau, damit ich folgen kann.
Könnt Ihr helfern?
Lieben Dank und Gruß zum Sonntag
Grit

Hier kommt die Meldung von G-Data:

Virus: Gen:Variant.Zusy.133061 (Engine A)

Es wurde versucht, auf eine infizierte
Datei zuzugreifen.

Datei: jnsk1DA.tmp
Verzeichnis: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C
___________________________________
Hier kommt ein erster Scan der alten Dame:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 08:28:11, on 12.04.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 37.0.1 (x86 de)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Programme\Java\jre7\bin\jqs.exe
C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Browny02\Brother\BrStMonW.exe
C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Browny02\BrYNSvc.exe
C:\Programme\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\Mixer.exe
C:\Programme\Nero\Nero MediaHome 4\NeroMediaHome.exe
C:\Programme\Brother\ControlCenter3\brccMCtl.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\PDF24\pdf24.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe
C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe
C:\Programme\CCleaner\ccleaner.exe
C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
C:\Programme\Browser-Anonymisierer\BrowserMaulkorb.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer bereitgestellt von GMX
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [BrStsMon00] C:\Programme\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [GDFirewallTray] C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [SMSTray] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SDTray] "C:\Programme\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Nero MediaHome 4] "C:\Programme\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [WSHelperSetup.exe] C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpriteService] "C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Remote Control Editor] "C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Programme\CCleaner\ccleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Amazon Music] "C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe"
O4 - HKCU\..\Run: [WSHelperSetup.exe] C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKUS\S-1-5-21-1482476501-1390067357-1801674531-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Browser-Anonymisierer.lnk = C:\Programme\Browser-Anonymisierer\BrowserMaulkorb.exe
O4 - Startup: Dropbox.lnk = C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlfvideo.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1009886088859
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Programme\Browny02\BrYNSvc.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programme\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Radio.fx Server (Radio.fx) - Unknown owner - C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Application Floppy Disk (sehobilu) - Unknown owner - C:\Dokumente.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programme\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

--
End of file - 13956 bytes

schrauber · 12.04.2015, 08:00

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Grit1962 · 12.04.2015, 08:13

Ich danke Dir erstmal für deine magaschnelle Hilfe hier.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-04-2015
Ran by Albert (administrator) on WOJAN-A1D7AE3E1 on 12-04-2015 09:07:00
Running from C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Downloads
Loaded Profiles: Albert & NeroMediaHomeUser.4 (Available profiles: Albert & NeroMediaHomeUser.4)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(ArcSoft) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
(G Data Software AG) C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Nero AG) C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
() C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
(Safer-Networking Ltd.) C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp
(TuneUp Software) C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Safer-Networking Ltd.) C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
(G Data Software AG) C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
(TuneUp Software) C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Brother Industries, Ltd.) C:\Programme\Browny02\Brother\BrStMonW.exe
(G DATA Software AG) C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(SAMSUNG ELECTRONICS) C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Brother Industries, Ltd.) C:\Programme\Browny02\BrYNSvc.exe
(Safer-Networking Ltd.) C:\Programme\Spybot - Search & Destroy 2\SDTray.exe
(C-Media Electronic Inc. (www.cmedia.com.tw)) C:\WINDOWS\mixer.exe
(Nero AG) C:\Programme\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Brother Industries, Ltd.) C:\Programme\Brother\ControlCenter3\BrccMCtl.exe
(Nullsoft, Inc.) C:\Programme\Winamp\winampa.exe
(Geek Software GmbH) C:\Programme\PDF24\pdf24.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(Microsoft Corporation) C:\Programme\Microsoft ActiveSync\wcescomm.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Wondershare) C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
() C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe
(Elgato Systems) C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTvRc.exe
(Piriform Ltd) C:\Programme\CCleaner\CCleaner.exe
() C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
(Alexander Miehlke Softwareentwicklung) C:\Programme\Browser-Anonymisierer\BrowserMaulkorb.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
(Trend Micro Inc.) C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Downloads\HijackThis.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nView\nwiz.exe [1753192 2010-08-26] ()
HKLM\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [36X Raid Configurer] => C:\WINDOWS\system32\xRaidSetup.exe [1953792 2007-03-21] (JMicron Technology Corp.)
HKLM\...\Run: [BrStsMon00] => C:\Programme\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM\...\Run: [GDFirewallTray] => C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1124424 2009-09-24] (G DATA Software AG)
HKLM\...\Run: [G DATA AntiVirus Trayapplication] => C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe [924232 2009-09-18] (G Data Software AG)
HKLM\...\Run: [SMSTray] => C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe [132624 2007-12-14] (SAMSUNG ELECTRONICS)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ControlCenter3] => C:\Programme\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [SDTray] => C:\Programme\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [C-Media Mixer] => Mixer.exe /startup
HKLM\...\Run: [Ulead AutoDetector v2] => C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe [95504 2007-08-02] (Ulead Systems, Inc.)
HKLM\...\Run: [Nero MediaHome 4] => C:\Programme\Nero\Nero MediaHome 4\NeroMediaHome.exe [5174568 2010-03-08] (Nero AG)
HKLM\...\Run: [WinampAgent] => C:\Programme\Winamp\winampa.exe [84576 2013-07-24] (Nullsoft, Inc.)
HKLM\...\Run: [PDFPrint] => C:\Programme\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2000-01-01] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [WSHelperSetup.exe] => C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [TrojanScanner] => C:\Programme\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [SpriteService] => C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe [552960 2006-02-21] ()
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [H/PC Connection Agent] => C:\Programme\Microsoft ActiveSync\wcescomm.exe [1211176 2006-06-21] (Microsoft Corporation)
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [Remote Control Editor] => C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe [1689088 2010-06-09] (Elgato Systems)
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [CCleaner Monitoring] => C:\Programme\CCleaner\ccleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [Amazon Music] => C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [WSHelperSetup.exe] => C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Startup: C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Autostart\Browser-Anonymisierer.lnk
ShortcutTarget: Browser-Anonymisierer.lnk -> C:\Programme\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:3318;https=127.0.0.1:3318;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: [S-1-5-21-1482476501-1390067357-1801674531-1006] ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {A2DC3FEF-AB4D-442c-8517-34EC6E125C8D} URL = hxxp://search.webwebweb.com/search.php?query={searchTerms}&lang=de&zip=&town=&site=&country=
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=o0&geo=DE&ver=21&locale=de_DE&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {B29141A1-7621-4D01-873C-AF575B81B824} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
BHO: G Data WebFilter -> {0124123D-61B4-456f-AF86-78C53A0790C5} -> C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll [2009-09-18] (G Data Software AG)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-19] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll [2010-04-15] (TerraTec Electronic GmbH)
Toolbar: HKLM - G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll [2009-09-18] (G Data Software AG)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1009886088859
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax [2009-07-16] ()
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Binkiland
FF SelectedSearchEngine,S: WebSearch
FF Homepage: www.google.de
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Programme\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @protectdisc.com/NPMPDRM -> C:\Programme\Gemeinsame Dateien\mpDRM\NPMPDRM.dll [2010-02-03] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: @nsroblox.roblox.com/launcher -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions\version-953d9034d866480b\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: @nsroblox.roblox.com/launcher64 -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions\version-953d9034d866480b\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: amazon.com/AmazonMP3DownloaderPlugin -> C:\Programme\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF user.js: detected! => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\user.js [2015-02-22]
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll [2014-03-14] (Apple Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\11-suche.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\englische-ergebnisse.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\gmx-suche.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\google-images.xml [2014-09-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\google-maps.xml [2014-09-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\lastminute.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\webde-suche.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\yahoo-avast.xml [2015-02-17]
FF Extension: Video DownloadHelper - C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26]
FF Extension: G Data WebFilter - C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2015-04-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-08-17]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-08-23]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default
CHR Extension: (Google Slides) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Google Docs) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Google Drive) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-20]
CHR Extension: (YouTube) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-20]
CHR Extension: (Freemake Video Downloader) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-08-20]
CHR Extension: (Google Search) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-20]
CHR Extension: (Freemake Youtube Download Button) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-08-20]
CHR Extension: (Google Sheets) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-24]
CHR Extension: (Gmail) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-20]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-08-17]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-08-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)
R2 AVKProxy; C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe [1128008 2009-12-07] (G Data Software AG)
R2 AVKService; C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe [397896 2009-08-08] (G Data Software AG)
R2 AVKWCtl; C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe [1251488 2009-11-25] (G Data Software AG)
R3 BrYNSvc; C:\Programme\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [43008 2008-04-14] (Microsoft Corporation) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Programme\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-08-13] (Ellora Assets Corp.) [File not signed]
R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [233472 2013-12-30] (Teruten) [File not signed]
R3 GDFwSvc; C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe [1547104 2009-11-25] (G Data Software AG)
R3 GDScan; C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe [302152 2009-11-26] (G Data Software AG)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2015-03-19] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2015-03-19] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2015-03-19] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-04-04] (Mozilla Foundation)
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [30720 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [99840 2008-04-14] (Microsoft Corporation) [File not signed]
R2 NeroMediaHomeService.4; C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-03-08] (Nero AG)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 Radio.fx; C:\Programme\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 SDScannerService; C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 sehobilu; C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp [163328 2015-02-26] () [File not signed]
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbilisT; C:\WINDOWS\System32\Drivers\AbilisBdaTuner.sys [114440 2009-02-03] (ABILIS Systems)
S3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2000-01-01] (Creative)
R3 AtcL001; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [38656 2007-03-15] (Attansic Technology corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 cglptnt; C:\totalcmd\cglptnt.sys [14424 2012-03-09] (Ghisler Software GmbH)
R3 cmpci; C:\WINDOWS\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [28616 2012-12-08] (G Data Software AG)
R3 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [55624 2010-04-03] (G Data Software AG)
R0 GDNdisIc; C:\WINDOWS\System32\drivers\GDNdisIc.sys [22528 2010-04-03] (G DATA Software AG) [File not signed]
R2 GDTdiInterceptor; C:\WINDOWS\system32\drivers\GDTdiIcpt.sys [51784 2010-04-03] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [68976 2012-12-08] (G Data Software)
R3 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [34632 2012-12-08] (G Data Software AG)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [46208 2007-03-24] (JMicron Technology Corp.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-12] (Malwarebytes Corporation)
S3 miniusb; C:\WINDOWS\System32\Drivers\sam_miniusb.sys [10624 2010-01-07] (Samsung Electronics Co.  Ltd.) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2000-01-01] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NetgearUDSMBus; C:\WINDOWS\System32\Drivers\NetgearUDSMBus.sys [92160 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed]
S3 NetgearUDSTcpBus; C:\WINDOWS\System32\Drivers\NetgearUDSTcpBus.sys [153600 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [9623680 2010-10-22] (NVIDIA Corporation) [File not signed]
S3 PcaSp50; C:\WINDOWS\System32\Drivers\PcaSp50.sys [35384 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 SODI; C:\WINDOWS\System32\DRIVERS\sam_miniport.sys [14464 2010-01-07] (Samsung Electronics Co.  Ltd.) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-08-06] (Duplex Secure Ltd.)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [25216 2010-02-25] (The OpenVPN Project) [File not signed]
S3 TTCinergyT2; C:\WINDOWS\System32\DRIVERS\TTCinergyT2BDA.sys [29216 2007-07-12] (TerraTec Electronic GmbH)
R3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-07-19] (TuneUp Software)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 catchme; \??\C:\DOKUME~1\Albert\LOKALE~1\Temp\catchme.sys [X]
S3 cmuda3; system32\drivers\cmuda3.sys [X]
S3 esgiguard; \??\C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
U3 TlntSvr; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-12 09:06 - 2015-04-12 09:07 - 00000000 ____D () C:\FRST
2015-04-09 15:46 - 2015-04-09 15:46 - 00195339 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\bookmarks-2015-04-09.json
2015-04-06 19:39 - 2015-04-06 19:39 - 00001237 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\ROBLOX Player.lnk
2015-04-06 19:36 - 2015-04-06 19:39 - 00001078 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\ROBLOX Studio.lnk
2015-04-06 19:36 - 2015-04-06 19:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Roblox
2015-04-06 19:34 - 2015-04-06 19:34 - 00968048 _____ (ROBLOX Corporation) C:\Dokumente und Einstellungen\Albert\Desktop\RobloxPlayerLauncher.exe
2015-04-04 20:12 - 2015-04-04 20:13 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-03-29 08:05 - 2015-03-29 08:05 - 00122776 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-03-28 09:33 - 2015-03-28 09:33 - 03638760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-26 21:15 - 2015-03-27 21:38 - 01322994 _____ () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\bseneu.web
2015-03-26 17:58 - 2015-03-26 17:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Xara
2015-03-26 17:57 - 2015-03-26 18:49 - 00000860 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX Web Designer 10 Premium.lnk
2015-03-26 17:57 - 2015-03-26 17:57 - 00000000 ___RD () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\MAGIX
2015-03-21 07:34 - 2015-04-12 09:02 - 00433707 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-21 07:34 - 2015-04-12 07:57 - 00000257 ____N () C:\WINDOWS\wiadebug.log
2015-03-21 07:34 - 2015-04-12 07:54 - 00000050 ____N () C:\WINDOWS\wiaservc.log
2015-03-21 07:34 - 2015-03-21 07:34 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log
2015-03-19 21:27 - 2015-03-19 21:29 - 46958414 _____ () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\whats_going_on.mp4
2015-03-19 08:47 - 2015-04-07 21:22 - 00002131 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2015-03-19 08:47 - 2015-03-19 08:47 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
2015-03-19 08:44 - 2015-04-12 08:56 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 08:44 - 2015-04-12 07:56 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 00:50 - 2015-03-24 11:33 - 00023552 _____ () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\DomAbschluss.xls
2015-03-14 15:58 - 2015-03-14 16:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Bergmannsdom

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-12 09:07 - 2002-01-01 13:33 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp
2015-04-12 08:32 - 2012-04-04 10:09 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-12 08:02 - 2002-01-01 13:33 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert
2015-04-12 07:56 - 2014-01-11 18:18 - 00000000 ____D () C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Lokale Einstellungen\Temp
2015-04-12 07:55 - 2014-10-22 17:44 - 00000556 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-04-12 07:55 - 2014-03-17 16:48 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-04-12 07:55 - 2013-08-24 09:48 - 00000636 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-04-12 07:54 - 2002-01-01 13:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-11 23:24 - 2013-08-24 09:48 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-04-11 23:24 - 2013-07-17 23:00 - 00065536 _____ () C:\WINDOWS\system32\config\CaptureL.evt
2015-04-11 23:24 - 2011-02-15 12:10 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2015-04-11 23:24 - 2002-01-01 13:33 - 00032554 ____N () C:\WINDOWS\SchedLgU.Txt
2015-04-11 13:00 - 2008-04-14 14:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-10 23:49 - 2002-01-01 13:33 - 00000300 __SHC () C:\Dokumente und Einstellungen\Albert\ntuser.ini
2015-04-10 23:46 - 2009-07-15 20:14 - 00000000 ____D () C:\Programme\CCleaner
2015-04-09 07:43 - 2013-11-16 00:31 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Autostart
2015-04-09 07:43 - 2011-12-09 19:06 - 00000000 ___RD () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Dropbox
2015-04-09 07:43 - 2011-12-09 19:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox
2015-04-09 07:42 - 2014-12-20 17:55 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Dropbox
2015-04-09 07:42 - 2011-12-09 19:06 - 00001013 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\Dropbox.lnk
2015-04-08 23:17 - 2010-11-23 20:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\vlc
2015-04-08 23:17 - 2009-08-23 22:36 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Winamp
2015-04-08 07:52 - 2009-07-15 19:42 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-04-08 07:43 - 2013-08-24 09:48 - 00000608 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-04-07 20:58 - 2008-04-14 14:00 - 00000659 _____ () C:\WINDOWS\win.ini
2015-04-06 19:39 - 2012-08-11 14:02 - 00000190 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\rbxcsettings.rbx
2015-04-06 19:39 - 2012-08-11 14:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions
2015-04-06 19:36 - 2013-11-16 00:31 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme
2015-04-06 17:48 - 2010-12-25 16:16 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-04-06 08:23 - 2013-11-11 19:36 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-04-05 09:02 - 2009-09-29 21:02 - 03565476 ___SH () C:\Dokumente und Einstellungen\Albert\Desktop\Thumbs.db
2015-04-05 07:59 - 2002-01-01 13:22 - 00000000 ____D () C:\Programme
2015-04-04 23:15 - 2010-12-12 09:35 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\dwhelper
2015-04-04 18:05 - 2002-01-01 13:22 - 01272524 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-02 09:08 - 2010-05-11 20:25 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Schreibtisch
2015-04-02 08:59 - 2009-09-12 07:20 - 01646938 ___SH () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Thumbs.db
2015-03-31 09:30 - 2002-01-01 13:33 - 00000000 ___RD () C:\Dokumente und Einstellungen\Albert\Startmenü
2015-03-29 08:13 - 2013-08-27 16:12 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\NCH Software
2015-03-29 08:13 - 2013-08-27 16:11 - 00000000 ____D () C:\Programme\NCH Software
2015-03-29 08:13 - 2002-01-01 13:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-03-29 08:12 - 2002-01-01 13:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-03-28 01:07 - 2012-04-24 18:30 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2015-03-28 01:07 - 2009-07-15 13:07 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-03-27 13:51 - 2002-01-01 13:33 - 00000000 __SHD () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Verlauf
2015-03-26 22:39 - 2010-05-01 23:11 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google
2015-03-26 21:03 - 2015-02-05 10:29 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Birgit
2015-03-26 17:58 - 2009-09-01 15:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\MAGIX
2015-03-26 17:57 - 2009-09-30 17:59 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAGIX
2015-03-26 17:57 - 2009-09-30 17:57 - 00000000 ____D () C:\Programme\MAGIX
2015-03-26 17:57 - 2009-09-30 17:57 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
2015-03-26 17:57 - 2002-01-01 13:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente
2015-03-20 09:17 - 2010-12-23 23:17 - 00000654 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
2015-03-19 08:48 - 2009-07-15 19:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-03-19 08:46 - 2010-05-01 23:11 - 00000000 ____D () C:\Programme\Google
2015-03-19 08:45 - 2010-05-02 09:22 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google
2015-03-19 08:44 - 2012-04-04 10:09 - 00778928 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-03-19 08:44 - 2011-05-24 07:41 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-02-13 08:54 - 2013-02-13 08:44 - 0178568 _____ () C:\Programme\64res.dll
2010-06-02 06:21 - 2010-06-02 06:21 - 1347354 ____C () C:\Programme\Apr2005_d3dx9_25_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1078962 ____C () C:\Programme\Apr2005_d3dx9_25_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1397830 _____ () C:\Programme\Apr2006_d3dx9_30_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1115221 _____ () C:\Programme\Apr2006_d3dx9_30_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0916430 _____ () C:\Programme\Apr2006_MDX1_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 4162630 _____ () C:\Programme\Apr2006_MDX1_x86_Archive.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0179133 _____ () C:\Programme\Apr2006_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0133103 _____ () C:\Programme\Apr2006_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0087101 _____ () C:\Programme\Apr2006_xinput_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0046010 _____ () C:\Programme\Apr2006_xinput_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0698612 _____ () C:\Programme\APR2007_d3dx10_33_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0695865 _____ () C:\Programme\APR2007_d3dx10_33_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1607358 _____ () C:\Programme\APR2007_d3dx9_33_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1606039 _____ () C:\Programme\APR2007_d3dx9_33_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0195766 _____ () C:\Programme\APR2007_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0151225 _____ () C:\Programme\APR2007_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0096817 _____ () C:\Programme\APR2007_xinput_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0053302 _____ () C:\Programme\APR2007_xinput_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1350542 _____ () C:\Programme\Aug2005_d3dx9_27_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1077644 _____ () C:\Programme\Aug2005_d3dx9_27_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0182903 _____ () C:\Programme\AUG2006_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0137235 _____ () C:\Programme\AUG2006_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0087142 _____ () C:\Programme\AUG2006_xinput_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0046058 _____ () C:\Programme\AUG2006_xinput_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0852286 _____ () C:\Programme\AUG2007_d3dx10_35_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0796867 _____ () C:\Programme\AUG2007_d3dx10_35_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1800160 _____ () C:\Programme\AUG2007_d3dx9_35_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1708152 _____ () C:\Programme\AUG2007_d3dx9_35_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0198096 _____ () C:\Programme\AUG2007_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0153012 _____ () C:\Programme\AUG2007_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0867612 _____ () C:\Programme\Aug2008_d3dx10_39_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0849167 _____ () C:\Programme\Aug2008_d3dx10_39_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1794084 _____ () C:\Programme\Aug2008_d3dx9_39_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1464672 _____ () C:\Programme\Aug2008_d3dx9_39_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0121772 _____ () C:\Programme\Aug2008_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0092996 _____ () C:\Programme\Aug2008_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0271412 _____ () C:\Programme\Aug2008_XAudio_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0271038 _____ () C:\Programme\Aug2008_XAudio_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0919044 _____ () C:\Programme\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0900598 _____ () C:\Programme\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 3112111 _____ () C:\Programme\Aug2009_d3dcsx_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 3319740 _____ () C:\Programme\Aug2009_d3dcsx_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0232635 _____ () C:\Programme\Aug2009_d3dx10_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0192131 _____ () C:\Programme\Aug2009_d3dx10_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0136301 _____ () C:\Programme\Aug2009_d3dx11_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0105044 _____ () C:\Programme\Aug2009_d3dx11_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0930116 _____ () C:\Programme\Aug2009_d3dx9_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0728456 _____ () C:\Programme\Aug2009_d3dx9_42_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0122408 _____ () C:\Programme\Aug2009_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093106 _____ () C:\Programme\Aug2009_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0273264 _____ () C:\Programme\Aug2009_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0272642 _____ () C:\Programme\Aug2009_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1357976 _____ () C:\Programme\Dec2005_d3dx9_28_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1079456 _____ () C:\Programme\Dec2005_d3dx9_28_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0212807 _____ () C:\Programme\DEC2006_d3dx10_00_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0191720 _____ () C:\Programme\DEC2006_d3dx10_00_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1571154 _____ () C:\Programme\DEC2006_d3dx9_32_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1574376 _____ () C:\Programme\DEC2006_d3dx9_32_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0192475 _____ () C:\Programme\DEC2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0145599 _____ () C:\Programme\DEC2006_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0089944 _____ (Microsoft Corporation) C:\Programme\DSETUP.dll
2010-06-02 06:22 - 2010-06-02 06:22 - 1801048 _____ () C:\Programme\dsetup32.dll
2010-06-02 06:22 - 2010-06-02 06:22 - 0042410 _____ () C:\Programme\dxdllreg_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0537432 _____ () C:\Programme\DXSETUP.exe
2010-06-02 06:22 - 2010-06-02 06:22 - 0094011 _____ () C:\Programme\dxupdate.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1247499 _____ () C:\Programme\Feb2005_d3dx9_24_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1013225 _____ () C:\Programme\Feb2005_d3dx9_24_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1362796 _____ () C:\Programme\Feb2006_d3dx9_29_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1084720 _____ () C:\Programme\Feb2006_d3dx9_29_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0178359 _____ () C:\Programme\Feb2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0132409 _____ () C:\Programme\Feb2006_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0194675 _____ () C:\Programme\FEB2007_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0147983 _____ () C:\Programme\FEB2007_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0054678 _____ () C:\Programme\Feb2010_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0020713 _____ () C:\Programme\Feb2010_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0122446 _____ () C:\Programme\Feb2010_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093180 _____ () C:\Programme\Feb2010_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0276960 _____ () C:\Programme\Feb2010_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0277191 _____ () C:\Programme\Feb2010_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1336002 _____ () C:\Programme\Jun2005_d3dx9_26_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1064925 _____ () C:\Programme\Jun2005_d3dx9_26_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0180785 _____ () C:\Programme\JUN2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0133671 _____ () C:\Programme\JUN2006_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0699044 _____ () C:\Programme\JUN2007_d3dx10_34_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0698472 _____ () C:\Programme\JUN2007_d3dx10_34_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1607774 _____ () C:\Programme\JUN2007_d3dx9_34_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1607286 _____ () C:\Programme\JUN2007_d3dx9_34_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0197122 _____ () C:\Programme\JUN2007_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0152909 _____ () C:\Programme\JUN2007_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0867828 _____ () C:\Programme\JUN2008_d3dx10_38_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0849919 _____ () C:\Programme\JUN2008_d3dx10_38_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1792608 _____ () C:\Programme\JUN2008_d3dx9_38_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1463878 _____ () C:\Programme\JUN2008_d3dx9_38_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0055154 _____ () C:\Programme\JUN2008_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021905 _____ () C:\Programme\JUN2008_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0121054 _____ () C:\Programme\JUN2008_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093128 _____ () C:\Programme\JUN2008_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0269628 _____ () C:\Programme\JUN2008_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0269024 _____ () C:\Programme\JUN2008_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0944460 _____ () C:\Programme\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0931471 ____C () C:\Programme\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0752783 _____ () C:\Programme\Jun2010_d3dcsx_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0762188 _____ () C:\Programme\Jun2010_d3dcsx_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0235955 _____ () C:\Programme\Jun2010_d3dx10_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0197283 _____ () C:\Programme\Jun2010_d3dx10_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0138205 _____ () C:\Programme\Jun2010_d3dx11_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0109445 _____ () C:\Programme\Jun2010_d3dx11_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0937246 _____ () C:\Programme\Jun2010_d3dx9_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0768036 _____ () C:\Programme\Jun2010_d3dx9_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0124596 _____ () C:\Programme\Jun2010_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093686 _____ () C:\Programme\Jun2010_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0277338 _____ () C:\Programme\Jun2010_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0278060 _____ () C:\Programme\Jun2010_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0844884 _____ () C:\Programme\Mar2008_d3dx10_37_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0818260 _____ () C:\Programme\Mar2008_d3dx10_37_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1769862 _____ () C:\Programme\Mar2008_d3dx9_37_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1443282 _____ () C:\Programme\Mar2008_d3dx9_37_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0055058 _____ () C:\Programme\Mar2008_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021867 _____ () C:\Programme\Mar2008_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0122336 _____ () C:\Programme\Mar2008_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093734 _____ () C:\Programme\Mar2008_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0251194 _____ () C:\Programme\Mar2008_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0226250 _____ () C:\Programme\Mar2008_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1067160 _____ () C:\Programme\Mar2009_d3dx10_41_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1040745 _____ () C:\Programme\Mar2009_d3dx10_41_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1973702 _____ () C:\Programme\Mar2009_d3dx9_41_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1612446 _____ () C:\Programme\Mar2009_d3dx9_41_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0054600 _____ () C:\Programme\Mar2009_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021298 _____ () C:\Programme\Mar2009_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0121506 _____ () C:\Programme\Mar2009_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0092740 _____ () C:\Programme\Mar2009_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0275044 _____ () C:\Programme\Mar2009_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0273018 _____ () C:\Programme\Mar2009_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0864600 ____C () C:\Programme\Nov2007_d3dx10_36_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0803884 ____C () C:\Programme\Nov2007_d3dx10_36_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1802058 _____ () C:\Programme\Nov2007_d3dx9_36_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1709360 _____ () C:\Programme\Nov2007_d3dx9_36_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0046144 _____ () C:\Programme\NOV2007_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0018496 _____ () C:\Programme\NOV2007_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0196762 _____ () C:\Programme\NOV2007_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0148264 ____C () C:\Programme\NOV2007_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0994154 _____ () C:\Programme\Nov2008_d3dx10_40_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0965421 _____ () C:\Programme\Nov2008_d3dx10_40_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1906878 _____ () C:\Programme\Nov2008_d3dx9_40_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1550796 _____ () C:\Programme\Nov2008_d3dx9_40_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0054522 _____ () C:\Programme\Nov2008_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021851 _____ () C:\Programme\Nov2008_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0121794 _____ () C:\Programme\Nov2008_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0092684 _____ () C:\Programme\Nov2008_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0273960 _____ () C:\Programme\Nov2008_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0272611 _____ () C:\Programme\Nov2008_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0086037 _____ () C:\Programme\Oct2005_xinput_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0045359 _____ () C:\Programme\Oct2005_xinput_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1412902 _____ () C:\Programme\OCT2006_d3dx9_31_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1127217 _____ () C:\Programme\OCT2006_d3dx9_31_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0182361 _____ () C:\Programme\OCT2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0138017 _____ () C:\Programme\OCT2006_XACT_x86.cab
2009-12-25 16:14 - 2009-12-25 16:14 - 0002528 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\$_hpcst$.hpc
2009-07-15 19:33 - 2009-11-16 18:47 - 0000302 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AVSDVDPlayer.m3u
2009-11-28 22:49 - 2009-11-28 22:50 - 0000988 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\BBMS_EXCEPTION.txt
2010-08-19 20:24 - 2010-08-26 15:52 - 0148284 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\mdbu.bin
2013-04-15 17:02 - 2013-04-15 17:02 - 0661642 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Scorch_Install.log
2009-07-17 22:57 - 2015-02-27 08:15 - 0077824 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-25 16:28 - 2009-10-25 16:28 - 0000083 ____C () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\FASTWiz.log
2012-08-11 14:02 - 2015-04-06 19:39 - 0000190 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\rbxcsettings.rbx
2013-08-02 09:46 - 2013-08-02 09:46 - 0001545 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
2009-11-28 22:52 - 2009-11-28 22:52 - 0000000 ____C () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\rx_image.Cache

