| |
| |||||||
Log-Analyse und Auswertung: Windows fährt nicht mehr hochWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
27.03.2015, 00:20
| #1 |
 |  Windows fährt nicht mehr hoch Mein Windows fährt nicht mehr komplett hoch, es gibt keinerlei Fehlermeldungen, es lädt bis zum Desktophintergrund-Bild, die Windows Startleiste und Icons erscheinen nicht und auch der Taskmanager lässt sich nicht starten, in den abgesicherten Modus komme ich ohne Probleme. Seit Tagen probiere ich den Pc zu starten, aber ohne Erfolg, habe die Cmos Batterie auch erneuert. Habe auch mit Antivir den Pc gescannt, allerdings gab es keinerlei Funde. Ein einziges Mal ist der Pc komplett hochgefahren, danach nie wieder. Heute abend habe ich nach langen 10 Tagen aus lauter Frust mal den AdwCleaner gestartet und die Funde in die Quarantäne gesteckt. Muss gestehen, dass ich das Programm nicht aktualisieren konnte, da der Pc im absicherten Modus kein Internet hat. Ich poste nun mal den Log von HijackThis (im abgesicherten Modus und leider nicht aktualisiert) Ich hoffe irgendjemand kann da mal drüberschauen und eventuell erkennen kann, warum der Pc bzw Windows nicht komplett startet. Dankeschön! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:19:16, on 26.03.2015 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE H:\Malwarebytes Anti - Malware\ Malwarebytes Anti-Malware \mbam.exe H:\alte Programme\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ZoneAlarm] "C:\Programme\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [ChangeFilterMerit] H:\Presto! PVR\ChangeFilterMerit.exe O4 - HKLM\..\Run: [Presto! PVR Monitor] H:\Presto! PVR\Monitor.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Avira Systray] C:\Programme\Avira\My Avira\Avira.OE.Systray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [HDDHealth] H:\HDD Health\HDD Health\HDDHealth.exe -wl O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Programme\Creative\Shared Files\CTSched.exe" /logon O4 - HKCU\..\Run: [Spotify] "C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [Creative Software Update] "C:\Programme\Creative\Shared Files\Software Update\AutoUpdate.exe" /Silent O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "H:\Zoner Photo Studio 16 (CB)\Photo Studio 16\Program32\ZPSTRAY.EXEH:\Zoner Photo Studio 16 (CB)\Photo Studio 16\Program32\ZPSService.exe" O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "H:\Zoner Photo Studio 16 (CB)\Photo Studio 16\Program32\ZPSTRAY.EXE" O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: RF - Formular ausfüllen - file://C:/Programme/Siber Systems/AI RoboForm/RoboFormComFillForms.html O8 - Extra context menu item: RF - Formular speichern - file://C:/Programme/Siber Systems/AI RoboForm/RoboFormComSavePass.html O8 - Extra context menu item: RF - Menü anpassen - file://C:/Programme/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - file://C:/Programme/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Symbolleiste anzeigen - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programme\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- End of file - 8109 bytes |
|
27.03.2015, 06:12
| #2 |
| /// the machine /// TB-Ausbilder    | Windows fährt nicht mehr hoch hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
27.03.2015, 11:20
| #3 |
| | Windows fährt nicht mehr hoch Hier ist die FRST.txt
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Katharina (administrator) on KATHARINA-PC on 27-03-2015 11:04:19
Running from C:\Dokumente und Einstellungen\Katharina\Desktop
Loaded Profiles: Katharina (Available profiles: Katharina & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [ZoneAlarm] => C:\Programme\CheckPoint\ZoneAlarm\zatray.exe [73392 2012-06-21] (Check Point Software Technologies LTD)
HKLM\...\Run: [ChangeFilterMerit] => H:\Presto! PVR\ChangeFilterMerit.exe [40960 2005-05-17] ()
HKLM\...\Run: [Presto! PVR Monitor] => H:\Presto! PVR\Monitor.exe [57344 2006-02-23] (NewSoft)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [P17Helper] => Rundll32 P17.dll,P17Helper
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16126464 2007-03-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Microsoft Works Update Detection] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-17] (Microsoft® Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Avira Systray] => C:\Programme\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [HDDHealth] => H:\HDD Health\HDD Health\HDDHealth.exe [1687552 2008-04-12] (PANTERASoft)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [CreativeTaskScheduler] => C:\Programme\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [Spotify] => C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Spotify\spotify.exe [6162488 2014-08-11] (Spotify Ltd)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [Spotify Web Helper] => C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-08-11] (Spotify Ltd)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [RoboForm] => C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-06-13] (Siber Systems)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [Creative Software Update] => C:\Programme\Creative\Shared Files\Software Update\AutoUpdate.exe [481200 2007-01-04] (Creative Technology Ltd)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [Zoner Photo Studio Service 16] => H:\Zoner Photo Studio 16 (CB)\Photo Studio 16\Program32\ZPSService.exe [27648 2014-07-17] ()
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Run: [Zoner Photo Studio Autoupdate] => H:\Zoner Photo Studio 16 (CB)\Photo Studio 16\Program32\ZPSTRAY.EXE [833024 2014-07-17] (ZONER software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1715567821-1677128483-1417001333-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050&SSPV=IEOB05
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-08-08] (RealPlayer)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Programme\Siber Systems\AI RoboForm\roboform.dll [2014-06-13] (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2013-08-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2013-08-19] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll [2014-06-13] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-1715567821-1677128483-1417001333-1003 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKU\S-1-5-21-1715567821-1677128483-1417001333-1003 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll [2014-06-13] (Siber Systems Inc.)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342362346656
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2013-09-25] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
FF Plugin: @checkpoint.com/FFApi -> C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2013-08-19] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> H:\RealPlayer\Netscape6\nppl3260.dll [2012-08-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> H:\RealPlayer\Netscape6\nprjplug.dll [2012-08-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> H:\RealPlayer\Netscape6\nprpplugin.dll [2012-08-08] (RealPlayer)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\artur.dubovoy@gmail.com [2015-02-14]
FF Extension: Flashblock - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-12-15]
FF Extension: WOT - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-27]
FF Extension: DownloadHelper - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-17]
FF Extension: Flash and Video Download - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-02-07]
FF Extension: Ghostery - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\firefox@ghostery.com.xpi [2014-01-03]
FF Extension: Geocaching.com GPX Downloader - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\gpxdown@geocaching.com.xpi [2014-03-02]
FF Extension: Flagfox - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-31]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Mozilla\Firefox\Profiles\fyzyuqva.default-1388084549609\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-18]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-08]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Programme\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Programme\Siber Systems\AI RoboForm\Firefox [2012-12-03]
FF HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Programme\Siber Systems\AI RoboForm\Firefox
Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-09]
CHR Extension: (Google Search) - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-09]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-08-09]
CHR Extension: (Gmail) - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-09]
CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo [2012-09-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-08]
CHR HKLM\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-09-20]
CHR HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-09-20]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 Avira.OE.ServiceHost; C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-12] (Creative Technology Ltd) [File not signed]
S2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-08-19] (Oracle Corporation)
S3 Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-02-24] (Mozilla Foundation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 vsmon; C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe [2445880 2012-06-21] (Check Point Software Technologies LTD)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AtcL001; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [38656 2007-03-15] (Attansic Technology corporation.)
S3 bdacap; C:\WINDOWS\System32\drivers\bdacap.sys [217728 2006-02-14] (Genesys Logic, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 GLHIDKBFILTER; C:\WINDOWS\System32\DRIVERS\GLKbFilter.sys [11264 2006-01-06] (Genesys Logic)
R0 KL1; C:\WINDOWS\System32\DRIVERS\kl1.sys [133208 2012-01-09] (Kaspersky Lab ZAO)
S1 kl2; C:\WINDOWS\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO)
S1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [485808 2012-01-09] (Kaspersky Lab)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 P17; C:\WINDOWS\System32\drivers\P17.sys [1389056 2005-07-07] (Creative Technology Ltd.)