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcopl7v.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1555456 ____A (Microsoft Corporation) e36df1443ac667e81fc1764dc3ad763e     

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0552448 ____A (Microsoft Corporation) ad37df3fb8f168e42c09b77b487f6812     

C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0589312 ____A (Microsoft Corporation) bf517c3fa60065df6d97744648602957     

C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-04-2015
Ran by Albert at 2015-04-12 09:08:06
Running from C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity 2010 (Enabled - Up to date) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
FW: G Data Personal Firewall (Disabled) {6E6F4BA6-C07D-443F-A130-0A57DA59A082}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Abilis Systems WinXP Vista32 BDA Driver 1.3.1.6370 (HKLM\...\{C1DC4648-39BB-401A-8327-04BFC68AE98A}) (Version: 1.3.1.6370 - Abilis Systems)
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
AFPL Ghostscript 8.54 (HKLM\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version:  - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version:  - )
Alien Skin Xenofex 2.0 (HKLM\...\Xenofex2) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft "DiaShow 7 für YouTube" (HKLM\...\{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1) (Version: 7.7.11.35343 - AquaSoft GmbH)
AquaSoft DiaShow 6 for YouTube (Version: 6.6.02 - AquaSoft) Hidden
ArcSoft TotalMedia 3.5 (HKLM\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version:  - ArcSoft)
Ashampoo Burning Studio 6 FREE (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.7.6 - ashampoo GmbH & Co. KG)
Attansic L1 Gigabit Ethernet Driver (HKLM\...\AtcL1) (Version:  - )
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
AudibleManager (HKLM\...\AudibleManager) (Version: 1309592.1378168.1310188.2089937184 - Audible, Inc.)
Audio Eddie Pro - Version 2.1.1.1220 (HKLM\...\Audio Eddie Pro_is1) (Version:  - Song Galaxy)
BestPractice (remove only) (HKLM\...\BestPractice) (Version:  - )
Brother MFL-Pro Suite DCP-J315W (HKLM\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Browser-Anonymisierer 2.0 (HKLM\...\Browser-Anonymisierer_is1) (Version: 2.0.0.0 - Alexander Miehlke Softwareentwicklung)
CCEnhancer 3.2 (HKLM\...\CCEnhancer) (Version: 3.2 - )
CCFinder (HKLM\...\CCFinderAppId_is1) (Version: 2013 - Abelssoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.5.2014 - Georgy Berdyshev)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CyberLink PhotoDirector 2011 (HKLM\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2105 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Express Burn (HKLM\...\ExpressBurn) (Version: 4.69 - NCH Software)
Eye Candy 3 (HKLM\...\Eye Candy 3) (Version:  - )
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Filters Unlimited 2.0 (HKLM\...\Filters Unlimited_is1) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
FrameManager (HKLM\...\{FF40559B-9BFA-4A93-9A7B-92F6C69BC288}) (Version: 3.00.0000 - Samsung)
FrameManager (Version: 3.00.0000 - Samsung) Hidden
Free Studio version 5.0.0 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
G Data InternetSecurity (HKLM\...\{D729E05E-B2B9-4DC4-AF57-47310576EDE0}) (Version: 20.1.1.0 - G Data Software AG)
GMX ProfiFax (HKLM\...\GMX ProfiFax) (Version: 2.00.222 - GMX GmbH)
GMX SMS-Manager (HKLM\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.1 - 1 und 1 Internet AG)
GMX SMS-Manager (Version: 2.1 - 1 und 1 Internet AG) Hidden
GMX Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
HyperCam 2 (HKLM\...\HyperCam 2) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
JMB36X Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LAME v3.98.3 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version:  - )
Loadstreet Highspeed Surfer 2.0 Professional (HKLM\...\{AED7E4B5-381E-4E47-BB54-E5127B5A28E0}_is1) (Version: 2.0 - Reohix)
MAGIX Web Designer 10 Premium (HKLM\...\MX.{676C3DFD-26D3-405B-BB53-32892DCFE85A}) (Version: 10.1.4.36393 - MAGIX Software GmbH)
MAGIX Web Designer 10 Premium (Version: 10.1.4.36393 - MAGIX Software GmbH) Hidden
MAGIX Web Designer 6 Content (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Web Designer 6 DLV Update (Version: 6.0.1.16336 - MAGIX AG) Hidden
MAGIX Web Designer 6 Download-Version (HKLM\...\MAGIX_MSI_Web_Designer_6) (Version: 6.0.1.12379 - MAGIX AG)
MAGIX Web Designer 6 Download-Version (Version: 6.0.1.12379 - MAGIX AG) Hidden
MAGIX Web Designer 9 Premium (HKLM\...\MX.{7844CF67-6EE6-4C5B-AD1B-C2A13D985D3D}) (Version: 9.0.1.27343 - MAGIX AG)
MAGIX Web Designer 9 Premium (Version: 9.0.1.27343 - MAGIX AG) Hidden
MAGIX Xtreme Web Designer 5 5.0.1.8579 (D) (HKLM\...\MAGIX Xtreme Web Designer 5 D) (Version: 5.0.1.8579 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaConverter 1.3.8 (HKLM\...\MediaConverter) (Version: 1.3.8 - SoMud)
MegaFont Starter Edition 2012 (HKLM\...\MegaFont Starter Edition) (Version: 2012 - Softmaker)
Megafonts Schriften II 1.0 (HKLM\...\Megafonts Schriften II) (Version: 1.0 - Softmaker)
Melodyne 3.2 Demo (Version: 3.2.0105 - Celemony Software GmbH) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU (HKLM\...\{9309DD7E-EBFE-3C95-8B47-30D3A012F606}) (Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU (HKLM\...\{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}) (Version: 3.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft ActiveSync 4.0 (HKLM\...\{B208806F-A231-4FA0-AB3F-5C1B8979223E}) (Version: 4.2.4875.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM\...\Design_8.0.31217.1) (Version: 8.0.31217.1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
MixPad Audiodatei-Mixer (HKLM\...\MixPad) (Version: 3.37 - NCH Software)
Mozilla Firefox 37.0.1 (x86 de) (HKLM\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MP3 Cutter 1.1.1 (HKLM\...\MP3 Cutter_is1) (Version:  - MP3Cutter.org)
MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSN (HKLM\...\MSNINST) (Version:  - )
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPaint 0.9.1 (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\MyPaint) (Version: 0.9.1 - Martin Renold & MyPaint Development Team)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero MediaHome 4 Essentials (HKLM\...\{f7a4078e-2193-49e0-a3f6-a65f56978e85}) (Version:  - Nero AG)
NETGEAR Powerline Utility (HKLM\...\InstallShield_{2753B568-6F85-4E31-A114-A7F8D8606DDD}) (Version: 3.1.0.4 - NETGEAR Powerline)
NETGEAR Powerline Utility (Version: 3.1.0.4 - NETGEAR Powerline) Hidden
NETGEAR USB Media Extender  (HKLM\...\{BB2E525C-A5AF-49BD-9695-D47D29A37A6F}) (Version: 1.32 - NETGEAR)
No23 Recorder (HKLM\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (Version: 2.1.0.3 - No23) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia Ovi Suite (HKLM\...\Nokia Ovi Suite) (Version: 3.1.1.85 - Nokia)
Nokia Ovi Suite (Version: 3.1.1.85 - Nokia) Hidden
Nokia Ovi Suite Software Updater (HKLM\...\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}) (Version: 02.07.004.45780 - Nokia Corporation)
NVIDIA Grafiktreiber 260.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 260.99 - NVIDIA Corporation)
NVIDIA nView 135.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.36 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
ODF Add-In für Microsoft Office (HKLM\...\{8133D88C-C6F0-4D1A-962E-C3F57D0AB117}) (Version: 3.0.5246.0 - OpenXML/ODF Translator Team)
Ovi Desktop Sync Engine (Version: 1.5.266.0 - Nokia) Hidden
OviMPlatform (Version: 2.7.72.0 - Nokia) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
Paragon Total Defrag™ 2010 (HKLM\...\{1B54FF9E-5FDD-11DE-8B01-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.19.0 - Nokia)
PCI Audio Driver (HKLM\...\PCI Audio Driver) (Version:  - )
PDF Blender (HKLM\...\PDF Blender) (Version:  - )
PDF24 Creator 6.3.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.2 - Frank Heindörfer, Philip Chinery)
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.2 - Systemberatung Schommer)
PhotoFilmStrip 2.0.0 (HKLM\...\PhotoFilmStrip_is1) (Version: 2.0.0 - Jens Gï¿½pfert)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7071 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
ROBLOX Player for Albert (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Samsung Media Studio 5 (HKLM\...\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}) (Version: 5.0 - Samsung)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )
SAMSUNG Mobile USB Driver (HKLM\...\{7184F382-8A6C-4B85-A3AC-B63734B1E241}) (Version: 1.00.0000 - SAMSUNG)
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Sheet Music Plus Digital Print (HKLM\...\com.sheetmusicplus.DigitalAirPrint) (Version: v2011.11.14 - Sheet Music Plus, LLC)
Sheet Music Plus Digital Print (Version: 255.11.14 - Sheet Music Plus, LLC) Hidden
Should I Remove It (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)
SIW version 2011.10.29 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SnapPea (HKLM\...\Wandoujia2) (Version:  - Wandou Labs)
Solero Music Control 1.0.1.7 (HKLM\...\Solero Music Control_is1) (Version: 1.0.1.7 - FreeHand Systems, Inc.)
Solero Music Viewer 8.0.32.2 (HKLM\...\Solero Music Viewer_is1) (Version: 8.0.32.2 - FreeHand Music, Inc.)
Songsmith (HKLM\...\{30906093-42C6-4968-AEDD-B915972CF0DB}) (Version: 12.08.2700 - Microsoft Research)
SpeedCommander 11 (HKLM\...\SpeedCommander 11) (Version: 11 - SpeedProject)
Spesoft Audio Converter 1.80 (HKLM\...\Spesoft Audio Converter_is1) (Version:  - Spesoft)
Spotify (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Sprite Backup (HKLM\...\{ABC5404F-F0F3-4221-8DB9-5D34DD866E50}) (Version: 5.01 - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Sun ODF Plugin for Microsoft Office 3.2 (HKLM\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
SuperEasy Photo Booster v.1.1.2131 (HKLM\...\{039BC111-1600-6CEF-A8E5-198B376ED64D}_is1) (Version: 1.1.2131 - SuperEasy Software GmbH & Co. KG)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
TotalAudioConverter (HKLM\...\Total Audio Converter_is1) (Version:  - Helmsman, Inc.)
Trojan Remover 6.9.1 (HKLM\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.260 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.260 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.260 - TuneUp Software) Hidden
Ulead PhotoImpact 11 (HKLM\...\{C8550C86-A712-4219-AD4C-038C9FD1D149}) (Version: 11.0 - Ulead System)
Ulead PhotoImpact X3 (HKLM\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel)
Ulead PhotoImpact X3 (Version: 1.00.0000 - Corel) Hidden
Update für Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Videoload (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\829575110.wcps.t-online.de) (Version:  - wcps.t-online.de)
VirtualCom driver (HKLM\...\{1943A043-5C85-4A16-A0D0-D687B2C1A40F}) (Version: 1.0.0 - AIT)
VistaMizer 3.6.0.0 (HKLM\...\VistaMizer) (Version: 3.6.0.0 - Manuel Hoefs (alias Zottel))
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WDR RadioRecorder (HKLM\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
Web Designer Premium 10 Update (Version: 10.1.5.36870 - MAGIX Software GmbH) Hidden
Web Designer Premium 9 Update (Version: 9.0.3.28277 - MAGIX AG) Hidden
Web Designer Premium 9 Update (Version: 9.2.7.30974 - MAGIX AG) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Encoder 9-Reihe (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xenofex 1.0 (HKLM\...\Xenofex 1.0) (Version:  - )
XMedia Recode Version 3.1.5.4 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.5.4 - XMedia Recode)
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden
XnConvert 1.63 (HKLM\...\XnConvert_is1) (Version: 1.63 - Gougelet Pierre-e)
YouTube Song Downloader (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.2 - Abelssoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Programme\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions\version-953d9034d866480b\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{7F459B4C-65F0-4D44-BB27-66C5FD3CA151}\InprocServer32 -> C:\Programme\OpenXML-ODF Translator\OdfPowerPointAddinShim.dll (DIaLOGIKa)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{8B0FA615-584F-40DC-85C7-78901AC6B80A}\InprocServer32 -> C:\Programme\MAGIX\Xtreme_Web_Designer_5\XaraDLLs\XarThumb.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Programme\MAGIX\Web Designer 10 Premium\WebDesigner.exe (MAGIX Software GmbH)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Programme\MAGIX\Web Designer 10 Premium\WebDesigner.exe (MAGIX Software GmbH)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions\version-953d9034d866480b\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{E00C9EBB-F140-4E6F-8C7B-EED19AE33AEA}\InprocServer32 -> C:\Programme\OpenXML-ODF Translator\OdfExcelAddinShim.dll (Sonata)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{F474D30D-3450-423E-AE62-BD3307544E86}\InprocServer32 -> C:\Programme\OpenXML-ODF Translator\OdfWordAddinShim.dll (DIaLOGIKa)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-03-2015 10:10:39 Systemprüfpunkt
21-03-2015 10:44:09 Systemprüfpunkt
22-03-2015 12:14:39 Systemprüfpunkt
23-03-2015 12:45:00 Systemprüfpunkt
24-03-2015 15:58:43 Systemprüfpunkt
25-03-2015 16:49:30 Systemprüfpunkt
26-03-2015 19:48:53 Systemprüfpunkt
27-03-2015 20:24:55 Systemprüfpunkt
28-03-2015 20:33:36 Systemprüfpunkt
30-03-2015 09:46:32 Systemprüfpunkt
01-04-2015 08:49:32 Systemprüfpunkt
02-04-2015 13:34:48 Systemprüfpunkt
03-04-2015 19:02:26 Systemprüfpunkt
04-04-2015 19:39:03 Systemprüfpunkt
05-04-2015 19:42:23 Systemprüfpunkt
06-04-2015 22:36:35 Systemprüfpunkt
07-04-2015 23:19:49 Systemprüfpunkt
09-04-2015 09:25:28 Systemprüfpunkt
10-04-2015 11:53:18 Systemprüfpunkt
11-04-2015 13:25:27 Systemprüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 14:00 - 2008-04-14 14:00 - 00000820 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Programme\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Programme\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) ==============

2010-05-18 22:14 - 2001-10-28 17:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2012-08-24 17:52 - 2010-06-17 21:56 - 00116224 _____ () C:\WINDOWS\system32\redmonnt.dll
2008-04-14 14:00 - 2008-04-14 14:00 - 00014336 ____N () C:\WINDOWS\system32\msdmo.dll
2013-01-25 21:06 - 2011-11-18 15:51 - 03673944 _____ () C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
2013-08-24 09:47 - 2013-05-16 10:55 - 00113496 _____ () C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-08-24 09:47 - 2013-05-16 10:55 - 00416600 _____ () C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-24 09:47 - 2013-05-16 10:55 - 00161112 _____ () C:\Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-08-24 09:47 - 2012-08-23 10:38 - 00574840 _____ () C:\Programme\Spybot - Search & Destroy 2\sqlite3.dll
2013-08-24 09:47 - 2012-04-03 17:06 - 00565640 _____ () C:\Programme\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-02-26 15:17 - 2015-02-26 15:17 - 00163328 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp
2012-04-24 13:15 - 2009-02-27 16:38 - 00139264 ____R () C:\Programme\Brother\BrUtilities\BrLogAPI.dll
2014-01-28 13:34 - 2014-01-28 13:34 - 00607032 _____ () C:\Programme\TuneUp Utilities 2013\avgreplibx.dll
2010-06-26 07:43 - 2010-06-26 07:43 - 00240128 _____ () C:\WINDOWS\MPAssoc.dll
2009-07-15 21:48 - 2008-09-16 20:18 - 00132608 _____ () C:\Programme\WinRAR\rarext.dll
2006-06-21 00:35 - 2006-06-21 00:35 - 00017704 _____ () C:\Programme\Microsoft ActiveSync\rapiproxystub.dll
2010-12-18 20:59 - 2010-08-26 01:12 - 02459240 _____ () C:\Programme\NVIDIA Corporation\nView\nview.dll
2015-01-21 22:52 - 2014-10-31 17:37 - 01498112 _____ () C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-01-21 22:52 - 2014-05-19 18:19 - 00137728 _____ () C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2012-04-13 08:49 - 2006-02-21 15:04 - 00552960 _____ () C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Programme\CCleaner\lang\lang-1031.dll
2015-01-06 15:18 - 2015-01-06 15:18 - 00039192 _____ () C:\Programme\CCleaner\branding.dll
2014-10-22 17:43 - 2014-12-08 08:27 - 06277952 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
2014-03-27 20:27 - 2011-01-31 10:45 - 00559244 _____ () C:\Programme\Browser-Anonymisierer\sqlite3.dll
2015-04-12 07:57 - 2015-04-12 07:57 - 00043008 _____ () c:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcopl7v.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-19 08:44 - 2015-03-19 08:44 - 16858288 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Dokumente und Einstellungen\Albert:zylomtest
AlternateDataStreams: C:\Dokumente und Einstellungen\Albert:zylomtr{000HQ7FF-AD7A-3FG3-9P7R-292OFTVD6VUP}
AlternateDataStreams: C:\Dokumente und Einstellungen\Albert:zylomtr{000HQ7FF-AD7A-3FG6-3908-29CNF5LCOVPA}
AlternateDataStreams: C:\Dokumente und Einstellungen\Albert\Desktop\2015-04-05 08.52.59.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Dokumente und Einstellungen\Albert\Desktop\2015-04-05 08.53.09.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Dokumente und Einstellungen\Albert\Desktop\Rosen Birgit.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Dokumente und Einstellungen\Albert\Eigene Dateien\2013-05-02 15.59.58.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:0A8E2C33
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:0E22C5DB
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1482476501-1390067357-1801674531-1006\Control Panel\Desktop\\Wallpaper -> (Kein)
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TMMonitor.lnk => C:\WINDOWS\pss\TMMonitor.lnkCommon Startup
MSCONFIG\startupreg: 1und1Dispatcher => "C:\Programme\1und1Softwareaktualisierung\SchedDispatcher.exe" xp
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: Facebook Update => "C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreePDF Assistant => "C:\Programme\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: Intermediate => "C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Programme\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Programme\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Programme\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MSMSGS => "C:\Programme\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: RegHunter Registry Cleaner => "C:\Programme\Enigma Software Group\RegHunter\RegHunter.exe" -silent
MSCONFIG\startupreg: Spotify => "C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpyHunter Security Suite => C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe
MSCONFIG\startupreg: TkBellExe => "C:\Programme\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe                                                                                                                                                                                                   

==================== Accounts: =============================

Administrator (S-1-5-21-1482476501-1390067357-1801674531-500 - Administrator - Enabled)
Albert (S-1-5-21-1482476501-1390067357-1801674531-1004 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Albert
ASPNET (S-1-5-21-1482476501-1390067357-1801674531-1005 - Limited - Enabled)
Gast (S-1-5-21-1482476501-1390067357-1801674531-501 - Limited - Enabled)
Hilfeassistent (S-1-5-21-1482476501-1390067357-1801674531-1000 - Limited - Disabled)
NeroMediaHomeUser.4 (S-1-5-21-1482476501-1390067357-1801674531-1006 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\NeroMediaHomeUser.4
SUPPORT_388945a0 (S-1-5-21-1482476501-1390067357-1801674531-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (101/102 Tasten) oder Microsoft Natural Keyboard (PS/2)
Description: Standardtastatur (101/102 Tasten) oder Microsoft Natural Keyboard (PS/2)
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/12/2015 08:46:16 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/04/12 08:46:16.582]: [00001864]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.2.176]

Error: (04/12/2015 08:36:50 AM) (Source: nview) (EventID: 1) (User: )
Description: shared heap exhausted or damaged or allocation failed

Error: (04/12/2015 07:55:56 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.