S3 RRNetCap; C:\WINDOWS\System32\DRIVERS\rrnetcap.sys [31848 2012-08-20] (RapidSolution Software AG)
S3 RRNetCapMP; C:\WINDOWS\System32\DRIVERS\rrnetcap.sys [31848 2012-08-20] (RapidSolution Software AG)
S3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [39016 2012-08-20] (RapidSolution Software AG)
S1 Vsdatant; C:\WINDOWS\System32\vsdatant.sys [526640 2012-06-21] (Check Point Software Technologies LTD)
S4 IntelIde; No ImagePath
S3 PciCon; \??\D:\PciCon.sys [X]
S3 SANDRA; \??\H:\SiSoft Sandra Lite 2013\SiSoftware Sandra Lite 2013.SP2\WNt500x86\Sandra.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U5 UnlockerDriver5; H:\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 11:04 - 2015-03-27 11:04 - 00019482 _____ () C:\Dokumente und Einstellungen\Katharina\Desktop\FRST.txt
2015-03-27 11:03 - 2015-03-27 11:04 - 00000000 ____D () C:\FRST
2015-03-27 11:03 - 2015-03-27 10:41 - 01135104 _____ (Farbar) C:\Dokumente und Einstellungen\Katharina\Desktop\FRST.exe
2015-03-26 23:01 - 2015-03-26 23:01 - 00001856 _____ () C:\AdwCleaner[R3].txt
2015-03-26 22:56 - 2015-03-26 22:56 - 00001796 _____ () C:\AdwCleaner[R2].txt
2015-03-08 09:22 - 2015-03-08 09:22 - 00000000 ____D () C:\WINDOWS\pss
2015-03-08 07:43 - 2002-01-01 00:03 - 00003103 ____C () C:\WINDOWS\setupapi.log
2015-03-06 17:24 - 2015-03-26 21:27 - 00004080 _____ () C:\WINDOWS\setupact.log
2015-03-06 17:24 - 2015-03-06 17:24 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-06 13:28 - 2002-01-01 10:39 - 00131072 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 11:04 - 2012-07-15 14:27 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Temp
2015-03-27 11:01 - 2003-04-02 13:00 - 00013646 ____C () C:\WINDOWS\system32\wpa.dbl
2015-03-27 01:22 - 2012-07-15 14:47 - 01969132 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-27 01:22 - 2012-07-15 14:27 - 00000190 ___SH () C:\Dokumente und Einstellungen\Katharina\ntuser.ini
2015-03-26 22:55 - 2014-11-02 00:59 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-26 21:02 - 2013-04-10 15:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator
2015-03-26 21:02 - 2012-07-15 14:27 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-03-26 21:02 - 2012-07-15 14:27 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService
2015-03-26 21:02 - 2012-07-15 14:27 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina
2015-03-26 21:01 - 2012-07-15 14:23 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-23 21:37 - 2013-05-29 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\Eigene Dateien\No23 Recorder
2015-03-23 21:34 - 2012-07-16 20:35 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\dwhelper
2015-03-23 15:08 - 2012-07-16 09:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\Eigene Dateien\Presto! PVR
2015-03-14 21:28 - 2012-09-06 14:19 - 00019968 ____C () C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-08 07:43 - 2014-03-20 19:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
2015-03-08 07:43 - 2012-10-17 16:21 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2015-03-08 07:13 - 2013-04-10 15:40 - 00000190 __SHC () C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2015-03-06 22:07 - 2012-07-15 20:58 - 00000303 ____C () C:\WINDOWS\system32\vsconfig.xml
2015-03-06 21:42 - 2013-02-28 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\MediathekView
2015-03-06 17:36 - 2012-07-16 23:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Media Player Classic
2015-03-06 13:27 - 2014-11-20 00:17 - 00288630 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1715567821-1677128483-1417001333-1003-0.dat
2015-03-06 13:27 - 2014-11-18 23:55 - 00288630 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2015-03-06 13:05 - 2012-08-07 14:32 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-06 00:54 - 2013-10-17 22:34 - 00213032 _____ () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2015-03-05 12:21 - 2012-11-04 14:32 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution
2015-03-05 12:21 - 2012-11-04 14:25 - 00000000 ____D () C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\RapidSolution
2015-02-27 23:17 - 2012-08-08 11:38 - 00000286 ____C () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1677128483-1417001333-1003.job
2015-02-25 15:11 - 2012-08-09 10:37 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2012-10-23 11:04 - 2012-10-23 11:04 - 0002528 ____C () C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\$_hpcst$.hpc
2012-09-16 13:43 - 2013-02-14 23:44 - 0103440 ____C () C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Switch.dmp
2012-09-06 14:19 - 2015-03-14 21:28 - 0019968 ____C () C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-10 22:35 - 2013-05-30 11:54 - 0001464 ____C () C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\RecConfig.xml
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
--- --- --- Hier die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Katharina at 2015-03-27 11:05:23
Running from C:\Dokumente und Einstellungen\Katharina\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ZoneAlarm Antivirus (Enabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall (Disabled) {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD v.2.3.0 (HKLM\...\Ashampoo ClipFinder HD_is1) (Version: 2.3.0 - Ashampoo GmbH & Co. KG)
ATI AVIVO Codecs (Version: 10.0.0.40103 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{D32E70CD-819B-6196-0319-42AC224A8982}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.702-100202a-095691C-ATI - )
ATI Problem Report Wizard (Version: 3.0.762.0 - ATI Technologies) Hidden
Attansic Ethernet Utility (HKLM\...\{1F698102-5739-441E-96F0-74F4EA540F06}) (Version: 2.0.60.4 - Attansic)
Attansic L1 Gigabit Ethernet Driver (HKLM\...\AtcL1) (Version: - )
Audials (HKLM\...\{73ABAA0E-70F0-4048-AD43-A5F5A13A198D}) (Version: 9.1.31900.0 - Audials AG)
Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber MP3-Plugin (64 bit) (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
ccc-core-preinstall (Version: 2010.0202.2335.42270 - ATI) Hidden
ccc-core-static (Version: 2010.0202.2335.42270 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.15 - Piriform)
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: - )
Creative-Systeminformationen (HKLM\...\SysInfo) (Version: - )
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.39.3 - Electronic Arts)
Dydelf (HKLM\...\Dydelf) (Version: - )
Fotostory 3 für Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free YouTube Download version 3.1.37.918 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.37.918 - DVDVideoSoft Ltd.)
GL2422VP (HKLM\...\{E36DB292-0D68-4E43-91CD-F2651A72332A}) (Version: - )
HDD Health v3.3 Beta (HKLM\...\HDD Health_is1) (Version: - )
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version: - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
K-Lite Mega Codec Pack 9.5.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
MAGIX Foto & Grafik Designer 6 SE (HKLM\...\MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}) (Version: 6.1.3.24817 - MAGIX AG)
MAGIX Foto & Grafik Designer 6 SE (Version: 6.1.3.24817 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 9 (HKLM\...\PictureIt_v9) (Version: 9.0.0.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 36.0 (x86 de) (HKLM\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
PC-DTV Receiver (HKLM\...\{679DE728-0B9D-43B3-8459-D7B81F130E7A}) (Version: 1.00.000 - PC-DTV Device)
Photomizer (HKLM\...\{A00F8237-F496-44D2-0001-E3CCF8CD58AE}) (Version: 1.3.12.723 - Engelmann Media GmbH)
Presto! PVR (HKLM\...\{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}) (Version: 5.00.00 - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5391 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RoboForm 7-9-7-5 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-7-5 - Siber Systems)
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834902) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834902-v2) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB973540) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB975558) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB978695) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544521) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2699988) (HKLM\...\KB2699988) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sound Blaster Audigy (HKLM\...\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}) (Version: 1.0 - )
Spotify (HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Switch Audiodatei-Konverter (HKLM\...\Switch) (Version: - NCH Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TIPP10 Version 2.0.3 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2008, Tom Thielicke)
TOPP Vorlagen-Druckstudio (3489) (HKLM\...\{E123E3D6-9ACA-4F70-B4EB-A780A895CBE5}_is1) (Version: - frechverlag GmbH)
TSR Watermark Image software version 2.3.3.4 (HKLM\...\TSR Watermark Image_is1) (Version: - )
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WavePad Audiobearbeitungs-Software (HKLM\...\WavePad) (Version: - NCH Software)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
ZoneAlarm Antivirus (Version: 10.2.064.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (Version: 10.2.064.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM\...\ZoneAlarm Free Antivirus + Firewall) (Version: 10.2.047.000 - Check Point)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version: - Check Point Software Technologies)
ZoneAlarm Security (Version: 10.2.064.000 - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.8 - ZONER software)
Zuma Deluxe RA (HKLM\...\Zuma Deluxe RA) (Version: - )
Zuma's Revenge! (HKLM\...\Zuma's Revenge!) (Version: - PopCap Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
01-01-2002 00:35:10 Systemprüfpunkt
26-03-2015 21:01:00 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2003-04-02 13:00 - 2003-04-02 13:00 - 00000820 ___AC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1677128483-1417001333-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1677128483-1417001333-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\SwitchDowngrade.job => C:\Programme\NCH Software\Switch\switch.exe
Task: C:\WINDOWS\Tasks\WavePadDowngrade.job => C:\Programme\NCH Software\WavePad\wavepad.exe
Task: C:\WINDOWS\Tasks\WavePadReminder.job => C:\Programme\NCH Software\WavePad\wavepad.exe
==================== Loaded Modules (whitelisted) ==============
2013-12-18 19:42 - 2013-12-18 19:42 - 00301056 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1715567821-1677128483-1417001333-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Katharina\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
DNS Servers: Media is not connected to internet.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: TkBellExe => "H:\RealPlayer\update\realsched.exe" -osboot
==================== Accounts: =============================
Administrator (S-1-5-21-1715567821-1677128483-1417001333-500 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Administrator
ASPNET (S-1-5-21-1715567821-1677128483-1417001333-1005 - Limited - Enabled)
Gast (S-1-5-21-1715567821-1677128483-1417001333-501 - Limited - Disabled)
Hilfeassistent (S-1-5-21-1715567821-1677128483-1417001333-1000 - Limited - Disabled)
Katharina (S-1-5-21-1715567821-1677128483-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Katharina
SUPPORT_388945a0 (S-1-5-21-1715567821-1677128483-1417001333-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/27/2015 11:04:51 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error: (03/27/2015 11:04:48 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error: (03/27/2015 11:04:46 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error: (03/27/2015 11:04:46 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error: (03/27/2015 11:04:40 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
Error: (01/01/2002 00:18:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/01/2002 00:10:06 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (01/01/2002 00:10:06 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (01/01/2002 00:10:06 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (01/01/2002 00:10:06 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
System errors:
=============
Error: (03/27/2015 11:03:00 AM) (Source: DCOM) (EventID: 10005) (User: KATHARINA-PC)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (03/27/2015 11:01:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD
Fips
intelppm
IPSec
kl2
KLIF
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
Vsdatant
Error: (03/27/2015 11:01:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31
Error: (03/27/2015 11:01:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TrueVector Internet Monitor" ist vom Dienst "Vsdatant" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31
Error: (03/27/2015 11:01:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "Umgebung für die AFD-Netzwerkunterstützung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31
Error: (03/27/2015 11:01:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31
Error: (03/27/2015 11:01:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31
Error: (03/27/2015 11:01:42 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (03/27/2015 11:01:38 AM) (Source: DCOM) (EventID: 10005) (User: KATHARINA-PC)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "netman" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error: (03/27/2015 01:22:05 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Microsoft Office Sessions:
=========================
Error: (04/30/2013 00:16:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3270 seconds with 300 seconds of active time. This session ended with a crash.
Error: (01/10/2013 01:03:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16918 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/01/2013 11:34:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8355 seconds with 60 seconds of active time. This session ended with a crash.
Error: (12/29/2012 11:22:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 31000 seconds with 540 seconds of active time. This session ended with a crash.
Error: (11/30/2012 01:04:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 40492 seconds with 1860 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 15%
Total physical RAM: 2047.04 MB
Available physical RAM: 1728.86 MB
Total Pagefile: 3938.25 MB
Available Pagefile: 3841.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:29.29 GB) (Free:3.65 GB) NTFS
Drive e: (Transcend) (Removable) (Total:14.7 GB) (Free:0.28 GB) FAT32
Drive h: (Programme) (Fixed) (Total:58.59 GB) (Free:37.89 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive i: (Volume) (Fixed) (Total:68.36 GB) (Free:16.68 GB) NTFS
Drive j: (Volume ) (Fixed) (Total:76.63 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 0BE80BE8)
Partition 1: (Not Active) - (Size=29.3 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=76.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 14.7 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
==================== End Of Log ============================
|
|
27.03.2015, 20:08
| #4 |
| /// the machine /// TB-Ausbilder | Windows fährt nicht mehr hoch hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.03.2015, 22:18
| #5 |
| | Windows fährt nicht mehr hoch Hallo, den Malwarebytes Anti-Rootkit konnte ich leider nicht aktualisieren, hier ist der Log: Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
System is currently in a safe mode
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, J:\ DRIVE_FIXED
CPU speed: 2.671000 GHz
Memory total: 2146480128, free: 1752317952
Host not found
Host not found
Host not found
Host not found
Host not found
Host not found
=======================================
Initializing...
------------ Kernel report ------------
03/27/2015 20:49:42
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
kl1.sys
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\System32\DRIVERS\1394BUS.SYS
pciide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\DRIVERS\ks.sys
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\System32\DRIVERS\i8042prt.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\framebuf.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\DRIVERS\hidusb.sys
\SystemRoot\System32\DRIVERS\HIDCLASS.SYS
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\System32\DRIVERS\USBSTOR.SYS
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2014.11.18.05
rootkit: v2014.11.12.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8a765ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a6edb30, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a765ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a74c9e8, DeviceName: \Device\00000071\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8a705940, DeviceName: \Device\Ide\IdeDeviceP2T0L0-10\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\WINDOWS\system32\drivers\aec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\aec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\afd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\afd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\arp1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\arp1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ASACPI.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ASACPI.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mrxdav.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mrxdav.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mrxsmb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mrxsmb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\msfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\msgpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rrnetcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rrnetcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\RtkHDAud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\RtkHDAud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fs_rec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fs_rec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\GLKbFilter.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\GLKbFilter.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\http.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\http.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\imapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\imapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\P17.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\P17.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\psched.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\psched.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ptilink.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ptilink.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rasacd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rasacd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rasl2tp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rasl2tp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspppoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\raspppoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspptp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\raspptp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\raspti.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\raspti.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdbss.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdbss.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpcdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpcdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rdpdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\redbook.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\redbook.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\update.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\update.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbscan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbscan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndistapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndistapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\vga.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vga.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ctoss2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ctoss2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ctsfm2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ctsfm2k.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dmusic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dmusic.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dxapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dxapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\dxgthk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dxgthk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fastfat.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fastfat.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fips.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fips.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\audstub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\audstub.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\beep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\beep.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ati2mtag.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ati2mtag.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\AtiHdmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AtiHdmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atl01_xp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atl01_xp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\splitter.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\splitter.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\srv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\srv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\swmidi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swmidi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sysaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sysaudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tbhsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tbhsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tcpip.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tcpip.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tdi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tdi.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\termdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\termdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\videoprt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\videoprt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wanarp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wanarp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wdmaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wdmaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\wmilib.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmilib.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipnat.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ipnat.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ipsec.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ipsec.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kl2.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kl2.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\klif.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\klif.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\kmixer.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kmixer.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ks.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ks.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mnmdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mnmdd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndisuio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndisuio.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndiswan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndiswan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ndproxy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ndproxy.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\netbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\netbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\netbt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\netbt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nic1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nic1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\npfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npfs.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\null.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\null.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BE80BE8
Partition information:
Partition 0 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 16065 Numsec = 61416495
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 61432560 Numsec = 122881185
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 184313745 Numsec = 143364060
Partition 3 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 327677805 Numsec = 160714260
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8a366ab8, DeviceName: \Device\Harddisk1\DR17\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a35e760, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a366ab8, DeviceName: \Device\Harddisk1\DR17\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a362ea0, DeviceName: \Device\00000091\, DriverName: \Driver\usbstor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR17\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
Partition information:
This drive is a Single Partition removable Drive.
Partition is not bootable
Disk Size: 15804137472 bytes
Sector size: 512 bytes
Done!
File "C:\WINDOWS\system32\config\system" is compressed (flags = 1)
File "C:\Dokumente und Einstellungen\Katharina\Cookies\index.dat" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)\VBR-0-1-61432560-i.mbam...