Error: (04/12/2015 07:55:54 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/04/12 07:55:54.285]: [00001864]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.2.176]

Error: (04/12/2015 07:55:41 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/12/2015 07:55:40 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (04/11/2015 09:00:11 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/04/11 21:00:11.932]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]

Error: (04/11/2015 08:18:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/04/11 20:18:58.394]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]

Error: (04/11/2015 05:26:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/04/11 17:26:06.083]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]

Error: (04/11/2015 05:25:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/04/11 17:25:02.786]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]


System errors:
=============
Error: (04/12/2015 07:54:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/12/2015 07:54:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D 2 Security Center Service.

Error: (04/11/2015 01:00:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/11/2015 01:00:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D 2 Security Center Service.

Error: (04/10/2015 08:25:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/10/2015 08:25:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D 2 Security Center Service.

Error: (04/09/2015 08:39:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/09/2015 07:33:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/09/2015 07:33:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D 2 Security Center Service.

Error: (04/08/2015 10:41:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (04/12/2015 08:46:16 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STIBrtSTI: [2015/04/12 08:46:16.582]: [00001864]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.2.176]

Error: (04/12/2015 08:36:50 AM) (Source: nview) (EventID: 1) (User: )
Description: shared heap exhausted or damaged or allocation failed

Error: (04/12/2015 07:55:56 AM) (Source: crypt32) (EventID: 8) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.

Error: (04/12/2015 07:55:54 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STIBrtSTI: [2015/04/12 07:55:54.285]: [00001864]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.2.176]

Error: (04/12/2015 07:55:41 AM) (Source: crypt32) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/12/2015 07:55:40 AM) (Source: crypt32) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (04/11/2015 09:00:11 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STIBrtSTI: [2015/04/11 21:00:11.932]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]

Error: (04/11/2015 08:18:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STIBrtSTI: [2015/04/11 20:18:58.394]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]

Error: (04/11/2015 05:26:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STIBrtSTI: [2015/04/11 17:26:06.083]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]

Error: (04/11/2015 05:25:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STIBrtSTI: [2015/04/11 17:25:02.786]: [00002188]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.2.176]


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 49%
Total physical RAM: 3327.04 MB
Available physical RAM: 1668.71 MB
Total Pagefile: 5210.32 MB
Available Pagefile: 2877.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:22.5 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:271.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: AB60AB60)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: AB98AB98)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 12.04.2015, 10:18

Windows XP? Und die Kiste ist noch Online? Mutig.

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Grit1962 · 12.04.2015, 12:32

Ja ja, ich sag ja Schätzchen...aber so schrecklich heiß geliebt, die alte Dame..und ich selbst bin auch so ein treues Seelchen...

Hier kommt Schritt eins. Scan Finished: No Malware found

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.11.08
  rootkit: v2015.03.31.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Albert :: WOJAN-A1D7AE3E1 [administrator]

12.04.2015 11:55:12
mbar-log-2015-04-12 (11-55-12).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 417555
Time elapsed: 34 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

hier nun Teil 2 der Aufgabe. Und man wurde fündig.

Code:

ATTFilter

13:11:20.0723 0x0e48  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:11:32.0473 0x0e48  ============================================================
13:11:32.0473 0x0e48  Current date / time: 2015/04/12 13:11:32.0473
13:11:32.0473 0x0e48  SystemInfo:
13:11:32.0473 0x0e48  
13:11:32.0473 0x0e48  OS Version: 5.1.2600 ServicePack: 3.0
13:11:32.0473 0x0e48  Product type: Workstation
13:11:32.0473 0x0e48  ComputerName: WOJAN-A1D7AE3E1
13:11:32.0473 0x0e48  UserName: Albert
13:11:32.0473 0x0e48  Windows directory: C:\WINDOWS
13:11:32.0473 0x0e48  System windows directory: C:\WINDOWS
13:11:32.0473 0x0e48  Processor architecture: Intel x86
13:11:32.0473 0x0e48  Number of processors: 2
13:11:32.0473 0x0e48  Page size: 0x1000
13:11:32.0473 0x0e48  Boot type: Normal boot
13:11:32.0473 0x0e48  ============================================================
13:11:36.0488 0x0e48  KLMD registered as C:\WINDOWS\system32\drivers\09164098.sys
13:11:37.0551 0x0e48  System UUID: {20697C2E-9D14-6FD2-653D-4E25CA2A697F}
13:11:39.0207 0x0e48  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:11:39.0207 0x0e48  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:11:39.0238 0x0e48  ============================================================
13:11:39.0238 0x0e48  \Device\Harddisk0\DR0:
13:11:39.0238 0x0e48  MBR partitions:
13:11:39.0238 0x0e48  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
13:11:39.0238 0x0e48  \Device\Harddisk1\DR1:
13:11:39.0238 0x0e48  MBR partitions:
13:11:39.0238 0x0e48  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
13:11:39.0238 0x0e48  ============================================================
13:11:39.0285 0x0e48  C: <-> \Device\Harddisk0\DR0\Partition1
13:11:39.0379 0x0e48  D: <-> \Device\Harddisk1\DR1\Partition1
13:11:39.0379 0x0e48  ============================================================
13:11:39.0379 0x0e48  Initialize success
13:11:39.0379 0x0e48  ============================================================
13:11:58.0973 0x0e50  ============================================================
13:11:58.0973 0x0e50  Scan started
13:11:58.0973 0x0e50  Mode: Manual; 
13:11:58.0973 0x0e50  ============================================================
13:11:58.0973 0x0e50  KSN ping started
13:12:01.0676 0x0e50  KSN ping finished: true
13:12:02.0238 0x0e50  ================ Scan system memory ========================
13:12:02.0254 0x0e50  System memory - ok
13:12:02.0254 0x0e50  ================ Scan services =============================
13:12:02.0379 0x0e50  [ 0FA0C466DADC85055D7E9698DA4DE5D5, E332EF24165075ACC90E7A3E6896852AB9194D30451468517C8F51CE9914325F ] AbilisT         C:\WINDOWS\system32\Drivers\AbilisBdaTuner.sys
13:12:02.0379 0x0e50  AbilisT - ok
13:12:02.0504 0x0e50  Abiosdsk - ok
13:12:02.0519 0x0e50  abp480n5 - ok
13:12:02.0598 0x0e50  [ 83AC3133B5770E08F925636A1F96C1E6, 5689169D12FFA35F1CBC70584B1C5ACDFB860FE9C222AFCEEDD338DF1200C518 ] ACDaemon        C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
13:12:02.0598 0x0e50  ACDaemon - ok
13:12:02.0644 0x0e50  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:12:02.0644 0x0e50  ACPI - ok
13:12:02.0676 0x0e50  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
13:12:02.0676 0x0e50  ACPIEC - ok
13:12:02.0754 0x0e50  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:02.0769 0x0e50  AdobeFlashPlayerUpdateSvc - ok
13:12:02.0769 0x0e50  adpu160m - ok
13:12:02.0816 0x0e50  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
13:12:02.0832 0x0e50  aec - ok
13:12:02.0848 0x0e50  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB580D2D44FA8C23C ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
13:12:02.0863 0x0e50  Afc - ok
13:12:02.0879 0x0e50  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
13:12:03.0238 0x0e50  AFD - ok
13:12:03.0254 0x0e50  Aha154x - ok
13:12:03.0254 0x0e50  aic78u2 - ok
13:12:03.0254 0x0e50  aic78xx - ok
13:12:03.0285 0x0e50  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
13:12:03.0301 0x0e50  Alerter - ok
13:12:03.0316 0x0e50  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
13:12:03.0316 0x0e50  ALG - ok
13:12:03.0332 0x0e50  AliIde - ok
13:12:03.0441 0x0e50  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
13:12:03.0566 0x0e50  Ambfilt - ok
13:12:03.0582 0x0e50  amsint - ok
13:12:03.0582 0x0e50  AppMgmt - ok
13:12:03.0598 0x0e50  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:12:03.0598 0x0e50  Arp1394 - ok
13:12:03.0613 0x0e50  asc - ok
13:12:03.0613 0x0e50  asc3350p - ok
13:12:03.0613 0x0e50  asc3550 - ok
13:12:03.0754 0x0e50  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:12:03.0754 0x0e50  aspnet_state - ok
13:12:03.0785 0x0e50  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:12:03.0785 0x0e50  AsyncMac - ok
13:12:03.0848 0x0e50  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
13:12:03.0848 0x0e50  atapi - ok
13:12:03.0879 0x0e50  [ 19F277BC4CE5689F20F347A6B8AA8C42, 2810AB6D9C9F143FF6CE8FC01901A785956891A3D2A53416FC6D6EF799D0FB15 ] AtcL001         C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
13:12:03.0894 0x0e50  AtcL001 - ok
13:12:03.0910 0x0e50  Atdisk - ok
13:12:03.0926 0x0e50  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:12:03.0926 0x0e50  Atmarpc - ok
13:12:03.0957 0x0e50  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
13:12:03.0957 0x0e50  AudioSrv - ok
13:12:04.0004 0x0e50  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
13:12:04.0019 0x0e50  audstub - ok
13:12:04.0285 0x0e50  [ 780AC17E6C1B5A35AB5A2BA58212EA55, 88E1A828B55860E07B0E7A41AFD1D00CFCFD5C0C16CC5D2881682698A2DBE93F ] AVKProxy        C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
13:12:04.0348 0x0e50  AVKProxy - ok
13:12:04.0613 0x0e50  [ EB024C7DFCFBC24117BABD07B4020D81, DBDDD1E2BA95C3A976F38962598886F86F2F0B64366690EA6D124AA611A3121F ] AVKService      C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
13:12:04.0629 0x0e50  AVKService - ok
13:12:04.0941 0x0e50  [ 360E4F34D4FD87A432639A48054954EA, 71FC7EAEE74A0500690507475276192D82CC979D1EEF234BFC19827AB90CE7A7 ] AVKWCtl         C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
13:12:04.0988 0x0e50  AVKWCtl - ok
13:12:05.0035 0x0e50  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:12:05.0035 0x0e50  Beep - ok
13:12:05.0082 0x0e50  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
13:12:05.0176 0x0e50  BITS - ok
13:12:05.0223 0x0e50  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
13:12:05.0223 0x0e50  Browser - ok
13:12:05.0285 0x0e50  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Programme\Browny02\BrYNSvc.exe
13:12:05.0285 0x0e50  BrYNSvc - ok
13:12:05.0316 0x0e50  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
13:12:05.0316 0x0e50  BthEnum - ok
13:12:05.0332 0x0e50  [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
13:12:05.0348 0x0e50  BTHMODEM - ok
13:12:05.0363 0x0e50  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
13:12:05.0363 0x0e50  BthPan - ok
13:12:05.0394 0x0e50  [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
13:12:05.0410 0x0e50  BTHPORT - ok
13:12:05.0441 0x0e50  [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ         C:\WINDOWS\System32\bthserv.dll
13:12:05.0441 0x0e50  BthServ - ok
13:12:05.0473 0x0e50  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
13:12:05.0473 0x0e50  BTHUSB - ok
13:12:05.0582 0x0e50  catchme - ok
13:12:05.0613 0x0e50  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
13:12:05.0629 0x0e50  cbidf2k - ok
13:12:05.0644 0x0e50  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:12:05.0644 0x0e50  CCDECODE - ok
13:12:05.0660 0x0e50  cd20xrnt - ok
13:12:05.0676 0x0e50  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
13:12:05.0691 0x0e50  Cdaudio - ok
13:12:05.0723 0x0e50  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
13:12:05.0723 0x0e50  Cdfs - ok
13:12:05.0769 0x0e50  [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:12:05.0769 0x0e50  Cdrom - ok
13:12:05.0816 0x0e50  [ C9503EED292DB41937C22F620FDAA39C, F39E2CD0F0A458E6012C97284BB636A785815353FF09E59DD5AB96C36E2EC5D0 ] cglptnt         C:\totalcmd\cglptnt.sys
13:12:05.0816 0x0e50  cglptnt - ok
13:12:05.0832 0x0e50  Changer - ok
13:12:05.0848 0x0e50  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
13:12:05.0848 0x0e50  CiSvc - ok
13:12:05.0879 0x0e50  [ DEDE0F8CE1E220E641D9C5E4353D0A2A, AE37440CBE0CDF318189460152F471488DE193D786962D699E68CB7BFCC52CCF ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
13:12:05.0879 0x0e50  ClipSrv - ok
13:12:05.0941 0x0e50  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:05.0941 0x0e50  clr_optimization_v2.0.50727_32 - ok
13:12:05.0957 0x0e50  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:12:05.0973 0x0e50  clr_optimization_v4.0.30319_32 - ok
13:12:05.0973 0x0e50  CmdIde - ok
13:12:06.0019 0x0e50  [ E5842CCF0953D3D46D5E26427B67E901, 4F3A87E015F81085F1AA8B57351AAA8B79D3C48DDF9D25FFD595E55A3BE506AF ] cmpci           C:\WINDOWS\system32\drivers\cmaudio.sys
13:12:06.0051 0x0e50  cmpci - ok
13:12:06.0051 0x0e50  cmuda3 - ok
13:12:06.0051 0x0e50  COMSysApp - ok
13:12:06.0066 0x0e50  Cpqarray - ok
13:12:06.0113 0x0e50  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
13:12:06.0113 0x0e50  CryptSvc - ok
13:12:06.0113 0x0e50  dac2w2k - ok
13:12:06.0129 0x0e50  dac960nt - ok
13:12:06.0176 0x0e50  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:12:06.0191 0x0e50  DcomLaunch - ok
13:12:06.0223 0x0e50  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
13:12:06.0223 0x0e50  Dhcp - ok
13:12:06.0238 0x0e50  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
13:12:06.0238 0x0e50  Disk - ok
13:12:06.0238 0x0e50  dmadmin - ok
13:12:06.0316 0x0e50  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
13:12:06.0348 0x0e50  dmboot - ok
13:12:06.0379 0x0e50  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
13:12:06.0379 0x0e50  dmio - ok
13:12:06.0410 0x0e50  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
13:12:06.0410 0x0e50  dmload - ok
13:12:06.0426 0x0e50  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
13:12:06.0441 0x0e50  dmserver - ok
13:12:06.0473 0x0e50  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
13:12:06.0613 0x0e50  DMusic - ok
13:12:06.0629 0x0e50  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:12:06.0629 0x0e50  Dnscache - ok
13:12:06.0644 0x0e50  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:12:06.0660 0x0e50  Dot3svc - ok
13:12:06.0676 0x0e50  dpti2o - ok
13:12:06.0676 0x0e50  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:12:06.0676 0x0e50  drmkaud - ok
13:12:06.0707 0x0e50  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
13:12:06.0707 0x0e50  EapHost - ok
13:12:06.0723 0x0e50  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
13:12:06.0723 0x0e50  ERSvc - ok
13:12:06.0754 0x0e50  esgiguard - ok
13:12:06.0785 0x0e50  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
13:12:06.0801 0x0e50  Eventlog - ok
13:12:06.0848 0x0e50  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
13:12:06.0863 0x0e50  EventSystem - ok
13:12:06.0879 0x0e50  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
13:12:06.0879 0x0e50  Fastfat - ok
13:12:06.0926 0x0e50  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:12:06.0941 0x0e50  FastUserSwitchingCompatibility - ok
13:12:06.0957 0x0e50  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
13:12:06.0973 0x0e50  Fdc - ok
13:12:06.0988 0x0e50  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
13:12:06.0988 0x0e50  Fips - ok
13:12:07.0160 0x0e50  [ 167D24A045499EBEF438F231976158DF, 237F1495BA79D9082D6B383FE9AC5C6154A6F76F181000401F5790236EB57301 ] FirebirdServerMAGIXInstance C:\Programme\MAGIX\Common\Database\bin\fbserver.exe
13:12:07.0238 0x0e50  FirebirdServerMAGIXInstance - ok
13:12:07.0269 0x0e50  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:12:07.0285 0x0e50  Flpydisk - ok
13:12:07.0316 0x0e50  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:12:07.0316 0x0e50  FltMgr - ok
13:12:07.0363 0x0e50  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:12:07.0379 0x0e50  FontCache3.0.0.0 - ok
13:12:07.0426 0x0e50  [ 07605743F3F7E2ECAA84E86EA9F2B509, 245AD7921535DBE5683258E82AC2AB33BA057A6624056E7FE4D171475B0233D5 ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
13:12:07.0426 0x0e50  FreemakeVideoCapture - ok
13:12:07.0441 0x0e50  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS
13:12:07.0519 0x0e50  FsUsbExDisk - ok
13:12:07.0566 0x0e50  [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService  C:\WINDOWS\system32\FsUsbExService.Exe
13:12:07.0566 0x0e50  FsUsbExService - ok
13:12:07.0582 0x0e50  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:12:07.0582 0x0e50  Fs_Rec - ok
13:12:07.0598 0x0e50  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:12:07.0613 0x0e50  Ftdisk - ok
13:12:07.0629 0x0e50  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
13:12:07.0629 0x0e50  gameenum - ok
13:12:07.0644 0x0e50  [ D54A94BB49EC52A930EB39A3EB4F43C6, 8B679A71FCF35E6F34468FD6D7A022EA09877274937246D75B75BE648FE42200 ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
13:12:07.0660 0x0e50  GDBehave - ok
13:12:07.0754 0x0e50  [ 476B1500901D17A357E3EA691087D26E, 9A4080A4510A1320B021398D44FB305A23B25EEA4B8AE15D4A61A85623EC4375 ] GDFwSvc         C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
13:12:07.0816 0x0e50  GDFwSvc - ok
13:12:07.0863 0x0e50  [ 76E409E9264E6732359F89FBCAC098A7, EF5D3292A46E0A3AF91B8EA18D7EB3E8EEEDAEFAD61B31FDF8876477D4D0A6C5 ] GDMnIcpt        C:\WINDOWS\system32\drivers\MiniIcpt.sys
13:12:07.0863 0x0e50  GDMnIcpt - ok
13:12:07.0879 0x0e50  [ AED237AE592D28AB80E3745F12376B59, 2E3FBA485A0DC51F2F229F485997B8C8FCF53CFBE61FD28C3975EDE048893D01 ] GDNdisIc        C:\WINDOWS\system32\drivers\GDNdisIc.sys
13:12:07.0879 0x0e50  GDNdisIc - ok
13:12:07.0941 0x0e50  [ D31F31342349964E245EAAC1BDC5F6A6, 4D42BF84B3EDE59D11EA90AC1CEB92741CCA8115D8041CF03BEDC0CC6467FB45 ] GDScan          C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
13:12:07.0957 0x0e50  GDScan - ok
13:12:07.0988 0x0e50  [ 77D1174D9EC1CC80808DE6614AE4C243, B7053D1DD54A570328188B2DB41DDCE8462FBE6D45790B27A05A75D4584368B2 ] GDTdiInterceptor C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
13:12:07.0988 0x0e50  GDTdiInterceptor - ok
13:12:08.0004 0x0e50  [ 5DC17164F66380CBFEFD895C18467773, E1174E0F95E9F343528162EFF5D4BA60C68477353FC6BDA61C19134687F50906 ] GearAspiWDM     C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
13:12:08.0004 0x0e50  GearAspiWDM - ok
13:12:08.0051 0x0e50  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:12:08.0051 0x0e50  Gpc - ok
13:12:08.0066 0x0e50  [ 818E093C026FDD2384F1A0D1A1E732A8, 0632C14CD33849CCC110248C63EC30FF226CA1CB11026567417A78AD0534BBFF ] GRD             C:\WINDOWS\system32\drivers\GRD.sys
13:12:08.0082 0x0e50  GRD - ok
13:12:08.0113 0x0e50  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
13:12:08.0113 0x0e50  gupdate - ok
13:12:08.0129 0x0e50  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
13:12:08.0129 0x0e50  gupdatem - ok
13:12:08.0144 0x0e50  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
13:12:08.0160 0x0e50  gusvc - ok
13:12:08.0191 0x0e50  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:12:08.0207 0x0e50  HDAudBus - ok
13:12:08.0269 0x0e50  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:12:08.0269 0x0e50  helpsvc - ok
13:12:08.0301 0x0e50  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
13:12:08.0301 0x0e50  HidServ - ok
13:12:08.0316 0x0e50  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:12:08.0316 0x0e50  hidusb - ok
13:12:08.0348 0x0e50  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
13:12:08.0348 0x0e50  hkmsvc - ok
13:12:08.0379 0x0e50  [ 5827FBDF7ECBC56FCBC006BDB408FDCC, FA68EE30774BD17E99A6C5782F18CA5ED39751A5A72295F57E68B252AEDB2F38 ] HookCentre      C:\WINDOWS\system32\drivers\HookCentre.sys
13:12:08.0379 0x0e50  HookCentre - ok
13:12:08.0379 0x0e50  hpn - ok
13:12:08.0426 0x0e50  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
13:12:08.0441 0x0e50  HTTP - ok
13:12:08.0457 0x0e50  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
13:12:08.0457 0x0e50  HTTPFilter - ok
13:12:08.0473 0x0e50  i2omgmt - ok
13:12:08.0473 0x0e50  i2omp - ok
13:12:08.0504 0x0e50  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:12:08.0504 0x0e50  i8042prt - ok
13:12:08.0566 0x0e50  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:12:08.0566 0x0e50  IDriverT - ok
13:12:08.0629 0x0e50  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:12:08.0676 0x0e50  idsvc - ok
13:12:08.0691 0x0e50  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
13:12:08.0691 0x0e50  Imapi - ok
13:12:08.0723 0x0e50  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
13:12:08.0738 0x0e50  ImapiService - ok
13:12:08.0738 0x0e50  ini910u - ok
13:12:09.0019 0x0e50  [ BC18E3C3CCFF1704678C057B1D032A4B, 7C6C0E4343C20003643E427A23198159670F2B413941AEF800F14546DA776C20 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:12:09.0144 0x0e50  IntcAzAudAddService - ok
13:12:09.0176 0x0e50  IntelIde - ok
13:12:09.0176 0x0e50  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:12:09.0191 0x0e50  intelppm - ok
13:12:09.0207 0x0e50  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:12:09.0207 0x0e50  Ip6Fw - ok
13:12:09.0238 0x0e50  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:12:09.0238 0x0e50  IpFilterDriver - ok
13:12:09.0254 0x0e50  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:12:09.0254 0x0e50  IpInIp - ok
13:12:09.0254 0x0e50  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:12:09.0269 0x0e50  IpNat - ok
13:12:09.0269 0x0e50  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:12:09.0269 0x0e50  IPSec - ok
13:12:09.0301 0x0e50  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
13:12:09.0301 0x0e50  IRENUM - ok
13:12:09.0316 0x0e50  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:12:09.0332 0x0e50  isapnp - ok
13:12:09.0441 0x0e50  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
13:12:09.0441 0x0e50  JavaQuickStarterService - ok
13:12:09.0457 0x0e50  [ C995C0E8B4503FAC38793BB0236AD246, 5147C90053C8DBAFA9A7E4457A03AA2BCF5EC1A7367526FD102D4B542CC357B0 ] JGOGO           C:\WINDOWS\system32\DRIVERS\JGOGO.sys
13:12:09.0457 0x0e50  JGOGO - ok
13:12:09.0473 0x0e50  [ 8F55EFD8B7D99465C16D06B345D50CA9, 8F67112FA004275AF900C9DED4CB04B9487F3E1B578D2A1F3797BAFC70EBA531 ] JRAID           C:\WINDOWS\system32\DRIVERS\jraid.sys
13:12:09.0473 0x0e50  JRAID - ok
13:12:09.0488 0x0e50  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:12:09.0504 0x0e50  Kbdclass - ok
13:12:09.0535 0x0e50  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:12:09.0535 0x0e50  kbdhid - ok
13:12:09.0551 0x0e50  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
13:12:09.0566 0x0e50  kmixer - ok
13:12:09.0582 0x0e50  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
13:12:09.0582 0x0e50  KSecDD - ok
13:12:09.0613 0x0e50  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
13:12:09.0629 0x0e50  LanmanServer - ok
13:12:09.0676 0x0e50  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:12:09.0691 0x0e50  lanmanworkstation - ok
13:12:09.0707 0x0e50  lbrtfdc - ok
13:12:09.0723 0x0e50  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
13:12:09.0723 0x0e50  LmHosts - ok
13:12:09.0754 0x0e50  [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
13:12:09.0832 0x0e50  mbamchameleon - ok
13:12:09.0879 0x0e50  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:12:10.0004 0x0e50  MBAMSwissArmy - ok
13:12:10.0019 0x0e50  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
13:12:10.0035 0x0e50  Messenger - ok
13:12:10.0051 0x0e50  [ A0DCCEA2E1FF5E3074AA35B407889033, CF578E4C3183CA4C0120503A15D0FAF3EB617791BAE95939CB2442F84938D36A ] miniusb         C:\WINDOWS\system32\Drivers\sam_miniusb.sys
13:12:10.0051 0x0e50  miniusb - ok
13:12:10.0066 0x0e50  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
13:12:10.0066 0x0e50  mnmdd - ok
13:12:10.0098 0x0e50  [ 0F668A65FDE565D0C040FAB3B5B6CAB6, 1EF3625BA185471E4B7100A343559AF1AA6C8DB7BB8BB0C0EFF7E8139E4A3448 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
13:12:10.0098 0x0e50  mnmsrvc - ok
13:12:10.0113 0x0e50  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
13:12:10.0129 0x0e50  Modem - ok
13:12:10.0207 0x0e50  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
13:12:10.0269 0x0e50  Monfilt - ok
13:12:10.0285 0x0e50  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:12:10.0301 0x0e50  Mouclass - ok
13:12:10.0301 0x0e50  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:12:10.0316 0x0e50  mouhid - ok
13:12:10.0316 0x0e50  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
13:12:10.0332 0x0e50  MountMgr - ok
13:12:10.0379 0x0e50  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
13:12:10.0394 0x0e50  MozillaMaintenance - ok
13:12:10.0410 0x0e50  [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
13:12:10.0410 0x0e50  MPE - ok
13:12:10.0426 0x0e50  mraid35x - ok
13:12:10.0441 0x0e50  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:12:10.0457 0x0e50  MRxDAV - ok
13:12:10.0519 0x0e50  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:12:10.0535 0x0e50  MRxSmb - ok
13:12:10.0551 0x0e50  [ 456213D53CD1C17F85DFE7BC1B3BF965, 17D413066EB75D734751065FAA3B123205734587BEE641B4216B4E127BB082BE ] MSDTC           C:\WINDOWS\system32\msdtc.exe
13:12:10.0566 0x0e50  MSDTC - ok
13:12:10.0566 0x0e50  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:12:10.0582 0x0e50  Msfs - ok
13:12:10.0582 0x0e50  MSIServer - ok
13:12:10.0598 0x0e50  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:12:10.0598 0x0e50  MSKSSRV - ok
13:12:10.0613 0x0e50  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:12:10.0613 0x0e50  MSPCLOCK - ok
13:12:10.0629 0x0e50  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:12:10.0629 0x0e50  MSPQM - ok
13:12:10.0644 0x0e50  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:12:10.0660 0x0e50  mssmbios - ok
13:12:10.0676 0x0e50  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:12:10.0676 0x0e50  MSTEE - ok
13:12:10.0707 0x0e50  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
13:12:10.0723 0x0e50  MTsensor - ok
13:12:10.0738 0x0e50  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
13:12:10.0738 0x0e50  Mup - ok
13:12:10.0769 0x0e50  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:12:10.0769 0x0e50  NABTSFEC - ok
13:12:10.0801 0x0e50  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
13:12:10.0816 0x0e50  napagent - ok
13:12:10.0848 0x0e50  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
13:12:10.0863 0x0e50  NDIS - ok
13:12:10.0879 0x0e50  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:12:10.0879 0x0e50  NdisIP - ok
13:12:10.0910 0x0e50  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:12:10.0926 0x0e50  NdisTapi - ok
13:12:10.0926 0x0e50  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:12:10.0941 0x0e50  Ndisuio - ok
13:12:10.0941 0x0e50  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:12:10.0957 0x0e50  NdisWan - ok
13:12:10.0988 0x0e50  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
13:12:10.0988 0x0e50  NDProxy - ok
13:12:11.0098 0x0e50  [ D554BAB5233582DAEADCD78B8495F77B, 9D359EABA7DA352E08572173592187B6C25825AD21AB8108055DCFC70E4C7E63 ] NeroMediaHomeService.4 C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
13:12:11.0113 0x0e50  NeroMediaHomeService.4 - ok
13:12:11.0129 0x0e50  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
13:12:11.0129 0x0e50  NetBIOS - ok
13:12:11.0160 0x0e50  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:12:11.0160 0x0e50  NetBT - ok
13:12:11.0191 0x0e50  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
13:12:11.0207 0x0e50  NetDDE - ok
13:12:11.0207 0x0e50  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
13:12:11.0223 0x0e50  NetDDEdsdm - ok
13:12:11.0238 0x0e50  [ A999123810480CD52869766B1E5080F9, E7514375D70241615261514441E18708E7A7611EB5865EB66CDD5DB52B64A8CA ] NetgearUDSMBus  C:\WINDOWS\system32\Drivers\NetgearUDSMBus.sys
13:12:11.0238 0x0e50  NetgearUDSMBus - ok
13:12:11.0269 0x0e50  [ E3B5A3027E78F46D9C56E23438BD61C7, 8D7735C775DED7861ECFA59E610BA70B9526AD06D68B56AADBB963E9DFE56084 ] NetgearUDSTcpBus C:\WINDOWS\system32\Drivers\NetgearUDSTcpBus.sys
13:12:11.0269 0x0e50  NetgearUDSTcpBus - ok
13:12:11.0301 0x0e50  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:12:11.0301 0x0e50  Netlogon - ok
13:12:11.0316 0x0e50  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
13:12:11.0332 0x0e50  Netman - ok
13:12:11.0379 0x0e50  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:12:11.0379 0x0e50  NetTcpPortSharing - ok
13:12:11.0410 0x0e50  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:12:11.0410 0x0e50  NIC1394 - ok
13:12:11.0441 0x0e50  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
13:12:11.0457 0x0e50  Nla - ok
13:12:11.0488 0x0e50  [ CFE3462A9E94A57DCD9676F6B7FE7F67, 87166E0B2E2D3620956FE584733AB2D94EEA664BA3F3D213BDC79FDC830F4AB6 ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
13:12:11.0488 0x0e50  nmwcd - ok
13:12:11.0535 0x0e50  [ 8F2A94F991F8C73CEC26B4B5620D1EDC, 5BE2B08C965C85F2B9FDB921589E469908293EF204D435CBEF099FE1A593D929 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
13:12:11.0535 0x0e50  nmwcdc - ok
13:12:11.0598 0x0e50  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys
13:12:11.0598 0x0e50  npf - ok
13:12:11.0598 0x0e50  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:12:11.0613 0x0e50  Npfs - ok
13:12:11.0644 0x0e50  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
13:12:11.0676 0x0e50  Ntfs - ok
13:12:11.0676 0x0e50  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
13:12:11.0676 0x0e50  NtLmSsp - ok
13:12:11.0723 0x0e50  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
13:12:11.0738 0x0e50  NtmsSvc - ok
13:12:11.0769 0x0e50  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:12:11.0769 0x0e50  Null - ok
13:12:12.0176 0x0e50  [ B9B1BB146EB9A83DCF0F5635B09D3D43, 1A630E955811E9D317B1A23B6E18658AAE1696E709213A1FA25D8B7AD171EEAE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:12:12.0410 0x0e50  nv - ok
13:12:12.0457 0x0e50  [ CC4F8220EAD1F6A38D51679708F435B9, 0A46901A282E6A8CCA5ED7CE1BE53315DBB29A9ABC590AB08625978B9AB35D17 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
13:12:12.0473 0x0e50  NVSvc - ok
13:12:12.0488 0x0e50  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:12:12.0488 0x0e50  NwlnkFlt - ok
13:12:12.0504 0x0e50  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:12:12.0504 0x0e50  NwlnkFwd - ok
13:12:12.0535 0x0e50  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:12:12.0535 0x0e50  ohci1394 - ok
13:12:12.0566 0x0e50  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
13:12:12.0582 0x0e50  ose - ok
13:12:12.0598 0x0e50  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
13:12:12.0598 0x0e50  Parport - ok
13:12:12.0613 0x0e50  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
13:12:12.0613 0x0e50  PartMgr - ok
13:12:12.0644 0x0e50  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
13:12:12.0644 0x0e50  ParVdm - ok
13:12:12.0676 0x0e50  [ 6AEAE10FB95BAEF27EBA4400D78FC568, D2302ADD7B3E30A84649AA13A20C03101F36E866771B32468A56AEC10C4F155B ] PcaSp50         C:\WINDOWS\system32\Drivers\PcaSp50.sys
13:12:12.0676 0x0e50  PcaSp50 - ok
13:12:12.0707 0x0e50  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
13:12:12.0707 0x0e50  pccsmcfd - ok
13:12:12.0723 0x0e50  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
13:12:12.0738 0x0e50  PCI - ok
13:12:12.0738 0x0e50  PCIDump - ok
13:12:12.0738 0x0e50  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
13:12:12.0738 0x0e50  PCIIde - ok
13:12:12.0785 0x0e50  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
13:12:12.0785 0x0e50  Pcmcia - ok
13:12:12.0785 0x0e50  PDCOMP - ok
13:12:12.0801 0x0e50  PDFRAME - ok
13:12:12.0801 0x0e50  PDRELI - ok
13:12:12.0801 0x0e50  PDRFRAME - ok
13:12:12.0801 0x0e50  perc2 - ok
13:12:12.0816 0x0e50  perc2hib - ok
13:12:12.0848 0x0e50  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
13:12:12.0848 0x0e50  PlugPlay - ok
13:12:12.0863 0x0e50  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
13:12:12.0863 0x0e50  PolicyAgent - ok
13:12:12.0863 0x0e50  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:12:12.0863 0x0e50  PptpMiniport - ok
13:12:12.0879 0x0e50  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:12:12.0879 0x0e50  ProtectedStorage - ok
13:12:12.0879 0x0e50  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
13:12:12.0879 0x0e50  PSched - ok
13:12:12.0894 0x0e50  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:12:12.0894 0x0e50  Ptilink - ok
13:12:12.0910 0x0e50  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:12:12.0910 0x0e50  PxHelp20 - ok
13:12:12.0910 0x0e50  ql1080 - ok
13:12:12.0926 0x0e50  Ql10wnt - ok
13:12:12.0926 0x0e50  ql12160 - ok
13:12:12.0926 0x0e50  ql1240 - ok
13:12:12.0926 0x0e50  ql1280 - ok
13:12:13.0113 0x0e50  [ 138F7963118EC710C348819C08F72230, A5ED1F4C69132944EFF1BF91F59FF0C47BA54E6C8AC2124B36BF5C8B79E16441 ] Radio.fx        C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
13:12:13.0238 0x0e50  Radio.fx - ok
13:12:13.0269 0x0e50  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:12:13.0269 0x0e50  RasAcd - ok
13:12:13.0301 0x0e50  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:12:13.0301 0x0e50  RasAuto - ok
13:12:13.0316 0x0e50  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:12:13.0332 0x0e50  Rasl2tp - ok
13:12:13.0348 0x0e50  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:12:13.0348 0x0e50  RasMan - ok
13:12:13.0363 0x0e50  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:12:13.0363 0x0e50  RasPppoe - ok
13:12:13.0363 0x0e50  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
13:12:13.0379 0x0e50  Raspti - ok
13:12:13.0394 0x0e50  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:12:13.0410 0x0e50  Rdbss - ok
13:12:13.0426 0x0e50  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:12:13.0426 0x0e50  RDPCDD - ok
13:12:13.0473 0x0e50  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
13:12:13.0488 0x0e50  RDPWD - ok
13:12:13.0535 0x0e50  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
13:12:13.0535 0x0e50  RDSessMgr - ok
13:12:13.0566 0x0e50  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
13:12:13.0566 0x0e50  redbook - ok
13:12:13.0613 0x0e50  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:12:13.0613 0x0e50  RemoteAccess - ok
13:12:13.0644 0x0e50  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
13:12:13.0644 0x0e50  RFCOMM - ok
13:12:13.0644 0x0e50  RimUsb - ok
13:12:13.0676 0x0e50  [ 2C4FB2E9F039287767C384E46EE91030, 5290E9457256C007A3FCAE246D0C536179C54D9F4B365E3143B9D0764FCBFCDB ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
13:12:13.0676 0x0e50  RimVSerPort - ok
13:12:13.0707 0x0e50  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
13:12:13.0707 0x0e50  ROOTMODEM - ok
13:12:13.0723 0x0e50  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:12:13.0723 0x0e50  RpcLocator - ok
13:12:13.0769 0x0e50  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:12:13.0769 0x0e50  RpcSs - ok
13:12:13.0801 0x0e50  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
13:12:13.0801 0x0e50  RSVP - ok
13:12:13.0832 0x0e50  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
13:12:13.0832 0x0e50  SamSs - ok
13:12:13.0863 0x0e50  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
13:12:13.0863 0x0e50  SCardSvr - ok
13:12:13.0910 0x0e50  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:12:13.0910 0x0e50  Schedule - ok
13:12:14.0066 0x0e50  [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
13:12:14.0144 0x0e50  SDScannerService - ok
13:12:14.0207 0x0e50  [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:12:14.0254 0x0e50  SDUpdateService - ok
13:12:14.0269 0x0e50  [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService    C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:12:14.0285 0x0e50  SDWSCService - ok
13:12:14.0301 0x0e50  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:12:14.0316 0x0e50  Secdrv - ok
13:12:14.0348 0x0e50  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
13:12:14.0348 0x0e50  seclogon - ok
13:12:14.0441 0x0e50  [ 7F95E7DEE68E937E8E00AA4536BE7EE3, 0A727866B55D255B919A03A1D15CFDD3B90A701F72B4A4EF85D3AC0C3BB07C5F ] sehobilu        C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp
13:12:14.0441 0x0e50  Suspicious file ( NoAccess ): C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp. md5: 7F95E7DEE68E937E8E00AA4536BE7EE3, sha256: 0A727866B55D255B919A03A1D15CFDD3B90A701F72B4A4EF85D3AC0C3BB07C5F
13:12:14.0441 0x0e50  sehobilu - detected LockedFile.Multi.Generic ( 1 )
13:12:17.0223 0x0e50  Detect turned to UDS exact due to KSN untrusted
13:12:17.0394 0x0e50  sehobilu ( UDS:DangerousObject.Multi.Generic ) - infected
13:12:17.0394 0x0e50  Force sending object to P2P due to detect: sehobilu
13:12:27.0894 0x0e50  Object send P2P result: true
13:12:30.0582 0x0e50  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
13:12:30.0598 0x0e50  SENS - ok
13:12:30.0613 0x0e50  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
13:12:30.0613 0x0e50  serenum - ok
13:12:30.0613 0x0e50  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
13:12:30.0629 0x0e50  Serial - ok
13:12:30.0707 0x0e50  [ 8C1F87F5FDD92229D1754B98F073913F, DF97A2B8C337E80998E93934CC616AD46A8853232AEB6EF456ABC5C174A3C301 ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe
13:12:30.0738 0x0e50  ServiceLayer - ok
13:12:30.0785 0x0e50  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
13:12:30.0801 0x0e50  Sfloppy - ok
13:12:30.0832 0x0e50  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:12:30.0848 0x0e50  SharedAccess - ok
13:12:30.0863 0x0e50  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:12:30.0879 0x0e50  ShellHWDetection - ok
13:12:30.0879 0x0e50  Simbad - ok
13:12:30.0910 0x0e50  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
13:12:30.0941 0x0e50  SkypeUpdate - ok
13:12:30.0973 0x0e50  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:12:30.0973 0x0e50  SLIP - ok
13:12:30.0988 0x0e50  [ 16DF9EB32C66B435876E100E4E17C1C8, 4AB76A29C1DD90D99D56764F2B07243F050605D18B758C5D1837EBB578169030 ] SODI            C:\WINDOWS\system32\DRIVERS\sam_miniport.sys
13:12:30.0988 0x0e50  SODI - ok
13:12:31.0019 0x0e50  [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
13:12:31.0019 0x0e50  SONYPVU1 - ok
13:12:31.0035 0x0e50  Sparrow - ok
13:12:31.0066 0x0e50  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
13:12:31.0066 0x0e50  splitter - ok
13:12:31.0113 0x0e50  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
13:12:31.0113 0x0e50  Spooler - ok
13:12:31.0176 0x0e50  [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
13:12:31.0332 0x0e50  sptd - ok
13:12:31.0363 0x0e50  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
13:12:31.0363 0x0e50  sr - ok
13:12:31.0379 0x0e50  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
13:12:31.0394 0x0e50  srservice - ok
13:12:31.0426 0x0e50  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:12:31.0457 0x0e50  Srv - ok
13:12:31.0488 0x0e50  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:12:31.0504 0x0e50  SSDPSRV - ok
13:12:31.0535 0x0e50  [ A2DBCC4C8860449DF1AB758EA28B4DE0, 90D46D4D888DF6D58F61F3F9CFD1627D516507B7A668F40EA873579FB487A8D9 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
13:12:31.0535 0x0e50  StillCam - ok
13:12:31.0566 0x0e50  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
13:12:31.0598 0x0e50  stisvc - ok
13:12:31.0613 0x0e50  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:12:31.0629 0x0e50  streamip - ok
13:12:31.0644 0x0e50  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
13:12:31.0644 0x0e50  swenum - ok
13:12:31.0660 0x0e50  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
13:12:31.0660 0x0e50  swmidi - ok
13:12:31.0676 0x0e50  SwPrv - ok
13:12:31.0676 0x0e50  symc810 - ok
13:12:31.0691 0x0e50  symc8xx - ok
13:12:31.0691 0x0e50  sym_hi - ok
13:12:31.0691 0x0e50  sym_u3 - ok
13:12:31.0707 0x0e50  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
13:12:31.0707 0x0e50  sysaudio - ok
13:12:31.0738 0x0e50  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
13:12:31.0738 0x0e50  SysmonLog - ok
13:12:31.0769 0x0e50  [ 1E89DE7A4FB7A854EBB241D0AA8996DD, D7D4793B70A9DF5C06F71716CC33A2F3BE925C142511F9919609FD9BFBAD403B ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
13:12:31.0769 0x0e50  tap0901 - ok
13:12:31.0816 0x0e50  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:12:31.0832 0x0e50  TapiSrv - ok
13:12:31.0879 0x0e50  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:12:31.0910 0x0e50  Tcpip - ok
13:12:31.0957 0x0e50  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
13:12:31.0957 0x0e50  TDPIPE - ok
13:12:31.0988 0x0e50  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
13:12:31.0988 0x0e50  TDTCP - ok
13:12:32.0004 0x0e50  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
13:12:32.0004 0x0e50  TermDD - ok
13:12:32.0035 0x0e50  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
13:12:32.0051 0x0e50  TermService - ok
13:12:32.0082 0x0e50  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
13:12:32.0082 0x0e50  Themes - ok
13:12:32.0098 0x0e50  TosIde - ok
13:12:32.0129 0x0e50  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
13:12:32.0144 0x0e50  TrkWks - ok
13:12:32.0176 0x0e50  [ 8E9E23BA3244683DA353F3DC386E476D, 4A05F961F7CBF15FB89A9DE53D64A460E28762523D540771E87CF9FA3C98231B ] TTCinergyT2     C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys
13:12:32.0191 0x0e50  TTCinergyT2 - ok
13:12:32.0332 0x0e50  [ A7970C9D73DC5430EE5882F0E086CF0B, 50E7277A536E34EEB97EB249E4F90ED606B4D04385CC52A2C59DEA3092EA51FA ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
13:12:32.0410 0x0e50  TuneUp.UtilitiesSvc - ok
13:12:32.0441 0x0e50  [ 94C4CD2D19B8C4137A46261F229FEC24, 8D04198DF5E080DC28C137D6FAAD47EC7386DA0CA968EEA2D9D3A5BD7690DA88 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
13:12:32.0441 0x0e50  TuneUpUtilitiesDrv - ok
13:12:32.0473 0x0e50  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
13:12:32.0488 0x0e50  Udfs - ok
13:12:32.0488 0x0e50  ultra - ok
13:12:32.0504 0x0e50  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
13:12:32.0519 0x0e50  Update - ok
13:12:32.0566 0x0e50  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:12:32.0582 0x0e50  upnphost - ok
13:12:32.0598 0x0e50  [ EC01DA44B090D2651FC032C8B9257232, 2850772CC583788A2BCD907215DB3A8E5FF583ABCAD1627CBB921BDC376E1165 ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
13:12:32.0598 0x0e50  upperdev - ok
13:12:32.0629 0x0e50  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
13:12:32.0629 0x0e50  UPS - ok
13:12:32.0644 0x0e50  USBAAPL - ok
13:12:32.0660 0x0e50  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
13:12:32.0660 0x0e50  usbaudio - ok
13:12:32.0691 0x0e50  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:12:32.0707 0x0e50  usbccgp - ok
13:12:32.0707 0x0e50  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:12:32.0723 0x0e50  usbehci - ok
13:12:32.0738 0x0e50  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:12:32.0738 0x0e50  usbhub - ok
13:12:32.0754 0x0e50  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:12:32.0754 0x0e50  usbprint - ok
13:12:32.0785 0x0e50  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:12:32.0801 0x0e50  usbscan - ok
13:12:32.0832 0x0e50  [ 84C44D720655A8AA475E57A9E764D675, 2D450199338A217FBD951317812A74223E8B477974C7634667E8896316C3FEA0 ] usbser          C:\WINDOWS\system32\drivers\usbser.sys
13:12:32.0832 0x0e50  usbser - ok
13:12:32.0863 0x0e50  [ 4ABD37CFBD710E64F01F9DA8710C73F7, E9AFAD89C2BB78C698C7C34C7CAD1C17A0261A1F75E5BA6EFE5E6B5FB28A21E6 ] UsbserFilt      C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
13:12:32.0863 0x0e50  UsbserFilt - ok
13:12:32.0894 0x0e50  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:12:32.0894 0x0e50  USBSTOR - ok
13:12:32.0910 0x0e50  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:12:32.0910 0x0e50  usbuhci - ok
13:12:32.0941 0x0e50  [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
13:12:32.0941 0x0e50  usb_rndisx - ok
13:12:32.0973 0x0e50  [ C39337EAF0047706E9CD3AA5756D2BF9, 2A9E2DB8563F9F7CA2D4B08D15ABB8BD60485EC97F5554FCFBF05E759C412A23 ] UxTuneUp        C:\WINDOWS\System32\uxtuneup.dll
13:12:32.0973 0x0e50  UxTuneUp - ok
13:12:32.0988 0x0e50  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
13:12:33.0004 0x0e50  VgaSave - ok
13:12:33.0004 0x0e50  ViaIde - ok
13:12:33.0019 0x0e50  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
13:12:33.0035 0x0e50  VolSnap - ok
13:12:33.0066 0x0e50  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
13:12:33.0082 0x0e50  VSS - ok
13:12:33.0113 0x0e50  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
13:12:33.0129 0x0e50  W32Time - ok
13:12:33.0144 0x0e50  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:12:33.0144 0x0e50  Wanarp - ok
13:12:33.0191 0x0e50  [ 4A954A20A4C73D6DB13C0FE25F3F1B0C, 01E763616687720E16EA3FEF48769BD14E77599B4247E60392A957DC9E69E8D7 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
13:12:33.0191 0x0e50  wceusbsh - ok
13:12:33.0238 0x0e50  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
13:12:33.0254 0x0e50  Wdf01000 - ok
13:12:33.0254 0x0e50  WDICA - ok
13:12:33.0285 0x0e50  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
13:12:33.0285 0x0e50  wdmaud - ok
13:12:33.0332 0x0e50  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:12:33.0348 0x0e50  WebClient - ok
13:12:33.0426 0x0e50  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:12:33.0426 0x0e50  winmgmt - ok
13:12:33.0473 0x0e50  [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
13:12:33.0488 0x0e50  WinUSB - ok
13:12:33.0504 0x0e50  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
13:12:33.0504 0x0e50  WmdmPmSN - ok
13:12:33.0535 0x0e50  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:12:33.0551 0x0e50  WmiApSrv - ok
13:12:33.0629 0x0e50  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
13:12:33.0676 0x0e50  WMPNetworkSvc - ok
13:12:33.0707 0x0e50  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:12:33.0707 0x0e50  WpdUsb - ok
13:12:33.0785 0x0e50  [ 7CAEC4665452072662496CFCCAB727E2, 25771639042557CD1A348C405DCC7DD75DDC50323195A5833D9DAEEA442218B5 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:12:33.0848 0x0e50  WPFFontCache_v0400 - ok
13:12:33.0879 0x0e50  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:12:33.0879 0x0e50  WS2IFSL - ok
13:12:33.0926 0x0e50  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
13:12:33.0941 0x0e50  wscsvc - ok
13:12:33.0973 0x0e50  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:12:33.0973 0x0e50  WSTCODEC - ok
13:12:33.0988 0x0e50  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
13:12:33.0988 0x0e50  wuauserv - ok
13:12:34.0019 0x0e50  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:12:34.0019 0x0e50  WudfPf - ok
13:12:34.0051 0x0e50  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:12:34.0066 0x0e50  WudfRd - ok
13:12:34.0082 0x0e50  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
13:12:34.0098 0x0e50  WudfSvc - ok
13:12:34.0129 0x0e50  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
13:12:34.0144 0x0e50  WZCSVC - ok
13:12:34.0176 0x0e50  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
13:12:34.0238 0x0e50  xmlprov - ok
13:12:34.0254 0x0e50  ================ Scan global ===============================
13:12:34.0269 0x0e50  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
13:12:34.0332 0x0e50  [ A32C6B1B3B44E82FDD9B43D29FC082F4, 71FA5FEA51849599B356CFD809F88EE616809FACCD23645E323AAE183C970D1B ] C:\WINDOWS\system32\winsrv.dll
13:12:34.0363 0x0e50  [ A32C6B1B3B44E82FDD9B43D29FC082F4, 71FA5FEA51849599B356CFD809F88EE616809FACCD23645E323AAE183C970D1B ] C:\WINDOWS\system32\winsrv.dll
13:12:34.0394 0x0e50  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
13:12:34.0394 0x0e50  [ Global ] - ok
13:12:34.0394 0x0e50  ================ Scan MBR ==================================
13:12:34.0410 0x0e50  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
13:12:34.0660 0x0e50  \Device\Harddisk0\DR0 - ok
13:12:34.0660 0x0e50  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:12:34.0660 0x0e50  \Device\Harddisk1\DR1 - ok
13:12:34.0676 0x0e50  ================ Scan VBR ==================================
13:12:34.0676 0x0e50  [ AB0CE67269FE2D8FCE1BA176107D5F81 ] \Device\Harddisk0\DR0\Partition1
13:12:34.0676 0x0e50  \Device\Harddisk0\DR0\Partition1 - ok
13:12:34.0676 0x0e50  [ CFBF5D6BC68902B7D357999EFDFF2839 ] \Device\Harddisk1\DR1\Partition1
13:12:34.0676 0x0e50  \Device\Harddisk1\DR1\Partition1 - ok
13:12:34.0676 0x0e50  ================ Scan generic autorun ======================
13:12:34.0691 0x0e50  NvCplDaemon - ok
13:12:34.0879 0x0e50  [ 8C2DB4B2962D47DF7F21935DBEAF5E88, 1691E5837F334856F68E90FAD04575F8FD6B1DADF28621B0F53933E5EA5575E6 ] C:\Programme\NVIDIA Corporation\nView\nwiz.exe
13:12:34.0957 0x0e50  nwiz - ok
13:12:35.0004 0x0e50  [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\WINDOWS\RaidTool\xInsIDE.exe
13:12:35.0004 0x0e50  JMB36X IDE Setup - ok
13:12:35.0019 0x0e50  BluetoothAuthenticationAgent - ok
13:12:35.0113 0x0e50  [ E251DD212E50BC9262D067296B2E5788, C0F11517E9948471AD4C3679F72216CDCAA6551B861F0E9DE54A787BDA6A8154 ] C:\WINDOWS\system32\xRaidSetup.exe
13:12:35.0223 0x0e50  36X Raid Configurer - ok
13:12:35.0769 0x0e50  [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Programme\Browny02\Brother\BrStMonW.exe
13:12:35.0926 0x0e50  BrStsMon00 - ok
13:12:36.0301 0x0e50  [ D61D8F8C35D885E8910A0862B305FADD, 2CF557979781E9489AAC64AC7F54E8BD17655537FFD1ED1458124F44CFD6C14F ] C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
13:12:36.0316 0x0e50  GDFirewallTray - ok
13:12:36.0488 0x0e50  [ 39A38A0AB033B2A0B42C2FEAC02ED63E, EB1558832FB820DC1DE0C448473C57B532A666FE0FD52E30CED13DE6641777AE ] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe
13:12:36.0551 0x0e50  G DATA AntiVirus Trayapplication - ok
13:12:36.0723 0x0e50  [ D2084C2112CBA266E08ED2A601E3C020, 3AFE7A6A4577636687A6556896D810D894A796891BC44E65E1DE9D4F787D2FB6 ] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
13:12:36.0738 0x0e50  SMSTray - ok
13:12:36.0754 0x0e50  NvMediaCenter - ok
13:12:36.0801 0x0e50  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Programme\Brother\ControlCenter3\brctrcen.exe
13:12:36.0816 0x0e50  ControlCenter3 - ok
13:12:37.0019 0x0e50  [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Programme\Spybot - Search & Destroy 2\SDTray.exe
13:12:37.0191 0x0e50  SDTray - ok
13:12:37.0223 0x0e50  C-Media Mixer - ok
13:12:37.0254 0x0e50  [ 7270F0B822CB67F0C32BEF7FB00CA4D4, B9C80CD4DB93DD6681F4898013EE49C81EB9F736BCF01B3BB820AB569B9A576B ] C:\WINDOWS\system32\CTFMON.EXE
13:12:37.0254 0x0e50  CTFMON.EXE - ok
13:12:37.0254 0x0e50  [ 7270F0B822CB67F0C32BEF7FB00CA4D4, B9C80CD4DB93DD6681F4898013EE49C81EB9F736BCF01B3BB820AB569B9A576B ] C:\WINDOWS\system32\ctfmon.exe
13:12:37.0254 0x0e50  CTFMON.EXE - ok
13:12:37.0285 0x0e50  [ F27BB501324FCB90BD8EF29774B00DB2, EA700B00EF9F551871A03E7017B77115731CD45E617BC7400CC3B490C015E304 ] C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe
13:12:37.0316 0x0e50  SpriteService - ok
13:12:37.0410 0x0e50  [ E2C15D9CC646F3EC08795DE23FD9718C, 80C246FCFB62682B22ED90305683BC201E750434D51802667A8E50637BCBA229 ] C:\Programme\Microsoft ActiveSync\wcescomm.exe
13:12:37.0457 0x0e50  H/PC Connection Agent - ok
13:12:37.0629 0x0e50  [ 2AD0F05760D8901DE213C0A666840DA5, 675DE8C585386733F8B2712FE3C76FB7BB77F25A610DE11D01360A49167C6760 ] C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe
13:12:37.0691 0x0e50  Remote Control Editor - ok
13:12:37.0973 0x0e50  [ A75228DE9117A017BC7A3B44953B2648, 9AA3D2F883F187620612CD7CA3871187B8181ACE9EF918C31A74DBAAF2F81A60 ] C:\Programme\CCleaner\ccleaner.exe
13:12:38.0191 0x0e50  CCleaner Monitoring - ok
13:12:38.0488 0x0e50  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
13:12:38.0644 0x0e50  Amazon Music - ok
13:12:38.0801 0x0e50  [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
13:12:38.0848 0x0e50  WSHelperSetup.exe - ok
13:12:38.0879 0x0e50  [ 7270F0B822CB67F0C32BEF7FB00CA4D4, B9C80CD4DB93DD6681F4898013EE49C81EB9F736BCF01B3BB820AB569B9A576B ] C:\WINDOWS\system32\CTFMON.EXE
13:12:38.0879 0x0e50  CTFMON.EXE - ok
13:12:38.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:39.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:40.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:41.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:42.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:43.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:44.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:45.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:46.0879 0x0e50  Waiting for KSN requests completion. In queue: 95
13:12:47.0957 0x0e50  AV detected via SS1: G Data InternetSecurity 2010, 18.0, enabled, updated
13:12:47.0957 0x0e50  FW detected via SS1: G Data Personal Firewall, 1.0, enabled
13:12:50.0644 0x0e50  ============================================================
13:12:50.0644 0x0e50  Scan finished
13:12:50.0644 0x0e50  ============================================================
13:12:50.0660 0x0950  Detected object count: 1
13:12:50.0660 0x0950  Actual detected object count: 1
13:17:51.0004 0x0950  sehobilu ( UDS:DangerousObject.Multi.Generic ) - skipped by user
13:17:51.0004 0x0950  sehobilu ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip

schrauber · 12.04.2015, 18:35

Is ja auch süss

Man darf an der Kiste nur eben keinerlei Passwörter mehr benutzen und auch keine Geldgeschäfte mehr machen.

Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"

Drücke auf Start Scan.
Mache während dem Scan nichts am Rechner
Gehe sicher das Cure ( default ) angehackt ist !
Drücke Continue --> Reboot.

TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es eine Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Grit1962 · 13.04.2015, 06:57

was auch immer du- und die Programme gemacht haben, ich merkte förmlich, wie meine alte Dame erleichtert aufatmet nachdem Combofix lief. Allerdings finde ich zum verrecken keine combofix.txt, die ich poste könnte. Das Programm lief anstandslos und recht flott, es gab keine Haken, die ich noch hätte setzen müssen, wegen Widerherstellungskomode.

Jetzt muckt G-Data nicht mehr auf. Das Schätzchen ist flotter unterwegs.
Danke Dir Mr. Best-Schrauber

Hier kommen die Ergebnisse:

Code:

ATTFilter

23:38:26.0848 0x1eb8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
23:38:35.0644 0x1eb8  ============================================================
23:38:35.0644 0x1eb8  Current date / time: 2015/04/12 23:38:35.0644
23:38:35.0644 0x1eb8  SystemInfo:
23:38:35.0644 0x1eb8  
23:38:35.0644 0x1eb8  OS Version: 5.1.2600 ServicePack: 3.0
23:38:35.0644 0x1eb8  Product type: Workstation
23:38:35.0644 0x1eb8  ComputerName: WOJAN-A1D7AE3E1
23:38:35.0644 0x1eb8  UserName: Albert
23:38:35.0644 0x1eb8  Windows directory: C:\WINDOWS
23:38:35.0644 0x1eb8  System windows directory: C:\WINDOWS
23:38:35.0644 0x1eb8  Processor architecture: Intel x86
23:38:35.0644 0x1eb8  Number of processors: 2
23:38:35.0644 0x1eb8  Page size: 0x1000
23:38:35.0644 0x1eb8  Boot type: Normal boot
23:38:35.0644 0x1eb8  ============================================================
23:38:37.0676 0x1eb8  KLMD registered as C:\WINDOWS\system32\drivers\78386512.sys
23:38:37.0801 0x1eb8  System UUID: {20697C2E-9D14-6FD2-653D-4E25CA2A697F}
23:38:38.0379 0x1eb8  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:38:38.0394 0x1eb8  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:38:38.0410 0x1eb8  ============================================================
23:38:38.0410 0x1eb8  \Device\Harddisk0\DR0:
23:38:38.0410 0x1eb8  MBR partitions:
23:38:38.0410 0x1eb8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
23:38:38.0410 0x1eb8  \Device\Harddisk1\DR1:
23:38:38.0410 0x1eb8  MBR partitions:
23:38:38.0410 0x1eb8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:38:38.0410 0x1eb8  ============================================================
23:38:38.0441 0x1eb8  C: <-> \Device\Harddisk0\DR0\Partition1
23:38:38.0566 0x1eb8  D: <-> \Device\Harddisk1\DR1\Partition1
23:38:38.0566 0x1eb8  ============================================================
23:38:38.0566 0x1eb8  Initialize success
23:38:38.0566 0x1eb8  ============================================================
23:39:03.0363 0x1718  ============================================================
23:39:03.0363 0x1718  Scan started
23:39:03.0363 0x1718  Mode: Manual; 
23:39:03.0363 0x1718  ============================================================
23:39:03.0363 0x1718  KSN ping started
23:39:06.0035 0x1718  KSN ping finished: true
23:39:06.0613 0x1718  ================ Scan system memory ========================
23:39:06.0613 0x1718  System memory - ok
23:39:06.0613 0x1718  ================ Scan services =============================
23:39:06.0754 0x1718  [ 0FA0C466DADC85055D7E9698DA4DE5D5, E332EF24165075ACC90E7A3E6896852AB9194D30451468517C8F51CE9914325F ] AbilisT         C:\WINDOWS\system32\Drivers\AbilisBdaTuner.sys
23:39:06.0769 0x1718  AbilisT - ok
23:39:06.0926 0x1718  Abiosdsk - ok
23:39:06.0926 0x1718  abp480n5 - ok
23:39:07.0019 0x1718  [ 83AC3133B5770E08F925636A1F96C1E6, 5689169D12FFA35F1CBC70584B1C5ACDFB860FE9C222AFCEEDD338DF1200C518 ] ACDaemon        C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
23:39:07.0019 0x1718  ACDaemon - ok
23:39:07.0066 0x1718  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:39:07.0082 0x1718  ACPI - ok
23:39:07.0113 0x1718  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
23:39:07.0113 0x1718  ACPIEC - ok
23:39:07.0191 0x1718  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:39:07.0207 0x1718  AdobeFlashPlayerUpdateSvc - ok
23:39:07.0207 0x1718  adpu160m - ok
23:39:07.0254 0x1718  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
23:39:07.0269 0x1718  aec - ok
23:39:07.0285 0x1718  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB580D2D44FA8C23C ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
23:39:07.0301 0x1718  Afc - ok
23:39:07.0332 0x1718  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
23:39:07.0332 0x1718  AFD - ok
23:39:07.0332 0x1718  Aha154x - ok
23:39:07.0348 0x1718  aic78u2 - ok
23:39:07.0363 0x1718  aic78xx - ok
23:39:07.0394 0x1718  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
23:39:07.0394 0x1718  Alerter - ok
23:39:07.0410 0x1718  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
23:39:07.0410 0x1718  ALG - ok
23:39:07.0426 0x1718  AliIde - ok
23:39:07.0535 0x1718  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
23:39:07.0613 0x1718  Ambfilt - ok
23:39:07.0613 0x1718  amsint - ok
23:39:07.0629 0x1718  AppMgmt - ok
23:39:07.0629 0x1718  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:39:07.0629 0x1718  Arp1394 - ok
23:39:07.0644 0x1718  asc - ok
23:39:07.0644 0x1718  asc3350p - ok
23:39:07.0644 0x1718  asc3550 - ok
23:39:07.0723 0x1718  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:39:07.0769 0x1718  aspnet_state - ok
23:39:07.0785 0x1718  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:39:07.0801 0x1718  AsyncMac - ok
23:39:07.0832 0x1718  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
23:39:07.0832 0x1718  atapi - ok
23:39:07.0879 0x1718  [ 19F277BC4CE5689F20F347A6B8AA8C42, 2810AB6D9C9F143FF6CE8FC01901A785956891A3D2A53416FC6D6EF799D0FB15 ] AtcL001         C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
23:39:07.0879 0x1718  AtcL001 - ok
23:39:07.0879 0x1718  Atdisk - ok
23:39:07.0910 0x1718  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:39:07.0910 0x1718  Atmarpc - ok
23:39:07.0941 0x1718  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
23:39:07.0941 0x1718  AudioSrv - ok
23:39:07.0988 0x1718  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
23:39:07.0988 0x1718  audstub - ok
23:39:08.0098 0x1718  [ 780AC17E6C1B5A35AB5A2BA58212EA55, 88E1A828B55860E07B0E7A41AFD1D00CFCFD5C0C16CC5D2881682698A2DBE93F ] AVKProxy        C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
23:39:08.0113 0x1718  AVKProxy - ok
23:39:08.0144 0x1718  [ EB024C7DFCFBC24117BABD07B4020D81, DBDDD1E2BA95C3A976F38962598886F86F2F0B64366690EA6D124AA611A3121F ] AVKService      C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
23:39:08.0160 0x1718  AVKService - ok
23:39:08.0223 0x1718  [ 360E4F34D4FD87A432639A48054954EA, 71FC7EAEE74A0500690507475276192D82CC979D1EEF234BFC19827AB90CE7A7 ] AVKWCtl         C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
23:39:08.0285 0x1718  AVKWCtl - ok
23:39:08.0316 0x1718  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:39:08.0316 0x1718  Beep - ok
23:39:08.0379 0x1718  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
23:39:08.0519 0x1718  BITS - ok
23:39:08.0566 0x1718  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
23:39:08.0566 0x1718  Browser - ok
23:39:08.0613 0x1718  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Programme\Browny02\BrYNSvc.exe
23:39:08.0629 0x1718  BrYNSvc - ok
23:39:08.0660 0x1718  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
23:39:08.0660 0x1718  BthEnum - ok
23:39:08.0676 0x1718  [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
23:39:08.0691 0x1718  BTHMODEM - ok
23:39:08.0723 0x1718  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
23:39:08.0738 0x1718  BthPan - ok
23:39:08.0769 0x1718  [ 592E1CEDBE314D0EF184DC6F46141E76, D69106F90C56C1E67BA4B96D6766C6676B66D0E0DF8358DA4B75FEFF211AA23E ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
23:39:08.0785 0x1718  BTHPORT - ok
23:39:08.0816 0x1718  [ 26C601EF7525E31379744ABFC6F35A1B, 842626D3A00DDA959A4AB730C0D551244DCDA15AC291FD70CC7324571A6088EC ] BthServ         C:\WINDOWS\System32\bthserv.dll
23:39:08.0816 0x1718  BthServ - ok
23:39:08.0848 0x1718  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
23:39:08.0863 0x1718  BTHUSB - ok
23:39:08.0973 0x1718  catchme - ok
23:39:09.0019 0x1718  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
23:39:09.0019 0x1718  cbidf2k - ok
23:39:09.0051 0x1718  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:39:09.0051 0x1718  CCDECODE - ok
23:39:09.0051 0x1718  cd20xrnt - ok
23:39:09.0082 0x1718  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
23:39:09.0082 0x1718  Cdaudio - ok
23:39:09.0113 0x1718  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
23:39:09.0113 0x1718  Cdfs - ok
23:39:09.0144 0x1718  [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:39:09.0160 0x1718  Cdrom - ok
23:39:09.0191 0x1718  [ C9503EED292DB41937C22F620FDAA39C, F39E2CD0F0A458E6012C97284BB636A785815353FF09E59DD5AB96C36E2EC5D0 ] cglptnt         C:\totalcmd\cglptnt.sys
23:39:09.0207 0x1718  cglptnt - ok
23:39:09.0207 0x1718  Changer - ok
23:39:09.0223 0x1718  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
23:39:09.0223 0x1718  CiSvc - ok
23:39:09.0254 0x1718  [ DEDE0F8CE1E220E641D9C5E4353D0A2A, AE37440CBE0CDF318189460152F471488DE193D786962D699E68CB7BFCC52CCF ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
23:39:09.0254 0x1718  ClipSrv - ok
23:39:09.0316 0x1718  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:39:09.0363 0x1718  clr_optimization_v2.0.50727_32 - ok
23:39:09.0394 0x1718  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:39:09.0441 0x1718  clr_optimization_v4.0.30319_32 - ok
23:39:09.0441 0x1718  CmdIde - ok
23:39:09.0473 0x1718  [ E5842CCF0953D3D46D5E26427B67E901, 4F3A87E015F81085F1AA8B57351AAA8B79D3C48DDF9D25FFD595E55A3BE506AF ] cmpci           C:\WINDOWS\system32\drivers\cmaudio.sys
23:39:09.0504 0x1718  cmpci - ok
23:39:09.0504 0x1718  cmuda3 - ok
23:39:09.0519 0x1718  COMSysApp - ok
23:39:09.0519 0x1718  Cpqarray - ok
23:39:09.0551 0x1718  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
23:39:09.0566 0x1718  CryptSvc - ok
23:39:09.0566 0x1718  dac2w2k - ok
23:39:09.0566 0x1718  dac960nt - ok
23:39:09.0629 0x1718  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:39:09.0644 0x1718  DcomLaunch - ok
23:39:09.0660 0x1718  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
23:39:09.0676 0x1718  Dhcp - ok
23:39:09.0691 0x1718  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
23:39:09.0691 0x1718  Disk - ok
23:39:09.0691 0x1718  dmadmin - ok
23:39:09.0754 0x1718  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
23:39:09.0785 0x1718  dmboot - ok
23:39:09.0801 0x1718  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
23:39:09.0816 0x1718  dmio - ok
23:39:09.0848 0x1718  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
23:39:09.0848 0x1718  dmload - ok
23:39:09.0863 0x1718  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
23:39:09.0863 0x1718  dmserver - ok
23:39:09.0894 0x1718  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
23:39:09.0910 0x1718  DMusic - ok
23:39:09.0926 0x1718  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:39:09.0926 0x1718  Dnscache - ok
23:39:09.0957 0x1718  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:39:09.0957 0x1718  Dot3svc - ok
23:39:09.0973 0x1718  dpti2o - ok
23:39:09.0988 0x1718  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:39:09.0988 0x1718  drmkaud - ok
23:39:10.0004 0x1718  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
23:39:10.0019 0x1718  EapHost - ok
23:39:10.0019 0x1718  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
23:39:10.0035 0x1718  ERSvc - ok
23:39:10.0051 0x1718  esgiguard - ok
23:39:10.0066 0x1718  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
23:39:10.0082 0x1718  Eventlog - ok
23:39:10.0129 0x1718  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
23:39:10.0129 0x1718  EventSystem - ok
23:39:10.0144 0x1718  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
23:39:10.0160 0x1718  Fastfat - ok
23:39:10.0207 0x1718  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:39:10.0207 0x1718  FastUserSwitchingCompatibility - ok
23:39:10.0223 0x1718  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
23:39:10.0223 0x1718  Fdc - ok
23:39:10.0238 0x1718  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
23:39:10.0238 0x1718  Fips - ok
23:39:10.0394 0x1718  [ 167D24A045499EBEF438F231976158DF, 237F1495BA79D9082D6B383FE9AC5C6154A6F76F181000401F5790236EB57301 ] FirebirdServerMAGIXInstance C:\Programme\MAGIX\Common\Database\bin\fbserver.exe
23:39:10.0457 0x1718  FirebirdServerMAGIXInstance - ok
23:39:10.0473 0x1718  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:39:10.0488 0x1718  Flpydisk - ok
23:39:10.0519 0x1718  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:39:10.0519 0x1718  FltMgr - ok
23:39:10.0566 0x1718  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:39:10.0582 0x1718  FontCache3.0.0.0 - ok
23:39:10.0613 0x1718  [ 07605743F3F7E2ECAA84E86EA9F2B509, 245AD7921535DBE5683258E82AC2AB33BA057A6624056E7FE4D171475B0233D5 ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
23:39:10.0629 0x1718  FreemakeVideoCapture - ok
23:39:10.0660 0x1718  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS
23:39:10.0660 0x1718  FsUsbExDisk - ok
23:39:10.0707 0x1718  [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService  C:\WINDOWS\system32\FsUsbExService.Exe
23:39:10.0723 0x1718  FsUsbExService - ok
23:39:10.0723 0x1718  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:39:10.0723 0x1718  Fs_Rec - ok
23:39:10.0738 0x1718  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:39:10.0738 0x1718  Ftdisk - ok
23:39:10.0769 0x1718  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
23:39:10.0769 0x1718  gameenum - ok
23:39:10.0785 0x1718  [ D54A94BB49EC52A930EB39A3EB4F43C6, 8B679A71FCF35E6F34468FD6D7A022EA09877274937246D75B75BE648FE42200 ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
23:39:10.0785 0x1718  GDBehave - ok
23:39:10.0879 0x1718  [ 476B1500901D17A357E3EA691087D26E, 9A4080A4510A1320B021398D44FB305A23B25EEA4B8AE15D4A61A85623EC4375 ] GDFwSvc         C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
23:39:10.0957 0x1718  GDFwSvc - ok
23:39:11.0019 0x1718  [ 76E409E9264E6732359F89FBCAC098A7, EF5D3292A46E0A3AF91B8EA18D7EB3E8EEEDAEFAD61B31FDF8876477D4D0A6C5 ] GDMnIcpt        C:\WINDOWS\system32\drivers\MiniIcpt.sys
23:39:11.0035 0x1718  GDMnIcpt - ok
23:39:11.0082 0x1718  [ AED237AE592D28AB80E3745F12376B59, 2E3FBA485A0DC51F2F229F485997B8C8FCF53CFBE61FD28C3975EDE048893D01 ] GDNdisIc        C:\WINDOWS\system32\drivers\GDNdisIc.sys
23:39:11.0082 0x1718  GDNdisIc - ok
23:39:11.0144 0x1718  [ D31F31342349964E245EAAC1BDC5F6A6, 4D42BF84B3EDE59D11EA90AC1CEB92741CCA8115D8041CF03BEDC0CC6467FB45 ] GDScan          C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
23:39:11.0160 0x1718  GDScan - ok
23:39:11.0176 0x1718  [ 77D1174D9EC1CC80808DE6614AE4C243, B7053D1DD54A570328188B2DB41DDCE8462FBE6D45790B27A05A75D4584368B2 ] GDTdiInterceptor C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
23:39:11.0191 0x1718  GDTdiInterceptor - ok
23:39:11.0207 0x1718  [ 5DC17164F66380CBFEFD895C18467773, E1174E0F95E9F343528162EFF5D4BA60C68477353FC6BDA61C19134687F50906 ] GearAspiWDM     C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
23:39:11.0207 0x1718  GearAspiWDM - ok
23:39:11.0269 0x1718  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:39:11.0269 0x1718  Gpc - ok
23:39:11.0285 0x1718  [ 818E093C026FDD2384F1A0D1A1E732A8, 0632C14CD33849CCC110248C63EC30FF226CA1CB11026567417A78AD0534BBFF ] GRD             C:\WINDOWS\system32\drivers\GRD.sys
23:39:11.0285 0x1718  GRD - ok
23:39:11.0316 0x1718  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
23:39:11.0316 0x1718  gupdate - ok
23:39:11.0332 0x1718  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
23:39:11.0332 0x1718  gupdatem - ok
23:39:11.0363 0x1718  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
23:39:11.0379 0x1718  gusvc - ok
23:39:11.0410 0x1718  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:39:11.0426 0x1718  HDAudBus - ok
23:39:11.0488 0x1718  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:39:11.0488 0x1718  helpsvc - ok
23:39:11.0504 0x1718  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
23:39:11.0504 0x1718  HidServ - ok
23:39:11.0519 0x1718  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:39:11.0519 0x1718  hidusb - ok
23:39:11.0535 0x1718  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
23:39:11.0551 0x1718  hkmsvc - ok
23:39:11.0566 0x1718  [ 5827FBDF7ECBC56FCBC006BDB408FDCC, FA68EE30774BD17E99A6C5782F18CA5ED39751A5A72295F57E68B252AEDB2F38 ] HookCentre      C:\WINDOWS\system32\drivers\HookCentre.sys
23:39:11.0566 0x1718  HookCentre - ok
23:39:11.0582 0x1718  hpn - ok
23:39:11.0613 0x1718  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
23:39:11.0629 0x1718  HTTP - ok
23:39:11.0644 0x1718  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
23:39:11.0660 0x1718  HTTPFilter - ok
23:39:11.0660 0x1718  i2omgmt - ok
23:39:11.0660 0x1718  i2omp - ok
23:39:11.0676 0x1718  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:39:11.0676 0x1718  i8042prt - ok
23:39:11.0738 0x1718  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:39:11.0738 0x1718  IDriverT - ok
23:39:11.0816 0x1718  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:39:11.0863 0x1718  idsvc - ok
23:39:11.0879 0x1718  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
23:39:11.0879 0x1718  Imapi - ok
23:39:11.0910 0x1718  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
23:39:11.0926 0x1718  ImapiService - ok
23:39:11.0926 0x1718  ini910u - ok
23:39:12.0223 0x1718  [ BC18E3C3CCFF1704678C057B1D032A4B, 7C6C0E4343C20003643E427A23198159670F2B413941AEF800F14546DA776C20 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:39:12.0363 0x1718  IntcAzAudAddService - ok
23:39:12.0379 0x1718  IntelIde - ok
23:39:12.0394 0x1718  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:39:12.0394 0x1718  intelppm - ok
23:39:12.0410 0x1718  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:39:12.0426 0x1718  Ip6Fw - ok
23:39:12.0441 0x1718  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:39:12.0441 0x1718  IpFilterDriver - ok
23:39:12.0457 0x1718  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:39:12.0457 0x1718  IpInIp - ok
23:39:12.0473 0x1718  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:39:12.0473 0x1718  IpNat - ok
23:39:12.0488 0x1718  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:39:12.0488 0x1718  IPSec - ok
23:39:12.0504 0x1718  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
23:39:12.0504 0x1718  IRENUM - ok
23:39:12.0535 0x1718  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:39:12.0551 0x1718  isapnp - ok
23:39:12.0660 0x1718  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
23:39:12.0676 0x1718  JavaQuickStarterService - ok
23:39:12.0691 0x1718  [ C995C0E8B4503FAC38793BB0236AD246, 5147C90053C8DBAFA9A7E4457A03AA2BCF5EC1A7367526FD102D4B542CC357B0 ] JGOGO           C:\WINDOWS\system32\DRIVERS\JGOGO.sys
23:39:12.0691 0x1718  JGOGO - ok
23:39:12.0691 0x1718  [ 8F55EFD8B7D99465C16D06B345D50CA9, 8F67112FA004275AF900C9DED4CB04B9487F3E1B578D2A1F3797BAFC70EBA531 ] JRAID           C:\WINDOWS\system32\DRIVERS\jraid.sys
23:39:12.0707 0x1718  JRAID - ok
23:39:12.0723 0x1718  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:39:12.0723 0x1718  Kbdclass - ok
23:39:12.0754 0x1718  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:39:12.0754 0x1718  kbdhid - ok
23:39:12.0785 0x1718  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
23:39:12.0785 0x1718  kmixer - ok
23:39:12.0816 0x1718  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
23:39:12.0816 0x1718  KSecDD - ok
23:39:12.0848 0x1718  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
23:39:12.0848 0x1718  LanmanServer - ok
23:39:12.0894 0x1718  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:39:12.0926 0x1718  lanmanworkstation - ok
23:39:12.0926 0x1718  lbrtfdc - ok
23:39:12.0957 0x1718  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
23:39:12.0957 0x1718  LmHosts - ok
23:39:13.0004 0x1718  [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
23:39:13.0019 0x1718  mbamchameleon - ok
23:39:13.0035 0x1718  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
23:39:13.0051 0x1718  Messenger - ok
23:39:13.0082 0x1718  [ A0DCCEA2E1FF5E3074AA35B407889033, CF578E4C3183CA4C0120503A15D0FAF3EB617791BAE95939CB2442F84938D36A ] miniusb         C:\WINDOWS\system32\Drivers\sam_miniusb.sys
23:39:13.0082 0x1718  miniusb - ok
23:39:13.0113 0x1718  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
23:39:13.0129 0x1718  mnmdd - ok
23:39:13.0176 0x1718  [ 0F668A65FDE565D0C040FAB3B5B6CAB6, 1EF3625BA185471E4B7100A343559AF1AA6C8DB7BB8BB0C0EFF7E8139E4A3448 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
23:39:13.0176 0x1718  mnmsrvc - ok
23:39:13.0191 0x1718  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
23:39:13.0207 0x1718  Modem - ok
23:39:13.0285 0x1718  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
23:39:13.0348 0x1718  Monfilt - ok
23:39:13.0363 0x1718  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:39:13.0379 0x1718  Mouclass - ok
23:39:13.0379 0x1718  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:39:13.0394 0x1718  mouhid - ok
23:39:13.0394 0x1718  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
23:39:13.0394 0x1718  MountMgr - ok
23:39:13.0457 0x1718  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
23:39:13.0457 0x1718  MozillaMaintenance - ok
23:39:13.0488 0x1718  [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
23:39:13.0488 0x1718  MPE - ok
23:39:13.0488 0x1718  mraid35x - ok
23:39:13.0519 0x1718  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:39:13.0519 0x1718  MRxDAV - ok
23:39:13.0582 0x1718  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:39:13.0598 0x1718  MRxSmb - ok
23:39:13.0629 0x1718  [ 456213D53CD1C17F85DFE7BC1B3BF965, 17D413066EB75D734751065FAA3B123205734587BEE641B4216B4E127BB082BE ] MSDTC           C:\WINDOWS\system32\msdtc.exe
23:39:13.0769 0x1718  MSDTC - ok
23:39:13.0785 0x1718  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:39:13.0785 0x1718  Msfs - ok
23:39:13.0801 0x1718  MSIServer - ok
23:39:13.0816 0x1718  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:39:13.0816 0x1718  MSKSSRV - ok
23:39:13.0832 0x1718  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:39:13.0832 0x1718  MSPCLOCK - ok
23:39:13.0848 0x1718  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:39:13.0848 0x1718  MSPQM - ok
23:39:13.0879 0x1718  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:39:13.0879 0x1718  mssmbios - ok
23:39:13.0894 0x1718  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:39:13.0910 0x1718  MSTEE - ok
23:39:13.0926 0x1718  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
23:39:13.0926 0x1718  MTsensor - ok
23:39:13.0973 0x1718  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
23:39:13.0988 0x1718  Mup - ok
23:39:14.0004 0x1718  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:39:14.0019 0x1718  NABTSFEC - ok
23:39:14.0051 0x1718  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
23:39:14.0082 0x1718  napagent - ok
23:39:14.0113 0x1718  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
23:39:14.0129 0x1718  NDIS - ok
23:39:14.0144 0x1718  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:39:14.0144 0x1718  NdisIP - ok
23:39:14.0176 0x1718  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:39:14.0176 0x1718  NdisTapi - ok
23:39:14.0207 0x1718  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:39:14.0207 0x1718  Ndisuio - ok
23:39:14.0223 0x1718  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:39:14.0223 0x1718  NdisWan - ok
23:39:14.0269 0x1718  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:39:14.0269 0x1718  NDProxy - ok
23:39:14.0363 0x1718  [ D554BAB5233582DAEADCD78B8495F77B, 9D359EABA7DA352E08572173592187B6C25825AD21AB8108055DCFC70E4C7E63 ] NeroMediaHomeService.4 C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
23:39:14.0394 0x1718  NeroMediaHomeService.4 - ok
23:39:14.0426 0x1718  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:39:14.0426 0x1718  NetBIOS - ok
23:39:14.0457 0x1718  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:39:14.0473 0x1718  NetBT - ok
23:39:14.0504 0x1718  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
23:39:14.0519 0x1718  NetDDE - ok
23:39:14.0519 0x1718  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
23:39:14.0519 0x1718  NetDDEdsdm - ok
23:39:14.0535 0x1718  [ A999123810480CD52869766B1E5080F9, E7514375D70241615261514441E18708E7A7611EB5865EB66CDD5DB52B64A8CA ] NetgearUDSMBus  C:\WINDOWS\system32\Drivers\NetgearUDSMBus.sys
23:39:14.0551 0x1718  NetgearUDSMBus - ok
23:39:14.0566 0x1718  [ E3B5A3027E78F46D9C56E23438BD61C7, 8D7735C775DED7861ECFA59E610BA70B9526AD06D68B56AADBB963E9DFE56084 ] NetgearUDSTcpBus C:\WINDOWS\system32\Drivers\NetgearUDSTcpBus.sys
23:39:14.0582 0x1718  NetgearUDSTcpBus - ok
23:39:14.0613 0x1718  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:39:14.0613 0x1718  Netlogon - ok