Removing C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
Code:
ATTFilter 22:06:40.0000 0x047c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:06:52.0343 0x047c ============================================================
22:06:52.0343 0x047c Current date / time: 2015/03/27 22:06:52.0343
22:06:52.0343 0x047c SystemInfo:
22:06:52.0343 0x047c
22:06:52.0343 0x047c OS Version: 5.1.2600 ServicePack: 3.0
22:06:52.0343 0x047c Product type: Workstation
22:06:52.0343 0x047c ComputerName: KATHARINA-PC
22:06:52.0343 0x047c UserName: Katharina
22:06:52.0343 0x047c Windows directory: C:\WINDOWS
22:06:52.0343 0x047c System windows directory: C:\WINDOWS
22:06:52.0343 0x047c Processor architecture: Intel x86
22:06:52.0343 0x047c Number of processors: 2
22:06:52.0343 0x047c Page size: 0x1000
22:06:52.0343 0x047c Boot type: Safe boot
22:06:52.0343 0x047c ============================================================
22:06:56.0906 0x047c KLMD registered as C:\WINDOWS\system32\drivers\14627053.sys
22:06:57.0609 0x047c System UUID: {08A5B2E2-9E64-C8F7-95FA-8F508BC84395}
22:06:59.0234 0x047c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:06:59.0234 0x047c ============================================================
22:06:59.0234 0x047c \Device\Harddisk0\DR0:
22:06:59.0234 0x047c MBR partitions:
22:06:59.0250 0x047c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x3A923F0
22:06:59.0250 0x047c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A962F0, BlocksNum 0x75304A1
22:06:59.0250 0x047c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAFC6791, BlocksNum 0x88B8FDC
22:06:59.0250 0x047c \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1387F76D, BlocksNum 0x9944E14
22:06:59.0250 0x047c ============================================================
22:06:59.0375 0x047c H: <-> \Device\Harddisk0\DR0\Partition2
22:06:59.0515 0x047c I: <-> \Device\Harddisk0\DR0\Partition3
22:06:59.0609 0x047c J: <-> \Device\Harddisk0\DR0\Partition4
22:06:59.0671 0x047c C: <-> \Device\Harddisk0\DR0\Partition1
22:06:59.0671 0x047c ============================================================
22:06:59.0671 0x047c Initialize success
22:06:59.0671 0x047c ============================================================
22:08:59.0281 0x0548 ============================================================
22:08:59.0281 0x0548 Scan started
22:08:59.0281 0x0548 Mode: Manual; SigCheck; TDLFS;
22:08:59.0281 0x0548 ============================================================
22:08:59.0281 0x0548 KSN ping started
22:08:59.0484 0x0548 KSN ping finished: false
22:09:00.0750 0x0548 ================ Scan system memory ========================
22:09:00.0750 0x0548 System memory - ok
22:09:00.0750 0x0548 ================ Scan services =============================
22:09:00.0968 0x0548 Abiosdsk - ok
22:09:00.0984 0x0548 abp480n5 - ok
22:09:01.0062 0x0548 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:09:03.0375 0x0548 ACPI - ok
22:09:03.0546 0x0548 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:09:03.0640 0x0548 ACPIEC - ok
22:09:03.0640 0x0548 adpu160m - ok
22:09:03.0703 0x0548 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:09:03.0796 0x0548 aec - ok
22:09:03.0859 0x0548 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:09:03.0937 0x0548 AFD - ok
22:09:03.0937 0x0548 Aha154x - ok
22:09:03.0953 0x0548 aic78u2 - ok
22:09:03.0968 0x0548 aic78xx - ok
22:09:04.0000 0x0548 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:09:04.0109 0x0548 Alerter - ok
22:09:04.0140 0x0548 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
22:09:04.0234 0x0548 ALG - ok
22:09:04.0234 0x0548 AliIde - ok
22:09:04.0250 0x0548 amsint - ok
22:09:04.0359 0x0548 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:09:04.0484 0x0548 AppMgmt - ok
22:09:04.0515 0x0548 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:09:04.0593 0x0548 Arp1394 - ok
22:09:04.0609 0x0548 asc - ok
22:09:04.0609 0x0548 asc3350p - ok
22:09:04.0625 0x0548 asc3550 - ok
22:09:04.0765 0x0548 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:09:04.0781 0x0548 aspnet_state - ok
22:09:04.0796 0x0548 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:09:04.0875 0x0548 AsyncMac - ok
22:09:04.0921 0x0548 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:09:05.0000 0x0548 atapi - ok
22:09:05.0031 0x0548 [ 19F277BC4CE5689F20F347A6B8AA8C42, 2810AB6D9C9F143FF6CE8FC01901A785956891A3D2A53416FC6D6EF799D0FB15 ] AtcL001 C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
22:09:05.0078 0x0548 AtcL001 - ok
22:09:05.0093 0x0548 Atdisk - ok
22:09:05.0234 0x0548 [ BE738B9DC59EFA4B2D213AF765181D0F, 6283CE1F5C037B109D24B019719EF4B3193FF952684D70E81BD5212AA5ADF38C ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:09:05.0500 0x0548 Ati HotKey Poller - ok
22:09:06.0906 0x0548 [ 19A929D262BCCC9BEF74D90ADF64AA86, 629E8EBA3B10A30CE7AD645720817286E835A31419386F727DD22F39B43EF9A9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:09:09.0312 0x0548 ati2mtag - ok
22:09:09.0406 0x0548 [ E3B9FE6D478DC12EE9FB5169EE98D1BA, 067C926092BB3CA85C307B6189DA40D4EBCC756E3F4FF8FD271B95C086D5E7CD ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:09:09.0468 0x0548 AtiHdmiService - ok
22:09:09.0515 0x0548 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:09:09.0593 0x0548 Atmarpc - ok
22:09:09.0640 0x0548 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:09:09.0734 0x0548 AudioSrv - ok
22:09:09.0765 0x0548 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:09:09.0843 0x0548 audstub - ok
22:09:10.0000 0x0548 [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe
22:09:10.0078 0x0548 Avira.OE.ServiceHost - ok
22:09:10.0156 0x0548 [ 28FE2E5E084E40CEFA658754F28D33BF, CBF85B8622380469C4E5FEB27802B583E0D7D907A70E52CD14762E403CBAF8CF ] bdacap C:\WINDOWS\system32\drivers\bdacap.sys
22:09:10.0234 0x0548 bdacap - ok
22:09:10.0265 0x0548 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:09:10.0343 0x0548 Beep - ok
22:09:10.0484 0x0548 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
22:09:10.0718 0x0548 BITS - ok
22:09:10.0765 0x0548 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
22:09:10.0828 0x0548 Browser - ok
22:09:10.0859 0x0548 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:09:10.0921 0x0548 cbidf2k - ok
22:09:10.0953 0x0548 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:09:11.0031 0x0548 CCDECODE - ok
22:09:11.0046 0x0548 cd20xrnt - ok
22:09:11.0062 0x0548 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:09:11.0140 0x0548 Cdaudio - ok
22:09:11.0171 0x0548 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:09:11.0265 0x0548 Cdfs - ok
22:09:11.0312 0x0548 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:09:11.0375 0x0548 Cdrom - ok
22:09:11.0390 0x0548 Changer - ok
22:09:11.0421 0x0548 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:09:11.0500 0x0548 CiSvc - ok
22:09:11.0515 0x0548 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:09:11.0609 0x0548 ClipSrv - ok
22:09:11.0703 0x0548 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:09:11.0718 0x0548 clr_optimization_v2.0.50727_32 - ok
22:09:11.0781 0x0548 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:09:11.0828 0x0548 clr_optimization_v4.0.30319_32 - ok
22:09:11.0843 0x0548 CmdIde - ok
22:09:11.0843 0x0548 COMSysApp - ok
22:09:11.0875 0x0548 Cpqarray - ok
22:09:11.0921 0x0548 [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
22:09:11.0937 0x0548 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic ( 1 )
22:09:12.0031 0x0548 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
22:09:12.0062 0x0548 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:09:12.0156 0x0548 CryptSvc - ok
22:09:12.0234 0x0548 [ 8DB84DE3AAB34A8B4C2F644EFF41CD76, 02154E064651269EEF51BA6D68285A05E1552D3FFDCA97ED810EAEB26EAF4573 ] ctsfm2k C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
22:09:12.0312 0x0548 ctsfm2k - ok
22:09:12.0328 0x0548 dac2w2k - ok
22:09:12.0328 0x0548 dac960nt - ok
22:09:12.0468 0x0548 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:09:12.0656 0x0548 DcomLaunch - ok
22:09:12.0718 0x0548 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:09:12.0828 0x0548 Dhcp - ok
22:09:12.0843 0x0548 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:09:12.0921 0x0548 Disk - ok
22:09:12.0937 0x0548 dmadmin - ok
22:09:13.0171 0x0548 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:09:13.0578 0x0548 dmboot - ok
22:09:13.0640 0x0548 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:09:13.0750 0x0548 dmio - ok
22:09:13.0781 0x0548 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:09:13.0859 0x0548 dmload - ok
22:09:13.0906 0x0548 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:09:13.0984 0x0548 dmserver - ok
22:09:14.0015 0x0548 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:09:14.0093 0x0548 DMusic - ok
22:09:14.0140 0x0548 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:09:14.0171 0x0548 Dnscache - ok
22:09:14.0250 0x0548 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:09:14.0375 0x0548 Dot3svc - ok
22:09:14.0390 0x0548 dpti2o - ok
22:09:14.0437 0x0548 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:09:14.0515 0x0548 drmkaud - ok
22:09:14.0531 0x0548 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:09:14.0625 0x0548 EapHost - ok
22:09:14.0656 0x0548 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:09:14.0718 0x0548 ERSvc - ok
22:09:14.0781 0x0548 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
22:09:14.0828 0x0548 Eventlog - ok
22:09:14.0906 0x0548 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\System32\es.dll
22:09:14.0984 0x0548 EventSystem - ok
22:09:15.0031 0x0548 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:09:15.0140 0x0548 Fastfat - ok
22:09:15.0203 0x0548 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:09:15.0265 0x0548 FastUserSwitchingCompatibility - ok
22:09:15.0312 0x0548 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:09:15.0375 0x0548 Fdc - ok
22:09:15.0406 0x0548 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:09:15.0468 0x0548 Fips - ok
22:09:15.0484 0x0548 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:09:15.0562 0x0548 Flpydisk - ok
22:09:15.0609 0x0548 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:09:15.0718 0x0548 FltMgr - ok
22:09:15.0765 0x0548 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:09:15.0796 0x0548 FontCache3.0.0.0 - ok
22:09:15.0812 0x0548 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:09:15.0875 0x0548 Fs_Rec - ok
22:09:15.0921 0x0548 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:09:16.0031 0x0548 Ftdisk - ok
22:09:16.0062 0x0548 [ B5B3CD17B2F000AB5AA0150F96C37FF7, 10B8FB1E6F837F122A7C54A11983F45B54B99011B8F99720ECEFDF967B313FDD ] GLHIDKBFILTER C:\WINDOWS\system32\DRIVERS\GLKbFilter.sys
22:09:16.0078 0x0548 GLHIDKBFILTER - ok
22:09:16.0109 0x0548 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:09:16.0187 0x0548 Gpc - ok
22:09:16.0265 0x0548 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:09:16.0375 0x0548 HDAudBus - ok
22:09:16.0437 0x0548 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:09:16.0515 0x0548 helpsvc - ok
22:09:16.0515 0x0548 HidServ - ok
22:09:16.0531 0x0548 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:09:16.0625 0x0548 hidusb - ok
22:09:16.0671 0x0548 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:09:16.0750 0x0548 hkmsvc - ok
22:09:16.0750 0x0548 hpn - ok
22:09:16.0843 0x0548 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:09:16.0921 0x0548 HTTP - ok
22:09:16.0937 0x0548 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:09:17.0015 0x0548 HTTPFilter - ok
22:09:17.0015 0x0548 i2omgmt - ok
22:09:17.0031 0x0548 i2omp - ok
22:09:17.0062 0x0548 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:09:17.0156 0x0548 i8042prt - ok
22:09:17.0437 0x0548 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:09:17.0859 0x0548 idsvc - ok
22:09:17.0890 0x0548 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:09:17.0968 0x0548 Imapi - ok
22:09:18.0031 0x0548 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\System32\imapi.exe
22:09:18.0140 0x0548 ImapiService - ok
22:09:18.0156 0x0548 ini910u - ok
22:09:19.0062 0x0548 [ CBDDAB14249B2F05407FC09AB8FFFB88, F83B06B53A54463CC35487EE24E2D52A90F1867743A9323A98261FA187731B4F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:09:21.0031 0x0548 IntcAzAudAddService - ok
22:09:21.0046 0x0548 IntelIde - ok
22:09:21.0093 0x0548 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:09:21.0171 0x0548 intelppm - ok
22:09:21.0203 0x0548 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:09:21.0328 0x0548 ip6fw - ok
22:09:21.0359 0x0548 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:09:21.0453 0x0548 IpFilterDriver - ok
22:09:21.0484 0x0548 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:09:21.0562 0x0548 IpInIp - ok
22:09:21.0593 0x0548 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:09:21.0687 0x0548 IpNat - ok
22:09:21.0718 0x0548 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:09:21.0812 0x0548 IPSec - ok
22:09:21.0828 0x0548 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:09:21.0906 0x0548 IRENUM - ok
22:09:21.0953 0x0548 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:09:22.0031 0x0548 isapnp - ok
22:09:22.0171 0x0548 [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
22:09:22.0234 0x0548 JavaQuickStarterService - ok
22:09:22.0265 0x0548 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:09:22.0343 0x0548 Kbdclass - ok
22:09:22.0375 0x0548 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:09:22.0453 0x0548 kbdhid - ok
22:09:22.0515 0x0548 [ 186B54479D98E48AEE0E9ADA4B3C4D31, A8C1577876CF16186610F26D7D859F8FDA4057AAFC33E8212339F56DA6A5F874 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
22:09:22.0859 0x0548 KL1 - ok
22:09:22.0875 0x0548 [ BF485BFBA13C0AB116701FD9C55324D0, AA08276E8534D2ED9D714C43D6968524E74EE6101913B370CABF6D52842EF6EF ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys
22:09:22.0906 0x0548 kl2 - ok
22:09:23.0015 0x0548 [ 1267FC6F43F2868127A01E9766BF51A7, 1B19089B718BF63E6C80C00C58B0B063B83A9289D31F9F6E4B3106BB6183BF72 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
22:09:23.0218 0x0548 KLIF - ok
22:09:23.0281 0x0548 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:09:23.0390 0x0548 kmixer - ok
22:09:23.0437 0x0548 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:09:23.0500 0x0548 KSecDD - ok
22:09:23.0562 0x0548 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:09:23.0640 0x0548 lanmanserver - ok
22:09:23.0671 0x0548 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:09:23.0734 0x0548 lanmanworkstation - ok
22:09:23.0734 0x0548 lbrtfdc - ok
22:09:23.0781 0x0548 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:09:23.0859 0x0548 LmHosts - ok
22:09:23.0921 0x0548 [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
22:09:23.0953 0x0548 mbamchameleon - ok
22:09:24.0015 0x0548 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:09:24.0093 0x0548 Messenger - ok
22:09:24.0203 0x0548 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
22:09:24.0265 0x0548 Microsoft Office Groove Audit Service - ok
22:09:24.0281 0x0548 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:09:24.0359 0x0548 mnmdd - ok
22:09:24.0390 0x0548 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
22:09:24.0453 0x0548 mnmsrvc - ok
22:09:24.0484 0x0548 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:09:24.0562 0x0548 Modem - ok
22:09:24.0578 0x0548 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:09:24.0656 0x0548 Mouclass - ok
22:09:24.0687 0x0548 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:09:24.0765 0x0548 mouhid - ok
22:09:24.0796 0x0548 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:09:24.0875 0x0548 MountMgr - ok
22:09:24.0984 0x0548 [ 5C2B2F10C847834C6DA4E680A4093BA3, 0222EBC8789765613184F47339A1DBD118ED209B72BC5565A8A7D4FB4CCF5418 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
22:09:25.0031 0x0548 MozillaMaintenance - ok
22:09:25.0062 0x0548 [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
22:09:25.0140 0x0548 MPE - ok
22:09:25.0140 0x0548 mraid35x - ok
22:09:25.0218 0x0548 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:09:25.0375 0x0548 MRxDAV - ok
22:09:25.0500 0x0548 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:09:25.0687 0x0548 MRxSmb - ok
22:09:25.0718 0x0548 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:09:25.0796 0x0548 MSDTC - ok
22:09:25.0828 0x0548 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:09:25.0890 0x0548 Msfs - ok
22:09:25.0906 0x0548 MSIServer - ok