23:39:14.0644 0x1718  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
23:39:14.0676 0x1718  Netman - ok
23:39:14.0707 0x1718  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:39:14.0754 0x1718  NetTcpPortSharing - ok
23:39:14.0785 0x1718  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:39:14.0801 0x1718  NIC1394 - ok
23:39:14.0832 0x1718  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
23:39:14.0863 0x1718  Nla - ok
23:39:14.0894 0x1718  [ CFE3462A9E94A57DCD9676F6B7FE7F67, 87166E0B2E2D3620956FE584733AB2D94EEA664BA3F3D213BDC79FDC830F4AB6 ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
23:39:14.0894 0x1718  nmwcd - ok
23:39:14.0910 0x1718  [ 8F2A94F991F8C73CEC26B4B5620D1EDC, 5BE2B08C965C85F2B9FDB921589E469908293EF204D435CBEF099FE1A593D929 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
23:39:14.0926 0x1718  nmwcdc - ok
23:39:14.0957 0x1718  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys
23:39:14.0957 0x1718  npf - ok
23:39:14.0973 0x1718  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:39:14.0973 0x1718  Npfs - ok
23:39:15.0019 0x1718  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:39:15.0051 0x1718  Ntfs - ok
23:39:15.0051 0x1718  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
23:39:15.0066 0x1718  NtLmSsp - ok
23:39:15.0098 0x1718  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
23:39:15.0129 0x1718  NtmsSvc - ok
23:39:15.0144 0x1718  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:39:15.0144 0x1718  Null - ok
23:39:15.0551 0x1718  [ B9B1BB146EB9A83DCF0F5635B09D3D43, 1A630E955811E9D317B1A23B6E18658AAE1696E709213A1FA25D8B7AD171EEAE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:39:15.0769 0x1718  nv - ok
23:39:15.0832 0x1718  [ CC4F8220EAD1F6A38D51679708F435B9, 0A46901A282E6A8CCA5ED7CE1BE53315DBB29A9ABC590AB08625978B9AB35D17 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
23:39:15.0832 0x1718  NVSvc - ok
23:39:15.0863 0x1718  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:39:15.0863 0x1718  NwlnkFlt - ok
23:39:15.0879 0x1718  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:39:15.0879 0x1718  NwlnkFwd - ok
23:39:15.0894 0x1718  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:39:15.0910 0x1718  ohci1394 - ok
23:39:15.0941 0x1718  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
23:39:15.0941 0x1718  ose - ok
23:39:15.0973 0x1718  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
23:39:15.0988 0x1718  Parport - ok
23:39:15.0988 0x1718  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
23:39:15.0988 0x1718  PartMgr - ok
23:39:16.0019 0x1718  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
23:39:16.0019 0x1718  ParVdm - ok
23:39:16.0051 0x1718  [ 6AEAE10FB95BAEF27EBA4400D78FC568, D2302ADD7B3E30A84649AA13A20C03101F36E866771B32468A56AEC10C4F155B ] PcaSp50         C:\WINDOWS\system32\Drivers\PcaSp50.sys
23:39:16.0051 0x1718  PcaSp50 - ok
23:39:16.0082 0x1718  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
23:39:16.0082 0x1718  pccsmcfd - ok
23:39:16.0098 0x1718  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
23:39:16.0098 0x1718  PCI - ok
23:39:16.0098 0x1718  PCIDump - ok
23:39:16.0113 0x1718  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
23:39:16.0113 0x1718  PCIIde - ok
23:39:16.0144 0x1718  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
23:39:16.0144 0x1718  Pcmcia - ok
23:39:16.0160 0x1718  PDCOMP - ok
23:39:16.0160 0x1718  PDFRAME - ok
23:39:16.0160 0x1718  PDRELI - ok
23:39:16.0176 0x1718  PDRFRAME - ok
23:39:16.0176 0x1718  perc2 - ok
23:39:16.0176 0x1718  perc2hib - ok
23:39:16.0207 0x1718  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
23:39:16.0207 0x1718  PlugPlay - ok
23:39:16.0223 0x1718  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
23:39:16.0223 0x1718  PolicyAgent - ok
23:39:16.0223 0x1718  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:39:16.0223 0x1718  PptpMiniport - ok
23:39:16.0223 0x1718  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:39:16.0223 0x1718  ProtectedStorage - ok
23:39:16.0238 0x1718  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
23:39:16.0238 0x1718  PSched - ok
23:39:16.0238 0x1718  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:39:16.0238 0x1718  Ptilink - ok
23:39:16.0269 0x1718  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:39:16.0269 0x1718  PxHelp20 - ok
23:39:16.0269 0x1718  ql1080 - ok
23:39:16.0285 0x1718  Ql10wnt - ok
23:39:16.0285 0x1718  ql12160 - ok
23:39:16.0285 0x1718  ql1240 - ok
23:39:16.0285 0x1718  ql1280 - ok
23:39:16.0457 0x1718  [ 138F7963118EC710C348819C08F72230, A5ED1F4C69132944EFF1BF91F59FF0C47BA54E6C8AC2124B36BF5C8B79E16441 ] Radio.fx        C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
23:39:16.0582 0x1718  Radio.fx - ok
23:39:16.0629 0x1718  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:39:16.0629 0x1718  RasAcd - ok
23:39:16.0644 0x1718  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:39:16.0644 0x1718  RasAuto - ok
23:39:16.0676 0x1718  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:39:16.0691 0x1718  Rasl2tp - ok
23:39:16.0707 0x1718  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:39:16.0707 0x1718  RasMan - ok
23:39:16.0723 0x1718  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:39:16.0723 0x1718  RasPppoe - ok
23:39:16.0723 0x1718  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
23:39:16.0723 0x1718  Raspti - ok
23:39:16.0754 0x1718  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:39:16.0754 0x1718  Rdbss - ok
23:39:16.0769 0x1718  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:39:16.0769 0x1718  RDPCDD - ok
23:39:16.0801 0x1718  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
23:39:16.0816 0x1718  RDPWD - ok
23:39:16.0848 0x1718  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
23:39:16.0863 0x1718  RDSessMgr - ok
23:39:16.0879 0x1718  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
23:39:16.0879 0x1718  redbook - ok
23:39:16.0926 0x1718  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:39:16.0926 0x1718  RemoteAccess - ok
23:39:16.0941 0x1718  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
23:39:16.0957 0x1718  RFCOMM - ok
23:39:16.0957 0x1718  RimUsb - ok
23:39:17.0019 0x1718  [ 2C4FB2E9F039287767C384E46EE91030, 5290E9457256C007A3FCAE246D0C536179C54D9F4B365E3143B9D0764FCBFCDB ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
23:39:17.0019 0x1718  RimVSerPort - ok
23:39:17.0051 0x1718  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
23:39:17.0051 0x1718  ROOTMODEM - ok
23:39:17.0066 0x1718  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:39:17.0066 0x1718  RpcLocator - ok
23:39:17.0113 0x1718  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:39:17.0129 0x1718  RpcSs - ok
23:39:17.0144 0x1718  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
23:39:17.0144 0x1718  RSVP - ok
23:39:17.0176 0x1718  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:39:17.0176 0x1718  SamSs - ok
23:39:17.0207 0x1718  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
23:39:17.0207 0x1718  SCardSvr - ok
23:39:17.0238 0x1718  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:39:17.0254 0x1718  Schedule - ok
23:39:17.0394 0x1718  [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
23:39:17.0473 0x1718  SDScannerService - ok
23:39:17.0519 0x1718  [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
23:39:17.0551 0x1718  SDUpdateService - ok
23:39:17.0582 0x1718  [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService    C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
23:39:17.0598 0x1718  SDWSCService - ok
23:39:17.0629 0x1718  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:39:17.0629 0x1718  Secdrv - ok
23:39:17.0660 0x1718  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
23:39:17.0660 0x1718  seclogon - ok
23:39:17.0738 0x1718  [ 7F95E7DEE68E937E8E00AA4536BE7EE3, 0A727866B55D255B919A03A1D15CFDD3B90A701F72B4A4EF85D3AC0C3BB07C5F ] sehobilu        C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp
23:39:17.0738 0x1718  Suspicious file ( NoAccess ): C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp. md5: 7F95E7DEE68E937E8E00AA4536BE7EE3, sha256: 0A727866B55D255B919A03A1D15CFDD3B90A701F72B4A4EF85D3AC0C3BB07C5F
23:39:17.0738 0x1718  sehobilu - detected LockedFile.Multi.Generic ( 1 )
23:39:20.0379 0x1718  Detect turned to UDS exact due to KSN untrusted
23:39:20.0504 0x1718  sehobilu ( UDS:DangerousObject.Multi.Generic ) - infected
23:39:20.0504 0x1718  Force sending object to P2P due to detect: sehobilu
23:39:23.0379 0x1718  Object send P2P result: true
23:39:26.0144 0x1718  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
23:39:26.0144 0x1718  SENS - ok
23:39:26.0176 0x1718  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
23:39:26.0176 0x1718  serenum - ok
23:39:26.0191 0x1718  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
23:39:26.0191 0x1718  Serial - ok
23:39:26.0269 0x1718  [ 8C1F87F5FDD92229D1754B98F073913F, DF97A2B8C337E80998E93934CC616AD46A8853232AEB6EF456ABC5C174A3C301 ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe
23:39:26.0301 0x1718  ServiceLayer - ok
23:39:26.0332 0x1718  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
23:39:26.0332 0x1718  Sfloppy - ok
23:39:26.0363 0x1718  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:39:26.0379 0x1718  SharedAccess - ok
23:39:26.0394 0x1718  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:39:26.0410 0x1718  ShellHWDetection - ok
23:39:26.0410 0x1718  Simbad - ok
23:39:26.0441 0x1718  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
23:39:26.0457 0x1718  SkypeUpdate - ok
23:39:26.0488 0x1718  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:39:26.0488 0x1718  SLIP - ok
23:39:26.0519 0x1718  [ 16DF9EB32C66B435876E100E4E17C1C8, 4AB76A29C1DD90D99D56764F2B07243F050605D18B758C5D1837EBB578169030 ] SODI            C:\WINDOWS\system32\DRIVERS\sam_miniport.sys
23:39:26.0519 0x1718  SODI - ok
23:39:26.0535 0x1718  [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
23:39:26.0566 0x1718  SONYPVU1 - ok
23:39:26.0566 0x1718  Sparrow - ok
23:39:26.0598 0x1718  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
23:39:26.0598 0x1718  splitter - ok
23:39:26.0644 0x1718  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
23:39:26.0644 0x1718  Spooler - ok
23:39:26.0707 0x1718  [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
23:39:26.0723 0x1718  sptd - ok
23:39:26.0754 0x1718  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
23:39:26.0754 0x1718  sr - ok
23:39:26.0769 0x1718  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
23:39:26.0785 0x1718  srservice - ok
23:39:26.0816 0x1718  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:39:26.0848 0x1718  Srv - ok
23:39:26.0879 0x1718  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:39:26.0894 0x1718  SSDPSRV - ok
23:39:26.0926 0x1718  [ A2DBCC4C8860449DF1AB758EA28B4DE0, 90D46D4D888DF6D58F61F3F9CFD1627D516507B7A668F40EA873579FB487A8D9 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
23:39:26.0926 0x1718  StillCam - ok
23:39:26.0941 0x1718  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
23:39:26.0973 0x1718  stisvc - ok
23:39:26.0988 0x1718  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:39:26.0988 0x1718  streamip - ok
23:39:27.0019 0x1718  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
23:39:27.0019 0x1718  swenum - ok
23:39:27.0035 0x1718  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
23:39:27.0035 0x1718  swmidi - ok
23:39:27.0035 0x1718  SwPrv - ok
23:39:27.0051 0x1718  symc810 - ok
23:39:27.0066 0x1718  symc8xx - ok
23:39:27.0082 0x1718  sym_hi - ok
23:39:27.0082 0x1718  sym_u3 - ok
23:39:27.0082 0x1718  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
23:39:27.0098 0x1718  sysaudio - ok
23:39:27.0113 0x1718  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
23:39:27.0129 0x1718  SysmonLog - ok
23:39:27.0144 0x1718  [ 1E89DE7A4FB7A854EBB241D0AA8996DD, D7D4793B70A9DF5C06F71716CC33A2F3BE925C142511F9919609FD9BFBAD403B ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
23:39:27.0160 0x1718  tap0901 - ok
23:39:27.0176 0x1718  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:39:27.0191 0x1718  TapiSrv - ok
23:39:27.0238 0x1718  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:39:27.0238 0x1718  Tcpip - ok
23:39:27.0269 0x1718  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
23:39:27.0285 0x1718  TDPIPE - ok
23:39:27.0285 0x1718  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
23:39:27.0285 0x1718  TDTCP - ok
23:39:27.0301 0x1718  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
23:39:27.0301 0x1718  TermDD - ok
23:39:27.0332 0x1718  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
23:39:27.0332 0x1718  TermService - ok
23:39:27.0348 0x1718  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
23:39:27.0348 0x1718  Themes - ok
23:39:27.0363 0x1718  TosIde - ok
23:39:27.0394 0x1718  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
23:39:27.0394 0x1718  TrkWks - ok
23:39:27.0441 0x1718  [ 8E9E23BA3244683DA353F3DC386E476D, 4A05F961F7CBF15FB89A9DE53D64A460E28762523D540771E87CF9FA3C98231B ] TTCinergyT2     C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys
23:39:27.0441 0x1718  TTCinergyT2 - ok
23:39:27.0566 0x1718  [ A7970C9D73DC5430EE5882F0E086CF0B, 50E7277A536E34EEB97EB249E4F90ED606B4D04385CC52A2C59DEA3092EA51FA ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
23:39:27.0613 0x1718  TuneUp.UtilitiesSvc - ok
23:39:27.0644 0x1718  [ 94C4CD2D19B8C4137A46261F229FEC24, 8D04198DF5E080DC28C137D6FAAD47EC7386DA0CA968EEA2D9D3A5BD7690DA88 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
23:39:27.0644 0x1718  TuneUpUtilitiesDrv - ok
23:39:27.0676 0x1718  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
23:39:27.0691 0x1718  Udfs - ok
23:39:27.0691 0x1718  ultra - ok
23:39:27.0707 0x1718  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
23:39:27.0738 0x1718  Update - ok
23:39:27.0769 0x1718  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:39:27.0785 0x1718  upnphost - ok
23:39:27.0816 0x1718  [ EC01DA44B090D2651FC032C8B9257232, 2850772CC583788A2BCD907215DB3A8E5FF583ABCAD1627CBB921BDC376E1165 ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
23:39:27.0816 0x1718  upperdev - ok
23:39:27.0832 0x1718  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
23:39:27.0848 0x1718  UPS - ok
23:39:27.0848 0x1718  USBAAPL - ok
23:39:27.0863 0x1718  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:39:27.0879 0x1718  usbaudio - ok
23:39:27.0910 0x1718  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:39:27.0910 0x1718  usbccgp - ok
23:39:27.0926 0x1718  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:39:27.0926 0x1718  usbehci - ok
23:39:27.0957 0x1718  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:39:27.0957 0x1718  usbhub - ok
23:39:27.0973 0x1718  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:39:27.0973 0x1718  usbprint - ok
23:39:28.0004 0x1718  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:39:28.0004 0x1718  usbscan - ok
23:39:28.0019 0x1718  [ 84C44D720655A8AA475E57A9E764D675, 2D450199338A217FBD951317812A74223E8B477974C7634667E8896316C3FEA0 ] usbser          C:\WINDOWS\system32\drivers\usbser.sys
23:39:28.0019 0x1718  usbser - ok
23:39:28.0051 0x1718  [ 4ABD37CFBD710E64F01F9DA8710C73F7, E9AFAD89C2BB78C698C7C34C7CAD1C17A0261A1F75E5BA6EFE5E6B5FB28A21E6 ] UsbserFilt      C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
23:39:28.0051 0x1718  UsbserFilt - ok
23:39:28.0082 0x1718  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:39:28.0082 0x1718  USBSTOR - ok
23:39:28.0082 0x1718  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:39:28.0082 0x1718  usbuhci - ok
23:39:28.0113 0x1718  [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
23:39:28.0113 0x1718  usb_rndisx - ok
23:39:28.0144 0x1718  [ C39337EAF0047706E9CD3AA5756D2BF9, 2A9E2DB8563F9F7CA2D4B08D15ABB8BD60485EC97F5554FCFBF05E759C412A23 ] UxTuneUp        C:\WINDOWS\System32\uxtuneup.dll
23:39:28.0160 0x1718  UxTuneUp - ok
23:39:28.0176 0x1718  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
23:39:28.0176 0x1718  VgaSave - ok
23:39:28.0176 0x1718  ViaIde - ok
23:39:28.0191 0x1718  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
23:39:28.0191 0x1718  VolSnap - ok
23:39:28.0223 0x1718  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
23:39:28.0238 0x1718  VSS - ok
23:39:28.0285 0x1718  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
23:39:28.0301 0x1718  W32Time - ok
23:39:28.0301 0x1718  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:39:28.0316 0x1718  Wanarp - ok
23:39:28.0348 0x1718  [ 4A954A20A4C73D6DB13C0FE25F3F1B0C, 01E763616687720E16EA3FEF48769BD14E77599B4247E60392A957DC9E69E8D7 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
23:39:28.0348 0x1718  wceusbsh - ok
23:39:28.0394 0x1718  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
23:39:28.0410 0x1718  Wdf01000 - ok
23:39:28.0410 0x1718  WDICA - ok
23:39:28.0441 0x1718  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
23:39:28.0441 0x1718  wdmaud - ok
23:39:28.0473 0x1718  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:39:28.0473 0x1718  WebClient - ok
23:39:28.0551 0x1718  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:39:28.0551 0x1718  winmgmt - ok
23:39:28.0598 0x1718  [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:39:28.0598 0x1718  WinUSB - ok
23:39:28.0629 0x1718  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
23:39:28.0629 0x1718  WmdmPmSN - ok
23:39:28.0660 0x1718  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:39:28.0660 0x1718  WmiApSrv - ok
23:39:28.0738 0x1718  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
23:39:28.0769 0x1718  WMPNetworkSvc - ok
23:39:28.0801 0x1718  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
23:39:28.0801 0x1718  WpdUsb - ok
23:39:28.0879 0x1718  [ 7CAEC4665452072662496CFCCAB727E2, 25771639042557CD1A348C405DCC7DD75DDC50323195A5833D9DAEEA442218B5 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:39:28.0957 0x1718  WPFFontCache_v0400 - ok
23:39:29.0004 0x1718  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:39:29.0004 0x1718  WS2IFSL - ok
23:39:29.0066 0x1718  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
23:39:29.0098 0x1718  wscsvc - ok
23:39:29.0113 0x1718  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:39:29.0129 0x1718  WSTCODEC - ok
23:39:29.0144 0x1718  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
23:39:29.0144 0x1718  wuauserv - ok
23:39:29.0191 0x1718  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:39:29.0191 0x1718  WudfPf - ok
23:39:29.0207 0x1718  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:39:29.0223 0x1718  WudfRd - ok
23:39:29.0238 0x1718  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
23:39:29.0254 0x1718  WudfSvc - ok
23:39:29.0285 0x1718  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
23:39:29.0301 0x1718  WZCSVC - ok
23:39:29.0332 0x1718  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
23:39:29.0379 0x1718  xmlprov - ok
23:39:29.0410 0x1718  ================ Scan global ===============================
23:39:29.0441 0x1718  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
23:39:29.0473 0x1718  [ A32C6B1B3B44E82FDD9B43D29FC082F4, 71FA5FEA51849599B356CFD809F88EE616809FACCD23645E323AAE183C970D1B ] C:\WINDOWS\system32\winsrv.dll
23:39:29.0504 0x1718  [ A32C6B1B3B44E82FDD9B43D29FC082F4, 71FA5FEA51849599B356CFD809F88EE616809FACCD23645E323AAE183C970D1B ] C:\WINDOWS\system32\winsrv.dll
23:39:29.0535 0x1718  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
23:39:29.0551 0x1718  [ Global ] - ok
23:39:29.0551 0x1718  ================ Scan MBR ==================================
23:39:29.0566 0x1718  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
23:39:29.0754 0x1718  \Device\Harddisk0\DR0 - ok
23:39:29.0754 0x1718  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:39:29.0769 0x1718  \Device\Harddisk1\DR1 - ok
23:39:29.0769 0x1718  ================ Scan VBR ==================================
23:39:29.0769 0x1718  [ AB0CE67269FE2D8FCE1BA176107D5F81 ] \Device\Harddisk0\DR0\Partition1
23:39:29.0769 0x1718  \Device\Harddisk0\DR0\Partition1 - ok
23:39:29.0769 0x1718  [ CFBF5D6BC68902B7D357999EFDFF2839 ] \Device\Harddisk1\DR1\Partition1
23:39:29.0785 0x1718  \Device\Harddisk1\DR1\Partition1 - ok
23:39:29.0785 0x1718  ================ Scan generic autorun ======================
23:39:29.0785 0x1718  NvCplDaemon - ok
23:39:29.0957 0x1718  [ 8C2DB4B2962D47DF7F21935DBEAF5E88, 1691E5837F334856F68E90FAD04575F8FD6B1DADF28621B0F53933E5EA5575E6 ] C:\Programme\NVIDIA Corporation\nView\nwiz.exe
23:39:30.0035 0x1718  nwiz - ok
23:39:30.0082 0x1718  [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\WINDOWS\RaidTool\xInsIDE.exe
23:39:30.0082 0x1718  JMB36X IDE Setup - ok
23:39:30.0082 0x1718  BluetoothAuthenticationAgent - ok
23:39:30.0191 0x1718  [ E251DD212E50BC9262D067296B2E5788, C0F11517E9948471AD4C3679F72216CDCAA6551B861F0E9DE54A787BDA6A8154 ] C:\WINDOWS\system32\xRaidSetup.exe
23:39:30.0269 0x1718  36X Raid Configurer - ok
23:39:30.0394 0x1718  [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Programme\Browny02\Brother\BrStMonW.exe
23:39:30.0457 0x1718  BrStsMon00 - ok
23:39:30.0535 0x1718  [ D61D8F8C35D885E8910A0862B305FADD, 2CF557979781E9489AAC64AC7F54E8BD17655537FFD1ED1458124F44CFD6C14F ] C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
23:39:30.0551 0x1718  GDFirewallTray - ok
23:39:30.0598 0x1718  [ 39A38A0AB033B2A0B42C2FEAC02ED63E, EB1558832FB820DC1DE0C448473C57B532A666FE0FD52E30CED13DE6641777AE ] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe
23:39:30.0629 0x1718  G DATA AntiVirus Trayapplication - ok
23:39:30.0707 0x1718  [ D2084C2112CBA266E08ED2A601E3C020, 3AFE7A6A4577636687A6556896D810D894A796891BC44E65E1DE9D4F787D2FB6 ] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
23:39:30.0707 0x1718  SMSTray - ok
23:39:30.0723 0x1718  NvMediaCenter - ok
23:39:30.0754 0x1718  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Programme\Brother\ControlCenter3\brctrcen.exe
23:39:30.0769 0x1718  ControlCenter3 - ok
23:39:30.0988 0x1718  [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Programme\Spybot - Search & Destroy 2\SDTray.exe
23:39:31.0176 0x1718  SDTray - ok
23:39:31.0191 0x1718  C-Media Mixer - ok
23:39:31.0223 0x1718  [ 7270F0B822CB67F0C32BEF7FB00CA4D4, B9C80CD4DB93DD6681F4898013EE49C81EB9F736BCF01B3BB820AB569B9A576B ] C:\WINDOWS\system32\CTFMON.EXE
23:39:31.0223 0x1718  CTFMON.EXE - ok
23:39:31.0223 0x1718  [ 7270F0B822CB67F0C32BEF7FB00CA4D4, B9C80CD4DB93DD6681F4898013EE49C81EB9F736BCF01B3BB820AB569B9A576B ] C:\WINDOWS\system32\ctfmon.exe
23:39:31.0223 0x1718  CTFMON.EXE - ok
23:39:31.0269 0x1718  [ F27BB501324FCB90BD8EF29774B00DB2, EA700B00EF9F551871A03E7017B77115731CD45E617BC7400CC3B490C015E304 ] C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe
23:39:31.0285 0x1718  SpriteService - ok
23:39:31.0394 0x1718  [ E2C15D9CC646F3EC08795DE23FD9718C, 80C246FCFB62682B22ED90305683BC201E750434D51802667A8E50637BCBA229 ] C:\Programme\Microsoft ActiveSync\wcescomm.exe
23:39:31.0426 0x1718  H/PC Connection Agent - ok
23:39:31.0582 0x1718  [ 2AD0F05760D8901DE213C0A666840DA5, 675DE8C585386733F8B2712FE3C76FB7BB77F25A610DE11D01360A49167C6760 ] C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe
23:39:31.0629 0x1718  Remote Control Editor - ok
23:39:31.0848 0x1718  [ A75228DE9117A017BC7A3B44953B2648, 9AA3D2F883F187620612CD7CA3871187B8181ACE9EF918C31A74DBAAF2F81A60 ] C:\Programme\CCleaner\ccleaner.exe
23:39:32.0004 0x1718  CCleaner Monitoring - ok
23:39:32.0285 0x1718  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
23:39:32.0426 0x1718  Amazon Music - ok
23:39:32.0551 0x1718  [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
23:39:32.0613 0x1718  WSHelperSetup.exe - ok
23:39:32.0613 0x1718  Adobe Speed Launcher - ok
23:39:32.0644 0x1718  [ 7270F0B822CB67F0C32BEF7FB00CA4D4, B9C80CD4DB93DD6681F4898013EE49C81EB9F736BCF01B3BB820AB569B9A576B ] C:\WINDOWS\system32\CTFMON.EXE
23:39:32.0644 0x1718  CTFMON.EXE - ok
23:39:32.0644 0x1718  Waiting for KSN requests completion. In queue: 95
23:39:33.0644 0x1718  Waiting for KSN requests completion. In queue: 95
23:39:34.0644 0x1718  Waiting for KSN requests completion. In queue: 95
23:39:35.0738 0x1718  AV detected via SS1: G Data InternetSecurity 2010, 18.0, enabled, updated
23:39:35.0738 0x1718  FW detected via SS1: G Data Personal Firewall, 1.0, enabled
23:39:38.0379 0x1718  ============================================================
23:39:38.0379 0x1718  Scan finished
23:39:38.0379 0x1718  ============================================================
23:39:38.0379 0x19bc  Detected object count: 1
23:39:38.0379 0x19bc  Actual detected object count: 1
23:41:27.0629 0x19bc  C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp - copied to quarantine
23:41:27.0629 0x19bc  HKLM\SYSTEM\ControlSet001\services\sehobilu - will be deleted on reboot
23:41:27.0629 0x19bc  HKLM\SYSTEM\ControlSet002\services\sehobilu - will be deleted on reboot
23:41:27.0660 0x19bc  C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\jnsk1DA.tmp - will be deleted on reboot
23:41:27.0660 0x19bc  sehobilu ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
23:41:28.0457 0x19bc  KLMD registered as C:\WINDOWS\system32\drivers\74724824.sys
23:41:35.0848 0x1b34  Deinitialize success