22:09:25.0937 0x0548 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:09:26.0015 0x0548 MSKSSRV - ok
22:09:26.0031 0x0548 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:09:26.0093 0x0548 MSPCLOCK - ok
22:09:26.0109 0x0548 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:09:26.0171 0x0548 MSPQM - ok
22:09:26.0187 0x0548 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:09:26.0250 0x0548 mssmbios - ok
22:09:26.0281 0x0548 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:09:26.0343 0x0548 MSTEE - ok
22:09:26.0375 0x0548 [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
22:09:26.0406 0x0548 MTsensor - ok
22:09:26.0453 0x0548 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:09:26.0515 0x0548 Mup - ok
22:09:26.0578 0x0548 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:09:26.0671 0x0548 NABTSFEC - ok
22:09:26.0781 0x0548 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:09:26.0921 0x0548 napagent - ok
22:09:27.0000 0x0548 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:09:27.0125 0x0548 NDIS - ok
22:09:27.0140 0x0548 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:09:27.0218 0x0548 NdisIP - ok
22:09:27.0234 0x0548 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:09:27.0265 0x0548 NdisTapi - ok
22:09:27.0281 0x0548 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:09:27.0359 0x0548 Ndisuio - ok
22:09:27.0406 0x0548 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:09:27.0484 0x0548 NdisWan - ok
22:09:27.0531 0x0548 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:09:27.0593 0x0548 NDProxy - ok
22:09:27.0625 0x0548 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:09:27.0703 0x0548 NetBIOS - ok
22:09:27.0750 0x0548 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:09:27.0859 0x0548 NetBT - ok
22:09:27.0921 0x0548 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
22:09:28.0031 0x0548 NetDDE - ok
22:09:28.0062 0x0548 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:09:28.0125 0x0548 NetDDEdsdm - ok
22:09:28.0156 0x0548 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\System32\lsass.exe
22:09:28.0234 0x0548 Netlogon - ok
22:09:28.0296 0x0548 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
22:09:28.0421 0x0548 Netman - ok
22:09:28.0468 0x0548 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:09:28.0515 0x0548 NetTcpPortSharing - ok
22:09:28.0562 0x0548 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:09:28.0640 0x0548 NIC1394 - ok
22:09:28.0718 0x0548 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
22:09:28.0812 0x0548 Nla - ok
22:09:28.0828 0x0548 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:09:28.0890 0x0548 Npfs - ok
22:09:29.0062 0x0548 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:09:29.0343 0x0548 Ntfs - ok
22:09:29.0359 0x0548 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
22:09:29.0421 0x0548 NtLmSsp - ok
22:09:29.0578 0x0548 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:09:29.0812 0x0548 NtmsSvc - ok
22:09:29.0843 0x0548 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:09:29.0906 0x0548 Null - ok
22:09:29.0937 0x0548 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:09:30.0015 0x0548 NwlnkFlt - ok
22:09:30.0046 0x0548 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:09:30.0109 0x0548 NwlnkFwd - ok
22:09:30.0296 0x0548 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
22:09:30.0484 0x0548 odserv - ok
22:09:30.0531 0x0548 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:09:30.0625 0x0548 ohci1394 - ok
22:09:30.0671 0x0548 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
22:09:30.0718 0x0548 ose - ok
22:09:30.0781 0x0548 [ 103A9B117A7D9903111955CDAFE65AC6, 06060CA6036F757ABB6C9CFD8376D70996E80ACC7896896DD426AEA0786E2B15 ] ossrv C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
22:09:30.0828 0x0548 ossrv - ok
22:09:31.0062 0x0548 [ 1DB419CB76493F6292CCFBDC3466F5FF, 28C12CA350FA9D33C31AC03F8EB6A7075E5CC3D45EDC083BFC2DE0C3C89185E2 ] P17 C:\WINDOWS\system32\drivers\P17.sys
22:09:31.0609 0x0548 P17 - ok
22:09:31.0640 0x0548 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
22:09:31.0734 0x0548 Parport - ok
22:09:31.0750 0x0548 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:09:31.0828 0x0548 PartMgr - ok
22:09:31.0859 0x0548 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:09:31.0921 0x0548 ParVdm - ok
22:09:31.0968 0x0548 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:09:32.0062 0x0548 PCI - ok
22:09:32.0062 0x0548 PciCon - ok
22:09:32.0078 0x0548 PCIDump - ok
22:09:32.0093 0x0548 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:09:32.0187 0x0548 PCIIde - ok
22:09:32.0265 0x0548 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:09:32.0359 0x0548 Pcmcia - ok
22:09:32.0375 0x0548 PDCOMP - ok
22:09:32.0390 0x0548 PDFRAME - ok
22:09:32.0390 0x0548 PDRELI - ok
22:09:32.0406 0x0548 PDRFRAME - ok
22:09:32.0421 0x0548 perc2 - ok
22:09:32.0437 0x0548 perc2hib - ok
22:09:32.0500 0x0548 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
22:09:32.0515 0x0548 PlugPlay - ok
22:09:32.0531 0x0548 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
22:09:32.0593 0x0548 PolicyAgent - ok
22:09:32.0609 0x0548 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:09:32.0687 0x0548 PptpMiniport - ok
22:09:32.0703 0x0548 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:09:32.0796 0x0548 Processor - ok
22:09:32.0796 0x0548 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:09:32.0859 0x0548 ProtectedStorage - ok
22:09:32.0890 0x0548 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:09:32.0968 0x0548 PSched - ok
22:09:33.0000 0x0548 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:09:33.0078 0x0548 Ptilink - ok
22:09:33.0078 0x0548 ql1080 - ok
22:09:33.0093 0x0548 Ql10wnt - ok
22:09:33.0109 0x0548 ql12160 - ok
22:09:33.0109 0x0548 ql1240 - ok
22:09:33.0125 0x0548 ql1280 - ok
22:09:33.0140 0x0548 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:09:33.0218 0x0548 RasAcd - ok
22:09:33.0265 0x0548 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:09:33.0359 0x0548 RasAuto - ok
22:09:33.0390 0x0548 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:09:33.0468 0x0548 Rasl2tp - ok
22:09:33.0531 0x0548 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:09:33.0640 0x0548 RasMan - ok
22:09:33.0671 0x0548 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:09:33.0750 0x0548 RasPppoe - ok
22:09:33.0765 0x0548 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:09:33.0828 0x0548 Raspti - ok
22:09:33.0875 0x0548 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:09:33.0984 0x0548 Rdbss - ok
22:09:33.0984 0x0548 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:09:34.0062 0x0548 RDPCDD - ok
22:09:34.0125 0x0548 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:09:34.0234 0x0548 rdpdr - ok
22:09:34.0296 0x0548 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:09:34.0390 0x0548 RDPWD - ok
22:09:34.0468 0x0548 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:09:34.0578 0x0548 RDSessMgr - ok
22:09:34.0625 0x0548 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:09:34.0687 0x0548 redbook - ok
22:09:34.0734 0x0548 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:09:34.0812 0x0548 RemoteAccess - ok
22:09:34.0859 0x0548 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:09:34.0953 0x0548 RemoteRegistry - ok
22:09:35.0000 0x0548 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\System32\locator.exe
22:09:35.0078 0x0548 RpcLocator - ok
22:09:35.0203 0x0548 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:09:35.0281 0x0548 RpcSs - ok
22:09:35.0312 0x0548 [ 43110C2A2C5ED32EAD96C440718E4452, BAF6E770620AA5B7C80273BB062D6F8FBCD8761FC681C425CC888DD11315AFEC ] RRNetCap C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
22:09:35.0343 0x0548 RRNetCap - ok
22:09:35.0343 0x0548 [ 43110C2A2C5ED32EAD96C440718E4452, BAF6E770620AA5B7C80273BB062D6F8FBCD8761FC681C425CC888DD11315AFEC ] RRNetCapMP C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
22:09:35.0359 0x0548 RRNetCapMP - ok
22:09:35.0437 0x0548 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\System32\rsvp.exe
22:09:35.0531 0x0548 RSVP - ok
22:09:35.0562 0x0548 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
22:09:35.0609 0x0548 SamSs - ok
22:09:35.0640 0x0548 SANDRA - ok