schrauber · 13.04.2015, 12:36

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Grit1962 · 13.04.2015, 18:43

Hallo Bester Schrauber,

das einzige was nun nicht laufen wollte war abschließend Junkware,- habs zur Kontrolle noch ein zweites Mal downgeloadet, aber das Programm läuft einfach nicht.
Doch zu den ersten beiden Aufträgen habe ich Ergebnisse und ein frisches FRST ( frisches Brot mit leckerer Knofibutter wäre auch grad was..) für Dich im Gepäck.
Hast du die bösen Geister erfolgreich vertreiben können?
Lieben Gruß zum Abend
Grit

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 13.04.2015
Suchlauf-Zeit: 17:44:18
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.13.05
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Albert

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 414636
Verstrichene Zeit: 27 Min, 25 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 8
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=, , [33e6d5972b5fb284be14f0ce937039c7]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=, , [978258142466bd795d75209e6b98e41c]
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Binkiland, , [d54466061c6e4beb04ce0cb2ae5526da]
PUM.Bad.Proxy, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:3318;https=127.0.0.1:3318;, , [61b80f5d8901112588929533b44fa25e]
PUP.Optional.Binkiland.A, HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=, , [63b674f82565a1954c87dce23ac9639d]
PUP.Optional.Binkiland.A, HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_09&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyDyEyBzyyC0CyBzz0A0EtN0D0Tzu0StCtCyDtBtN1L2XzutAtFyBtFyBtFtCtAtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0C0EtCzzzy0AzytGyDtCyCyCtGtAyBtA0EtGyD0B0CtBtGyE0AtCtAyCyEyDyB0Azy0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtDtCyEzz0Ezz0FtGyC0AtDyDtGyE0BzytBtGzyyB0EyEtGyEtDtDyCtAyEyEtCyCyByCyD2Q&cr=1407160070&ir=, , [36e384e88802f343af24d7e7ee15b34d]
PUP.Optional.Binkiland.A, HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Binkiland, , [7d9cf6762a60c472bb180fafda2924dc]
PUP.Optional.Spigot.A, HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B29141A1-7621-4D01-873C-AF575B81B824}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}, , [7c9db5b75c2e0432c6e0eecfbb48b749]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 1
PUP.Optional.MultiPlug.A, C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C, , [26f317558406af87d0b8ce85050042be], 

Dateien: 1
PUP.Optional.MultiPlug.A, C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AD985240-1424960226-11D5-AF0D-001E8C54796C\vnsm1B7.tmp, , [26f317558406af87d0b8ce85050042be], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

# AdwCleaner v4.201 - Logfile created 13/04/2015 at 18:46:16
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Albert - WOJAN-A1D7AE3E1
# Running from : C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Downloads\AdwCleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinMaximizer
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SuperEasy Software
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SuperEasy Software
Folder Deleted : C:\Programme\Probit Software
Folder Deleted : C:\Programme\SuperEasy Software
Folder Deleted : C:\Programme\Gemeinsame Dateien\Tobit
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\PackageAware
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\wincheck
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\DriverTuner
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\PC_Drivers_Headquarters
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\goforfiles
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Intermediate
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\SCheck
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\SendSpace
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\SimpleFiles
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Snz
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\SoftwareUpdater
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\SSync
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Systweak
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Tobit
Folder Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Uniblue
File Deleted : C:\END
File Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\foxydeal.sqlite
File Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\invalidprefs.js
File Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\11-suche.xml
File Deleted : C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Protector
Key Deleted : HKCU\Software\SimpleFiles
Key Deleted : HKCU\Software\SuperEasy Software
Key Deleted : HKCU\Software\DriverTuner_Init
Key Deleted : HKCU\Software\DriverTuner
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\SuperEasy Software
Key Deleted : HKU\.DEFAULT\Software\GoforFiles
Key Deleted : HKU\.DEFAULT\Software\SimpleFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{471D8B37-C5B3-4457-9FA1-B3C693334F4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v37.0.1 (x86 de)

[2fgl7cfd.default-1354894452281\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Binkiland");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Binkiland");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.admin", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.aflt", "babsst");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.dfltLng", "de");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.excTlbr", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.id", "d02c78ae000000000000001e8c54796c");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.instlDay", "15968");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.instlRef", "sst");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.newTab", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.prdct", "delta");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.rvrt", "false");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.smplGrp", "none");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrId", "base");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.613:27:01");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta_i.babExt", "");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=123641&tt=160913_m3&tsp=5011");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.admin", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.aflt", "orgnl");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.autoRvrt", "false");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.dfltLng", "");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.excTlbr", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.ffxUnstlRst", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.id", "d02c78ae000000000000001e8c54796c");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.instlDay", "15976");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.instlRef", "");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.newTab", false);
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.prdct", "iminent");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.prtnrId", "iminent");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.rvrt", "false");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.smplGrp", "none");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.tlbrId", "base");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.vrsn", "1.8.25.0");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.vrsnTs", "1.8.25.016:39:39");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("extensions.iminent.vrsni", "1.8.25.0");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("iminent.LayoutId", "28");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("iminent.ShowThankyouPixel", "0");
[2ip1dhvx.default-1377339971953\prefs.js] - Line Deleted : user_pref("iminent.version", "7.36.1.1");
[bur9almm(3).default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Binkiland");
[qnocpw6k.default-1354909543468\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Binkiland");
[tcosr6x5.default-1354953817544\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Binkiland");

-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R0].txt - [13094 bytes] - [13/04/2015 18:43:56]
AdwCleaner[S0].txt - [13772 bytes] - [13/04/2015 18:46:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13832  bytes] ##########