22:09:35.0687 0x0548 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:09:35.0781 0x0548 SCardSvr - ok
22:09:35.0859 0x0548 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:09:35.0953 0x0548 Schedule - ok
22:09:36.0015 0x0548 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:09:36.0078 0x0548 Secdrv - ok
22:09:36.0093 0x0548 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
22:09:36.0171 0x0548 seclogon - ok
22:09:36.0203 0x0548 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
22:09:36.0296 0x0548 SENS - ok
22:09:36.0328 0x0548 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:09:36.0390 0x0548 serenum - ok
22:09:36.0421 0x0548 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:09:36.0500 0x0548 Serial - ok
22:09:36.0546 0x0548 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:09:36.0625 0x0548 Sfloppy - ok
22:09:36.0734 0x0548 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:09:36.0968 0x0548 SharedAccess - ok
22:09:37.0015 0x0548 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:09:37.0031 0x0548 ShellHWDetection - ok
22:09:37.0031 0x0548 Simbad - ok
22:09:37.0078 0x0548 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:09:37.0140 0x0548 SLIP - ok
22:09:37.0171 0x0548 Sparrow - ok
22:09:37.0203 0x0548 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:09:37.0281 0x0548 splitter - ok
22:09:37.0328 0x0548 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:09:37.0359 0x0548 Spooler - ok
22:09:37.0390 0x0548 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:09:37.0468 0x0548 sr - ok
22:09:37.0531 0x0548 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\System32\srsvc.dll
22:09:37.0656 0x0548 srservice - ok
22:09:37.0750 0x0548 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:09:37.0921 0x0548 Srv - ok
22:09:37.0953 0x0548 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:09:38.0046 0x0548 SSDPSRV - ok
22:09:38.0140 0x0548 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:09:38.0375 0x0548 stisvc - ok
22:09:38.0406 0x0548 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:09:38.0484 0x0548 streamip - ok
22:09:38.0531 0x0548 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:09:38.0593 0x0548 swenum - ok
22:09:38.0625 0x0548 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:09:38.0703 0x0548 swmidi - ok
22:09:38.0703 0x0548 SwPrv - ok
22:09:38.0718 0x0548 symc810 - ok
22:09:38.0734 0x0548 symc8xx - ok
22:09:38.0750 0x0548 sym_hi - ok
22:09:38.0765 0x0548 sym_u3 - ok
22:09:38.0796 0x0548 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:09:38.0875 0x0548 sysaudio - ok
22:09:38.0921 0x0548 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:09:39.0000 0x0548 SysmonLog - ok
22:09:39.0062 0x0548 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:09:39.0187 0x0548 TapiSrv - ok
22:09:39.0234 0x0548 [ 74D4299CDC4CF748EFEF725C2206E135, 63E3C4E39BE2B2917FF990B1677DEB7F5DA24BD45636D8F600DFBA7E320AFBFF ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
22:09:39.0265 0x0548 tbhsd - ok
22:09:39.0359 0x0548 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:09:39.0531 0x0548 Tcpip - ok
22:09:39.0562 0x0548 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:09:39.0625 0x0548 TDPIPE - ok
22:09:39.0656 0x0548 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:09:39.0734 0x0548 TDTCP - ok
22:09:39.0750 0x0548 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:09:39.0843 0x0548 TermDD - ok
22:09:39.0906 0x0548 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
22:09:39.0984 0x0548 TermService - ok
22:09:40.0031 0x0548 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:09:40.0046 0x0548 Themes - ok
22:09:40.0093 0x0548 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
22:09:40.0218 0x0548 TlntSvr - ok
22:09:40.0218 0x0548 TosIde - ok
22:09:40.0265 0x0548 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:09:40.0359 0x0548 TrkWks - ok
22:09:40.0390 0x0548 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:09:40.0484 0x0548 Udfs - ok
22:09:40.0484 0x0548 ultra - ok
22:09:40.0531 0x0548 [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 H:\Unlocker\UnlockerDriver5.sys
22:09:40.0546 0x0548 UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
22:09:40.0546 0x0548 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
22:09:40.0656 0x0548 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:09:40.0875 0x0548 Update - ok
22:09:40.0937 0x0548 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:09:41.0062 0x0548 upnphost - ok
22:09:41.0093 0x0548 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
22:09:41.0156 0x0548 UPS - ok
22:09:41.0187 0x0548 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:09:41.0281 0x0548 usbccgp - ok
22:09:41.0312 0x0548 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:09:41.0343 0x0548 usbehci - ok
22:09:41.0375 0x0548 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:09:41.0468 0x0548 usbhub - ok
22:09:41.0500 0x0548 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:09:41.0578 0x0548 usbprint - ok
22:09:41.0609 0x0548 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:09:41.0640 0x0548 usbscan - ok
22:09:41.0671 0x0548 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:09:41.0750 0x0548 usbstor - ok
22:09:41.0796 0x0548 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:09:41.0875 0x0548 usbuhci - ok
22:09:41.0890 0x0548 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:09:41.0968 0x0548 VgaSave - ok
22:09:41.0968 0x0548 ViaIde - ok
22:09:42.0031 0x0548 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:09:42.0125 0x0548 VolSnap - ok
22:09:42.0234 0x0548 [ 623E14B1BC90E7CC139687BE47AD89A2, F560C90945B120B28EAF3DCD6593768FB640052E7FA1579C263935F512E3067E ] Vsdatant C:\WINDOWS\system32\vsdatant.sys
22:09:42.0390 0x0548 Vsdatant - ok
22:09:42.0421 0x0548 vsmon - ok
22:09:42.0531 0x0548 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
22:09:42.0671 0x0548 VSS - ok
22:09:42.0734 0x0548 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\System32\w32time.dll
22:09:42.0843 0x0548 W32Time - ok
22:09:42.0875 0x0548 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:09:42.0953 0x0548 Wanarp - ok
22:09:42.0968 0x0548 WDICA - ok
22:09:43.0015 0x0548 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:09:43.0109 0x0548 wdmaud - ok
22:09:43.0140 0x0548 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
22:09:43.0234 0x0548 WebClient - ok
22:09:43.0343 0x0548 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:09:43.0453 0x0548 winmgmt - ok
22:09:43.0500 0x0548 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:09:43.0562 0x0548 WmdmPmSN - ok
22:09:43.0750 0x0548 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:09:44.0062 0x0548 Wmi - ok
22:09:44.0109 0x0548 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:09:44.0234 0x0548 WmiApSrv - ok
22:09:44.0562 0x0548 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
22:09:45.0015 0x0548 WMPNetworkSvc - ok
22:09:45.0390 0x0548 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:09:45.0718 0x0548 WPFFontCache_v0400 - ok
22:09:45.0765 0x0548 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:09:45.0859 0x0548 wscsvc - ok
22:09:45.0875 0x0548 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:09:45.0953 0x0548 WSTCODEC - ok
22:09:45.0984 0x0548 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:09:46.0062 0x0548 wuauserv - ok
22:09:46.0109 0x0548 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:09:46.0171 0x0548 WudfPf - ok
22:09:46.0234 0x0548 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:09:46.0281 0x0548 WudfRd - ok
22:09:46.0328 0x0548 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:09:46.0343 0x0548 WudfSvc - ok
22:09:46.0468 0x0548 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:09:46.0703 0x0548 WZCSVC - ok
22:09:46.0750 0x0548 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:09:46.0828 0x0548 xmlprov - ok
22:09:46.0843 0x0548 ================ Scan global ===============================
22:09:46.0875 0x0548 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
22:09:46.0984 0x0548 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
22:09:47.0140 0x0548 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
22:09:47.0171 0x0548 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
22:09:47.0171 0x0548 [ Global ] - ok