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2015
Ran by Albert (administrator) on WOJAN-A1D7AE3E1 on 13-04-2015 19:48:53
Running from C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Downloads
Loaded Profiles: Albert & NeroMediaHomeUser.4 (Available profiles: Albert & NeroMediaHomeUser.4)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(ArcSoft) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
(G Data Software AG) C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Nero AG) C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
() C:\Programme\Tobit Radio.fx\Server\rfx-server.exe
(Safer-Networking Ltd.) C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
(TuneUp Software) C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Safer-Networking Ltd.) C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
(G Data Software AG) C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
(TuneUp Software) C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Brother Industries, Ltd.) C:\Programme\Browny02\Brother\BrStMonW.exe
(G DATA Software AG) C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(SAMSUNG ELECTRONICS) C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Brother Industries, Ltd.) C:\Programme\Browny02\BrYNSvc.exe
(Safer-Networking Ltd.) C:\Programme\Spybot - Search & Destroy 2\SDTray.exe
(C-Media Electronic Inc. (www.cmedia.com.tw)) C:\WINDOWS\mixer.exe
(Nero AG) C:\Programme\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Brother Industries, Ltd.) C:\Programme\Brother\ControlCenter3\BrccMCtl.exe
(Nullsoft, Inc.) C:\Programme\Winamp\winampa.exe
(Geek Software GmbH) C:\Programme\PDF24\pdf24.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Wondershare) C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
() C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe
(Microsoft Corporation) C:\Programme\Microsoft ActiveSync\wcescomm.exe
(Elgato Systems) C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTvRc.exe
(Piriform Ltd) C:\Programme\CCleaner\CCleaner.exe
() C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Alexander Miehlke Softwareentwicklung) C:\Programme\Browser-Anonymisierer\BrowserMaulkorb.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(G Data Software AG) C:\Programme\G DATA\InternetSecurity\GUI\GDSC.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nView\nwiz.exe [1753192 2010-08-26] ()
HKLM\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [36X Raid Configurer] => C:\WINDOWS\system32\xRaidSetup.exe [1953792 2007-03-21] (JMicron Technology Corp.)
HKLM\...\Run: [BrStsMon00] => C:\Programme\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM\...\Run: [GDFirewallTray] => C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1124424 2009-09-24] (G DATA Software AG)
HKLM\...\Run: [G DATA AntiVirus Trayapplication] => C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe [924232 2009-09-18] (G Data Software AG)
HKLM\...\Run: [SMSTray] => C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe [132624 2007-12-14] (SAMSUNG ELECTRONICS)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ControlCenter3] => C:\Programme\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [SDTray] => C:\Programme\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [C-Media Mixer] => Mixer.exe /startup
HKLM\...\Run: [Ulead AutoDetector v2] => C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe [95504 2007-08-02] (Ulead Systems, Inc.)
HKLM\...\Run: [Nero MediaHome 4] => C:\Programme\Nero\Nero MediaHome 4\NeroMediaHome.exe [5174568 2010-03-08] (Nero AG)
HKLM\...\Run: [WinampAgent] => C:\Programme\Winamp\winampa.exe [84576 2013-07-24] (Nullsoft, Inc.)
HKLM\...\Run: [PDFPrint] => C:\Programme\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2000-01-01] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [WSHelperSetup.exe] => C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [TrojanScanner] => C:\Programme\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [SpriteService] => C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe [552960 2006-02-21] ()
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [H/PC Connection Agent] => C:\Programme\Microsoft ActiveSync\wcescomm.exe [1211176 2006-06-21] (Microsoft Corporation)
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [Remote Control Editor] => C:\Programme\Gemeinsame Dateien\TerraTec\Remote\TTTVRC.exe [1689088 2010-06-09] (Elgato Systems)
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [CCleaner Monitoring] => C:\Programme\CCleaner\ccleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [Amazon Music] => C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\...\Run: [WSHelperSetup.exe] => C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Startup: C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Autostart\Browser-Anonymisierer.lnk
ShortcutTarget: Browser-Anonymisierer.lnk -> C:\Programme\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung)
Startup: C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:3318;https=127.0.0.1:3318;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1482476501-1390067357-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: [S-1-5-21-1482476501-1390067357-1801674531-1006] ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {A2DC3FEF-AB4D-442c-8517-34EC6E125C8D} URL = hxxp://search.webwebweb.com/search.php?query={searchTerms}&lang=de&zip=&town=&site=&country=
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> {B29141A1-7621-4D01-873C-AF575B81B824} URL = 
SearchScopes: HKU\S-1-5-21-1482476501-1390067357-1801674531-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: G Data WebFilter -> {0124123D-61B4-456f-AF86-78C53A0790C5} -> C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll [2009-09-18] (G Data Software AG)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-19] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll [2010-04-15] (TerraTec Electronic GmbH)
Toolbar: HKLM - G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll [2009-09-18] (G Data Software AG)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-1482476501-1390067357-1801674531-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1009886088859
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Gemeinsame Dateien\fluxDVD\Lib\XEB\xebnavigation.ax [2009-07-16] ()
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: www.google.de
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-19] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Programme\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @protectdisc.com/NPMPDRM -> C:\Programme\Gemeinsame Dateien\mpDRM\NPMPDRM.dll [2010-02-03] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: @nsroblox.roblox.com/launcher -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions\version-953d9034d866480b\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: @nsroblox.roblox.com/launcher64 -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions\version-953d9034d866480b\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-1482476501-1390067357-1801674531-1004: amazon.com/AmazonMP3DownloaderPlugin -> C:\Programme\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll [2014-03-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll [2014-03-14] (Apple Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\englische-ergebnisse.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\gmx-suche.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\google-images.xml [2014-09-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\google-maps.xml [2014-09-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\lastminute.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\webde-suche.xml [2014-02-25]
FF SearchPlugin: C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\searchplugins\yahoo-avast.xml [2015-02-17]
FF Extension: Video DownloadHelper - C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Mozilla\Firefox\Profiles\2ip1dhvx.default-1377339971953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26]
FF Extension: G Data WebFilter - C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2015-04-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-08-17]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-08-23]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default
CHR Extension: (Google Slides) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Google Docs) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Google Drive) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-20]
CHR Extension: (YouTube) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-20]
CHR Extension: (Freemake Video Downloader) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-08-20]
CHR Extension: (Google Search) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-20]
CHR Extension: (Freemake Youtube Download Button) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-08-20]
CHR Extension: (Google Sheets) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-24]
CHR Extension: (Gmail) - C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-20]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-08-17]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-08-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)
R2 AVKProxy; C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe [1128008 2009-12-07] (G Data Software AG)
R2 AVKService; C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe [397896 2009-08-08] (G Data Software AG)
R2 AVKWCtl; C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe [1251488 2009-11-25] (G Data Software AG)
R3 BrYNSvc; C:\Programme\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [43008 2008-04-14] (Microsoft Corporation) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Programme\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-08-13] (Ellora Assets Corp.) [File not signed]
R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [233472 2013-12-30] (Teruten) [File not signed]
R3 GDFwSvc; C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe [1547104 2009-11-25] (G Data Software AG)
R3 GDScan; C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe [302152 2009-11-26] (G Data Software AG)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2015-03-19] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2015-03-19] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2015-03-19] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
S2 MBAMService; C:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-04-04] (Mozilla Foundation)
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [30720 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [99840 2008-04-14] (Microsoft Corporation) [File not signed]
R2 NeroMediaHomeService.4; C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-03-08] (Nero AG)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 Radio.fx; C:\Programme\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 SDScannerService; C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbilisT; C:\WINDOWS\System32\Drivers\AbilisBdaTuner.sys [114440 2009-02-03] (ABILIS Systems)
S3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2000-01-01] (Creative)
R3 AtcL001; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [38656 2007-03-15] (Attansic Technology corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 cglptnt; C:\totalcmd\cglptnt.sys [14424 2012-03-09] (Ghisler Software GmbH)
R3 cmpci; C:\WINDOWS\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [28616 2012-12-08] (G Data Software AG)
R3 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [55624 2010-04-03] (G Data Software AG)
R0 GDNdisIc; C:\WINDOWS\System32\drivers\GDNdisIc.sys [22528 2010-04-03] (G DATA Software AG) [File not signed]
R2 GDTdiInterceptor; C:\WINDOWS\system32\drivers\GDTdiIcpt.sys [51784 2010-04-03] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [68976 2012-12-08] (G Data Software)
R3 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [34632 2012-12-08] (G Data Software AG)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [46208 2007-03-24] (JMicron Technology Corp.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 miniusb; C:\WINDOWS\System32\Drivers\sam_miniusb.sys [10624 2010-01-07] (Samsung Electronics Co.  Ltd.) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2000-01-01] (Creative Technology Ltd.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NetgearUDSMBus; C:\WINDOWS\System32\Drivers\NetgearUDSMBus.sys [92160 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed]
S3 NetgearUDSTcpBus; C:\WINDOWS\System32\Drivers\NetgearUDSTcpBus.sys [153600 2012-06-15] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [9623680 2010-10-22] (NVIDIA Corporation) [File not signed]
S3 PcaSp50; C:\WINDOWS\System32\Drivers\PcaSp50.sys [35384 2009-10-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 SODI; C:\WINDOWS\System32\DRIVERS\sam_miniport.sys [14464 2010-01-07] (Samsung Electronics Co.  Ltd.) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-08-06] (Duplex Secure Ltd.)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [25216 2010-02-25] (The OpenVPN Project) [File not signed]
S3 TTCinergyT2; C:\WINDOWS\System32\DRIVERS\TTCinergyT2BDA.sys [29216 2007-07-12] (TerraTec Electronic GmbH)
R3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-07-19] (TuneUp Software)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 catchme; \??\C:\DOKUME~1\Albert\LOKALE~1\Temp\catchme.sys [X]
S3 cmuda3; system32\drivers\cmuda3.sys [X]
S3 esgiguard; \??\C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
U3 TlntSvr; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 18:55 - 2015-04-13 18:55 - 00000000 ____D () C:\RegBackup
2015-04-13 18:50 - 2015-04-13 18:51 - 00013913 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\AdwCleaner[S0].txt
2015-04-13 18:43 - 2015-04-13 18:46 - 00000000 ____D () C:\AdwCleaner
2015-04-13 18:19 - 2015-04-13 18:19 - 00004730 _____ () C:\malwarebytes.txt
2015-04-13 17:41 - 2015-04-13 17:42 - 21540440 _____ (Malwarebytes Corporation ) C:\Dokumente und Einstellungen\Albert\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-13 00:15 - 2015-04-13 00:15 - 00106496 _____ () C:\WINDOWS\Minidump\Mini041315-01.dmp
2015-04-13 00:06 - 2015-04-13 00:14 - 00000000 ___SD () C:\ComboFix
2015-04-13 00:06 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-04-13 00:06 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-04-13 00:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-04-13 00:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-04-13 00:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-04-13 00:06 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-04-13 00:06 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-04-13 00:06 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-04-13 00:06 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-04-12 23:41 - 2015-04-12 23:41 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-04-12 11:53 - 2015-04-12 13:27 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-04-12 11:51 - 2015-04-12 13:05 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Desktop\mbar
2015-04-12 09:06 - 2015-04-13 19:49 - 00000000 ____D () C:\FRST
2015-04-09 15:46 - 2015-04-09 15:46 - 00195339 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\bookmarks-2015-04-09.json
2015-04-06 19:39 - 2015-04-06 19:39 - 00001237 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\ROBLOX Player.lnk
2015-04-06 19:36 - 2015-04-06 19:39 - 00001078 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\ROBLOX Studio.lnk
2015-04-06 19:36 - 2015-04-06 19:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Roblox
2015-04-06 19:34 - 2015-04-06 19:34 - 00968048 _____ (ROBLOX Corporation) C:\Dokumente und Einstellungen\Albert\Desktop\RobloxPlayerLauncher.exe
2015-04-04 20:12 - 2015-04-04 20:13 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-03-29 08:05 - 2015-03-29 08:05 - 00122776 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-03-28 09:33 - 2015-03-28 09:33 - 03638760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-26 21:15 - 2015-03-27 21:38 - 01322994 _____ () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\bseneu.web
2015-03-26 17:58 - 2015-03-26 17:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Xara
2015-03-26 17:57 - 2015-03-26 18:49 - 00000860 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX Web Designer 10 Premium.lnk
2015-03-26 17:57 - 2015-03-26 17:57 - 00000000 ___RD () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\MAGIX
2015-03-21 07:34 - 2015-04-13 18:51 - 00478445 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-21 07:34 - 2015-04-13 18:49 - 00000259 _____ () C:\WINDOWS\wiadebug.log
2015-03-21 07:34 - 2015-04-13 18:48 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-21 07:34 - 2015-03-21 07:34 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log
2015-03-19 21:27 - 2015-03-19 21:29 - 46958414 _____ () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\whats_going_on.mp4
2015-03-19 08:47 - 2015-04-07 21:22 - 00002131 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2015-03-19 08:47 - 2015-03-19 08:47 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
2015-03-19 08:44 - 2015-04-13 18:56 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 08:44 - 2015-04-13 18:48 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 00:50 - 2015-03-24 11:33 - 00023552 _____ () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\DomAbschluss.xls
2015-03-14 15:58 - 2015-03-14 16:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Bergmannsdom

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 19:49 - 2002-01-01 13:33 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp
2015-04-13 19:32 - 2012-04-04 10:09 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-13 19:09 - 2009-08-23 22:36 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Winamp
2015-04-13 18:49 - 2014-01-11 18:18 - 00000000 ____D () C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Lokale Einstellungen\Temp
2015-04-13 18:48 - 2014-10-22 17:44 - 00000556 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2015-04-13 18:48 - 2014-03-17 16:48 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-04-13 18:48 - 2013-08-24 09:48 - 00000636 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-04-13 18:48 - 2002-01-01 13:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-13 18:47 - 2013-08-24 09:48 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-04-13 18:47 - 2013-07-17 23:00 - 00065536 _____ () C:\WINDOWS\system32\config\CaptureL.evt
2015-04-13 18:47 - 2011-02-15 12:10 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2015-04-13 18:47 - 2002-01-01 13:33 - 00032630 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-13 18:46 - 2014-01-11 18:18 - 00000190 ___SH () C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\ntuser.ini
2015-04-13 18:46 - 2002-01-01 13:22 - 00000000 ____D () C:\Programme
2015-04-13 18:46 - 2002-01-01 13:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-04-13 18:26 - 2015-02-28 08:54 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-13 18:21 - 2002-01-01 13:33 - 00000300 __SHC () C:\Dokumente und Einstellungen\Albert\ntuser.ini
2015-04-13 18:20 - 2002-01-01 13:33 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert
2015-04-13 17:48 - 2010-12-25 16:16 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-04-13 17:43 - 2015-02-28 08:54 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2015-04-13 17:43 - 2015-02-28 08:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2015-04-13 07:32 - 2010-05-04 16:28 - 00007680 __SHC () C:\WINDOWS\Thumbs.db
2015-04-13 00:14 - 2010-05-01 23:22 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Temp
2015-04-13 00:05 - 2015-03-07 09:44 - 05617275 ____R (Swearware) C:\Dokumente und Einstellungen\Albert\Desktop\ComboFix.exe
2015-04-12 19:31 - 2010-11-23 20:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\vlc
2015-04-11 13:00 - 2008-04-14 14:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-10 23:46 - 2009-07-15 20:14 - 00000000 ____D () C:\Programme\CCleaner
2015-04-09 07:43 - 2013-11-16 00:31 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Autostart
2015-04-09 07:43 - 2011-12-09 19:06 - 00000000 ___RD () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Dropbox
2015-04-09 07:43 - 2011-12-09 19:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Dropbox
2015-04-09 07:42 - 2014-12-20 17:55 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme\Dropbox
2015-04-09 07:42 - 2011-12-09 19:06 - 00001013 _____ () C:\Dokumente und Einstellungen\Albert\Desktop\Dropbox.lnk
2015-04-08 07:52 - 2009-07-15 19:42 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-04-08 07:43 - 2013-08-24 09:48 - 00000608 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-04-07 20:58 - 2008-04-14 14:00 - 00000659 _____ () C:\WINDOWS\win.ini
2015-04-06 19:39 - 2012-08-11 14:02 - 00000190 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\rbxcsettings.rbx
2015-04-06 19:39 - 2012-08-11 14:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\RobloxVersions
2015-04-06 19:36 - 2013-11-16 00:31 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Startmenü\Programme
2015-04-06 08:23 - 2013-11-11 19:36 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-04-05 09:02 - 2009-09-29 21:02 - 03565476 ___SH () C:\Dokumente und Einstellungen\Albert\Desktop\Thumbs.db
2015-04-04 23:15 - 2010-12-12 09:35 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\dwhelper
2015-04-04 18:05 - 2002-01-01 13:22 - 01272524 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-02 09:08 - 2010-05-11 20:25 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Schreibtisch
2015-04-02 08:59 - 2009-09-12 07:20 - 01646938 ___SH () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Thumbs.db
2015-03-31 09:30 - 2002-01-01 13:33 - 00000000 ___RD () C:\Dokumente und Einstellungen\Albert\Startmenü
2015-03-29 08:13 - 2013-08-27 16:12 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\NCH Software
2015-03-29 08:13 - 2013-08-27 16:11 - 00000000 ____D () C:\Programme\NCH Software
2015-03-29 08:12 - 2002-01-01 13:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-03-28 01:07 - 2012-04-24 18:30 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2015-03-28 01:07 - 2009-07-15 13:07 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-03-27 13:51 - 2002-01-01 13:33 - 00000000 __SHD () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Verlauf
2015-03-26 22:39 - 2010-05-01 23:11 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Google
2015-03-26 21:03 - 2015-02-05 10:29 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Eigene Dateien\Birgit
2015-03-26 17:58 - 2009-09-01 15:17 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\MAGIX
2015-03-26 17:57 - 2009-09-30 17:59 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAGIX
2015-03-26 17:57 - 2009-09-30 17:57 - 00000000 ____D () C:\Programme\MAGIX
2015-03-26 17:57 - 2009-09-30 17:57 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
2015-03-26 17:57 - 2002-01-01 13:21 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente
2015-03-20 09:17 - 2010-12-23 23:17 - 00000654 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
2015-03-19 08:48 - 2009-07-15 19:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-03-19 08:46 - 2010-05-01 23:11 - 00000000 ____D () C:\Programme\Google
2015-03-19 08:45 - 2010-05-02 09:22 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google
2015-03-19 08:44 - 2012-04-04 10:09 - 00778928 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-03-19 08:44 - 2011-05-24 07:41 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-03-17 06:15 - 2015-02-28 08:54 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-17 06:15 - 2015-02-28 08:54 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2013-02-13 08:54 - 2013-02-13 08:44 - 0178568 _____ () C:\Programme\64res.dll
2010-06-02 06:21 - 2010-06-02 06:21 - 1347354 ____C () C:\Programme\Apr2005_d3dx9_25_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1078962 ____C () C:\Programme\Apr2005_d3dx9_25_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1397830 _____ () C:\Programme\Apr2006_d3dx9_30_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1115221 _____ () C:\Programme\Apr2006_d3dx9_30_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0916430 _____ () C:\Programme\Apr2006_MDX1_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 4162630 _____ () C:\Programme\Apr2006_MDX1_x86_Archive.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0179133 _____ () C:\Programme\Apr2006_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0133103 _____ () C:\Programme\Apr2006_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0087101 _____ () C:\Programme\Apr2006_xinput_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0046010 _____ () C:\Programme\Apr2006_xinput_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0698612 _____ () C:\Programme\APR2007_d3dx10_33_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0695865 _____ () C:\Programme\APR2007_d3dx10_33_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1607358 _____ () C:\Programme\APR2007_d3dx9_33_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1606039 _____ () C:\Programme\APR2007_d3dx9_33_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0195766 _____ () C:\Programme\APR2007_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0151225 _____ () C:\Programme\APR2007_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0096817 _____ () C:\Programme\APR2007_xinput_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0053302 _____ () C:\Programme\APR2007_xinput_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1350542 _____ () C:\Programme\Aug2005_d3dx9_27_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1077644 _____ () C:\Programme\Aug2005_d3dx9_27_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0182903 _____ () C:\Programme\AUG2006_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0137235 _____ () C:\Programme\AUG2006_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0087142 _____ () C:\Programme\AUG2006_xinput_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0046058 _____ () C:\Programme\AUG2006_xinput_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0852286 _____ () C:\Programme\AUG2007_d3dx10_35_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0796867 _____ () C:\Programme\AUG2007_d3dx10_35_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1800160 _____ () C:\Programme\AUG2007_d3dx9_35_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1708152 _____ () C:\Programme\AUG2007_d3dx9_35_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0198096 _____ () C:\Programme\AUG2007_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0153012 _____ () C:\Programme\AUG2007_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0867612 _____ () C:\Programme\Aug2008_d3dx10_39_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0849167 _____ () C:\Programme\Aug2008_d3dx10_39_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1794084 _____ () C:\Programme\Aug2008_d3dx9_39_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 1464672 _____ () C:\Programme\Aug2008_d3dx9_39_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0121772 _____ () C:\Programme\Aug2008_XACT_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0092996 _____ () C:\Programme\Aug2008_XACT_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0271412 _____ () C:\Programme\Aug2008_XAudio_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0271038 _____ () C:\Programme\Aug2008_XAudio_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0919044 _____ () C:\Programme\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0900598 _____ () C:\Programme\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 3112111 _____ () C:\Programme\Aug2009_d3dcsx_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 3319740 _____ () C:\Programme\Aug2009_d3dcsx_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0232635 _____ () C:\Programme\Aug2009_d3dx10_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0192131 _____ () C:\Programme\Aug2009_d3dx10_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0136301 _____ () C:\Programme\Aug2009_d3dx11_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0105044 _____ () C:\Programme\Aug2009_d3dx11_42_x86.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0930116 _____ () C:\Programme\Aug2009_d3dx9_42_x64.cab
2010-06-02 06:21 - 2010-06-02 06:21 - 0728456 _____ () C:\Programme\Aug2009_d3dx9_42_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0122408 _____ () C:\Programme\Aug2009_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093106 _____ () C:\Programme\Aug2009_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0273264 _____ () C:\Programme\Aug2009_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0272642 _____ () C:\Programme\Aug2009_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1357976 _____ () C:\Programme\Dec2005_d3dx9_28_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1079456 _____ () C:\Programme\Dec2005_d3dx9_28_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0212807 _____ () C:\Programme\DEC2006_d3dx10_00_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0191720 _____ () C:\Programme\DEC2006_d3dx10_00_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1571154 _____ () C:\Programme\DEC2006_d3dx9_32_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1574376 _____ () C:\Programme\DEC2006_d3dx9_32_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0192475 _____ () C:\Programme\DEC2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0145599 _____ () C:\Programme\DEC2006_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0089944 _____ (Microsoft Corporation) C:\Programme\DSETUP.dll
2010-06-02 06:22 - 2010-06-02 06:22 - 1801048 _____ () C:\Programme\dsetup32.dll
2010-06-02 06:22 - 2010-06-02 06:22 - 0042410 _____ () C:\Programme\dxdllreg_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0537432 _____ () C:\Programme\DXSETUP.exe
2010-06-02 06:22 - 2010-06-02 06:22 - 0094011 _____ () C:\Programme\dxupdate.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1247499 _____ () C:\Programme\Feb2005_d3dx9_24_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1013225 _____ () C:\Programme\Feb2005_d3dx9_24_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1362796 _____ () C:\Programme\Feb2006_d3dx9_29_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1084720 _____ () C:\Programme\Feb2006_d3dx9_29_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0178359 _____ () C:\Programme\Feb2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0132409 _____ () C:\Programme\Feb2006_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0194675 _____ () C:\Programme\FEB2007_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0147983 _____ () C:\Programme\FEB2007_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0054678 _____ () C:\Programme\Feb2010_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0020713 _____ () C:\Programme\Feb2010_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0122446 _____ () C:\Programme\Feb2010_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093180 _____ () C:\Programme\Feb2010_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0276960 _____ () C:\Programme\Feb2010_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0277191 _____ () C:\Programme\Feb2010_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1336002 _____ () C:\Programme\Jun2005_d3dx9_26_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1064925 _____ () C:\Programme\Jun2005_d3dx9_26_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0180785 _____ () C:\Programme\JUN2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0133671 _____ () C:\Programme\JUN2006_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0699044 _____ () C:\Programme\JUN2007_d3dx10_34_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0698472 _____ () C:\Programme\JUN2007_d3dx10_34_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1607774 _____ () C:\Programme\JUN2007_d3dx9_34_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1607286 _____ () C:\Programme\JUN2007_d3dx9_34_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0197122 _____ () C:\Programme\JUN2007_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0152909 _____ () C:\Programme\JUN2007_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0867828 _____ () C:\Programme\JUN2008_d3dx10_38_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0849919 _____ () C:\Programme\JUN2008_d3dx10_38_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1792608 _____ () C:\Programme\JUN2008_d3dx9_38_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1463878 _____ () C:\Programme\JUN2008_d3dx9_38_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0055154 _____ () C:\Programme\JUN2008_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021905 _____ () C:\Programme\JUN2008_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0121054 _____ () C:\Programme\JUN2008_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093128 _____ () C:\Programme\JUN2008_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0269628 _____ () C:\Programme\JUN2008_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0269024 _____ () C:\Programme\JUN2008_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0944460 _____ () C:\Programme\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0931471 ____C () C:\Programme\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0752783 _____ () C:\Programme\Jun2010_d3dcsx_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0762188 _____ () C:\Programme\Jun2010_d3dcsx_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0235955 _____ () C:\Programme\Jun2010_d3dx10_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0197283 _____ () C:\Programme\Jun2010_d3dx10_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0138205 _____ () C:\Programme\Jun2010_d3dx11_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0109445 _____ () C:\Programme\Jun2010_d3dx11_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0937246 _____ () C:\Programme\Jun2010_d3dx9_43_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0768036 _____ () C:\Programme\Jun2010_d3dx9_43_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0124596 _____ () C:\Programme\Jun2010_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093686 _____ () C:\Programme\Jun2010_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0277338 _____ () C:\Programme\Jun2010_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0278060 _____ () C:\Programme\Jun2010_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0844884 _____ () C:\Programme\Mar2008_d3dx10_37_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0818260 _____ () C:\Programme\Mar2008_d3dx10_37_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1769862 _____ () C:\Programme\Mar2008_d3dx9_37_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1443282 _____ () C:\Programme\Mar2008_d3dx9_37_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0055058 _____ () C:\Programme\Mar2008_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021867 _____ () C:\Programme\Mar2008_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0122336 _____ () C:\Programme\Mar2008_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0093734 _____ () C:\Programme\Mar2008_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0251194 _____ () C:\Programme\Mar2008_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0226250 _____ () C:\Programme\Mar2008_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1067160 _____ () C:\Programme\Mar2009_d3dx10_41_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1040745 _____ () C:\Programme\Mar2009_d3dx10_41_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1973702 _____ () C:\Programme\Mar2009_d3dx9_41_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1612446 _____ () C:\Programme\Mar2009_d3dx9_41_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0054600 _____ () C:\Programme\Mar2009_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021298 _____ () C:\Programme\Mar2009_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0121506 _____ () C:\Programme\Mar2009_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0092740 _____ () C:\Programme\Mar2009_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0275044 _____ () C:\Programme\Mar2009_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0273018 _____ () C:\Programme\Mar2009_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0864600 ____C () C:\Programme\Nov2007_d3dx10_36_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0803884 ____C () C:\Programme\Nov2007_d3dx10_36_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1802058 _____ () C:\Programme\Nov2007_d3dx9_36_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1709360 _____ () C:\Programme\Nov2007_d3dx9_36_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0046144 _____ () C:\Programme\NOV2007_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0018496 _____ () C:\Programme\NOV2007_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0196762 _____ () C:\Programme\NOV2007_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0148264 ____C () C:\Programme\NOV2007_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0994154 _____ () C:\Programme\Nov2008_d3dx10_40_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0965421 _____ () C:\Programme\Nov2008_d3dx10_40_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1906878 _____ () C:\Programme\Nov2008_d3dx9_40_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1550796 _____ () C:\Programme\Nov2008_d3dx9_40_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0054522 _____ () C:\Programme\Nov2008_X3DAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0021851 _____ () C:\Programme\Nov2008_X3DAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0121794 _____ () C:\Programme\Nov2008_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0092684 _____ () C:\Programme\Nov2008_XACT_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0273960 _____ () C:\Programme\Nov2008_XAudio_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0272611 _____ () C:\Programme\Nov2008_XAudio_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0086037 _____ () C:\Programme\Oct2005_xinput_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0045359 _____ () C:\Programme\Oct2005_xinput_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1412902 _____ () C:\Programme\OCT2006_d3dx9_31_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 1127217 _____ () C:\Programme\OCT2006_d3dx9_31_x86.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0182361 _____ () C:\Programme\OCT2006_XACT_x64.cab
2010-06-02 06:22 - 2010-06-02 06:22 - 0138017 _____ () C:\Programme\OCT2006_XACT_x86.cab
2009-12-25 16:14 - 2009-12-25 16:14 - 0002528 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\$_hpcst$.hpc
2009-07-15 19:33 - 2009-11-16 18:47 - 0000302 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\AVSDVDPlayer.m3u
2009-11-28 22:49 - 2009-11-28 22:50 - 0000988 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\BBMS_EXCEPTION.txt
2010-08-19 20:24 - 2010-08-26 15:52 - 0148284 ____C () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\mdbu.bin
2013-04-15 17:02 - 2013-04-15 17:02 - 0661642 _____ () C:\Dokumente und Einstellungen\Albert\Anwendungsdaten\Scorch_Install.log
2009-07-17 22:57 - 2015-02-27 08:15 - 0077824 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-25 16:28 - 2009-10-25 16:28 - 0000083 ____C () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\FASTWiz.log
2012-08-11 14:02 - 2015-04-06 19:39 - 0000190 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\rbxcsettings.rbx
2013-08-02 09:46 - 2013-08-02 09:46 - 0001545 _____ () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
2009-11-28 22:52 - 2009-11-28 22:52 - 0000000 ____C () C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Anwendungsdaten\rx_image.Cache

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprnr2jt.dll
C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp\Quarantine.exe
C:\Dokumente und Einstellungen\Albert\Lokale Einstellungen\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1555456 ____A (Microsoft Corporation) e36df1443ac667e81fc1764dc3ad763e     

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0552448 ____A (Microsoft Corporation) ad37df3fb8f168e42c09b77b487f6812     

C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0589312 ____A (Microsoft Corporation) bf517c3fa60065df6d97744648602957     

C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 14.04.2015, 07:10

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

RemoveProxy:
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Nochmal FRST öffnen, in das Searchfeld folgendes schreiben:

explorer.ex*;winlogon.ex*;user32.dl*

und auf Search Files klicken. Search.txt bitte hier posten.

Virus: Gen:Variant.Zusy.133061 (Engine A)

Plagegeister aller Art und deren Bekämpfung: Virus: Gen:Variant.Zusy.133061 (Engine A)