22:09:47.0171 0x0548 ================ Scan MBR ==================================
22:09:47.0203 0x0548 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
22:09:47.0671 0x0548 \Device\Harddisk0\DR0 - ok
22:09:47.0671 0x0548 ================ Scan VBR ==================================
22:09:47.0703 0x0548 [ CE7A2B932693A1A76F9336723F1CE9C3 ] \Device\Harddisk0\DR0\Partition1
22:09:47.0718 0x0548 \Device\Harddisk0\DR0\Partition1 - ok
22:09:47.0734 0x0548 [ 54193D9BBB6C003BD5BBCBA096B5F982 ] \Device\Harddisk0\DR0\Partition2
22:09:47.0734 0x0548 \Device\Harddisk0\DR0\Partition2 - ok
22:09:47.0750 0x0548 [ 1E2BD9A0A784DD9DDAD32C7E9656906E ] \Device\Harddisk0\DR0\Partition3
22:09:47.0750 0x0548 \Device\Harddisk0\DR0\Partition3 - ok
22:09:47.0781 0x0548 [ 1B3B51E5ED26AF7CBA21D878B2FE792C ] \Device\Harddisk0\DR0\Partition4
22:09:47.0781 0x0548 \Device\Harddisk0\DR0\Partition4 - ok
22:09:47.0781 0x0548 ================ Scan generic autorun ======================
22:09:47.0875 0x0548 [ 52B642B30BAD0E7C4D56C5D3EAC76B97, 2DEBACF593826F638EE4FC7743ED981870277376B6742872E79F6FD5D694ADF2 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:09:47.0890 0x0548 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
22:09:47.0890 0x0548 StartCCC ( UnsignedFile.Multi.Generic ) - warning
22:09:47.0921 0x0548 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
22:09:47.0937 0x0548 GrooveMonitor - ok
22:09:47.0968 0x0548 [ 1E6C3B13181A5E08553AE5D5C9BF889E, 5571E2C5F44833F19CD69DBC433090F14590A663A088F2ADB8EEA7E74EB00097 ] C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
22:09:48.0000 0x0548 ZoneAlarm - ok
22:09:48.0078 0x0548 [ 19BC601BC3E0BADF3B41A9CFCFA3522D, 45D0B20C1E120632C28CC3E94AD6220F51CEAA07B3B802BFAEC8D0D2CF85427F ] H:\Presto! PVR\ChangeFilterMerit.exe
22:09:48.0109 0x0548 ChangeFilterMerit - detected UnsignedFile.Multi.Generic ( 1 )
22:09:48.0109 0x0548 ChangeFilterMerit ( UnsignedFile.Multi.Generic ) - warning
22:09:48.0125 0x0548 [ 0BF202E5AB8017ADD1AC8B603FB6F943, 9CF8C355E68D9754373A0B0660386E2F85D54943F442557F6FB5CE3D3F44C143 ] H:\Presto! PVR\Monitor.exe
22:09:48.0156 0x0548 Presto! PVR Monitor - detected UnsignedFile.Multi.Generic ( 1 )
22:09:48.0156 0x0548 Presto! PVR Monitor ( UnsignedFile.Multi.Generic ) - warning
22:09:48.0500 0x0548 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
22:09:48.0875 0x0548 Adobe ARM - ok
22:09:48.0875 0x0548 P17Helper - ok
22:09:52.0828 0x0548 [ 32C139FC0363681804EFF9394CD6B1B8, A364C5CEE0879BCF188317926C53220380A606408741D464682D6B9179B8C0EB ] C:\WINDOWS\RTHDCPL.EXE
22:10:00.0687 0x0548 RTHDCPL - ok
22:10:00.0750 0x0548 [ 8B4CBBA1EA526830C7F97E7822E2493A, 1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ] C:\WINDOWS\ALCMTR.EXE
22:10:00.0781 0x0548 Alcmtr - ok
22:10:00.0812 0x0548 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\WINDOWS\UpdReg.EXE
22:10:00.0843 0x0548 UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
22:10:00.0843 0x0548 UpdReg ( UnsignedFile.Multi.Generic ) - warning
22:10:00.0921 0x0548 [ 41C0DA03AB1CE6CD115E88691EA330D1, 480EAA7371198AB40A270CA3571E05DA1BA6CB3FF3D0625200EA927D6DE17D4E ] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
22:10:00.0937 0x0548 Microsoft Works Update Detection - detected UnsignedFile.Multi.Generic ( 1 )
22:10:00.0937 0x0548 Microsoft Works Update Detection ( UnsignedFile.Multi.Generic ) - warning
22:10:01.0015 0x0548 [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
22:10:01.0062 0x0548 SunJavaUpdateSched - ok
22:10:01.0109 0x0548 [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Programme\Avira\My Avira\Avira.OE.Systray.exe
22:10:01.0140 0x0548 Avira Systray - ok
22:10:01.0171 0x0548 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\System32\CTFMON.EXE
22:10:01.0250 0x0548 CTFMON.EXE - ok
22:10:01.0250 0x0548 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\System32\CTFMON.EXE
22:10:01.0312 0x0548 CTFMON.EXE - ok
22:10:01.0328 0x0548 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\System32\CTFMON.EXE
22:10:01.0390 0x0548 CTFMON.EXE - ok
22:10:01.0390 0x0548 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
22:10:01.0453 0x0548 CTFMON.EXE - ok
22:10:01.0906 0x0548 [ E9A75A7AECDC7B0D5A34C9D054767C64, E4A5AA6B2E812021EE5E0EBC2F6E039FF71E127E38B014EC5E14C2BCA0166C25 ] H:\HDD Health\HDD Health\HDDHealth.exe
22:10:02.0734 0x0548 HDDHealth - detected UnsignedFile.Multi.Generic ( 1 )
22:10:02.0734 0x0548 HDDHealth ( UnsignedFile.Multi.Generic ) - warning
22:10:02.0734 0x0548 Force sending object to P2P due to detect: H:\HDD Health\HDD Health\HDDHealth.exe
22:10:03.0125 0x0548 Object send P2P result: false
22:10:03.0187 0x0548 [ ADA26465D52A50A34CDBC5B785035EE6, E93B8E90743EC71E74A976CFF1828EB581CFCDB1F6018AE390D6610E10DA881D ] C:\Programme\Creative\Shared Files\CTSched.exe
22:10:03.0218 0x0548 CreativeTaskScheduler - detected UnsignedFile.Multi.Generic ( 1 )
22:10:03.0218 0x0548 CreativeTaskScheduler ( UnsignedFile.Multi.Generic ) - warning
22:10:06.0921 0x0548 [ 52FD61AFC3D2BF55226A7E5AC8C06673, 4D3E022FF7627416F88D56F6ED5C3481A70C32506A8F9FC0B88FE4AB0341F08C ] C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Spotify\spotify.exe
22:10:12.0062 0x0548 Spotify - ok
22:10:12.0750 0x0548 [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Dokumente und Einstellungen\Katharina\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe
22:10:13.0671 0x0548 Spotify Web Helper - ok
22:10:13.0765 0x0548 [ 2C70F8A6AF990F37080ABBF9552D708C, 39BB5946DF114E5744401D471F269951B71EA388B9D6640FA872CC87575F41B1 ] C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
22:10:13.0796 0x0548 RoboForm - ok
22:10:13.0984 0x0548 [ F78FEA74CC22F5549CD2D1683988FD9F, 6E3F05293C4B1A3519257C3C07774025EC9A9299D71B4FF12898ABC8934315E2 ] C:\Programme\Creative\Shared Files\Software Update\AutoUpdate.exe
22:10:14.0156 0x0548 Creative Software Update - ok
22:10:14.0265 0x0548 Zoner Photo Studio Service 16 - ok
22:10:14.0500 0x0548 [ 4FF34AEC8410B309DFD10BC6E065CA7C, F41A1047069E8E17AF62A5F11823F2312E139FAB6320492C74C8A549C07FCB36 ] H:\Zoner Photo Studio 16 (CB)\Photo Studio 16\Program32\ZPSTRAY.EXE
22:10:14.0843 0x0548 Zoner Photo Studio Autoupdate - ok
22:10:14.0875 0x0548 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
22:10:14.0937 0x0548 CTFMON.EXE - ok
22:10:14.0953 0x0548 AV detected via SS1: ZoneAlarm Antivirus, 10.2.064.000, enabled, updated
22:10:14.0953 0x0548 FW detected via SS1: ZoneAlarm Firewall, 10.2.064.000, enabled
22:10:14.0953 0x0548 ============================================================
22:10:14.0953 0x0548 Scan finished
22:10:14.0968 0x0548 ============================================================
22:10:14.0968 0x0470 Detected object count: 9
22:10:14.0968 0x0470 Actual detected object count: 9
22:11:37.0984 0x0470 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:37.0984 0x0470 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:37.0984 0x0470 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:37.0984 0x0470 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0000 0x0470 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0000 0x0470 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0000 0x0470 ChangeFilterMerit ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0000 0x0470 ChangeFilterMerit ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0000 0x0470 Presto! PVR Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0000 0x0470 Presto! PVR Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0015 0x0470 UpdReg ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0015 0x0470 UpdReg ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0015 0x0470 Microsoft Works Update Detection ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0015 0x0470 Microsoft Works Update Detection ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0015 0x0470 HDDHealth ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0015 0x0470 HDDHealth ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:11:38.0031 0x0470 CreativeTaskScheduler ( UnsignedFile.Multi.Generic ) - skipped by user
22:11:38.0031 0x0470 CreativeTaskScheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
28.03.2015, 12:30
| #6 |
| /// the machine /// TB-Ausbilder | Windows fährt nicht mehr hoch hi, Scan mit Combofix
__________________ --> Windows fährt nicht mehr hoch |
Linear-Darstellung
