Trojaner-Board - Maleware gefunden - was muß ich nun tun?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Maleware gefunden - was muß ich nun tun? (https://www.trojaner-board.de/164855-maleware-gefunden-tun.html)

mysteryPC

08.03.2015 16:05

Maleware gefunden - was muß ich nun tun?

Hallo,
ich hoffe ich bin in dieser Rubrik richtig,

heute wurde von meinem Antivirusprogramm (Avira) das erstem Mal Maleware gefunden. Diese habe ich in den Ordner Quarantäne verschoben und dann gelöscht. Daraufhin habe ich das Virusprogramm erneut durchlaufen lassen, diesmal ohne Fund.

War / Ist das korrekt so?
Wie kann ich herausfinden ob schon Schaden angerichtet wurde und ob die wirklich gelöscht sind so einfach?
Muß ich jetzt alle meine Passwörte ändern?

Wo kommen die her? Ich klicke nie Links in eMails an die ich bekomme die ich nicht 100%ig kenne)

Es handelte sich um:
tr/zbot.palsh
tr/cript.xpack.119403
und die anderen beiden waren auch
tr/cript.xpack. (aber mit anderen Nummern dahinter)

Würde mich freuen wenn mir jemand meine Frage hilfreich beantworten würde.

viele Dankende Grüße
mysteryPC

schrauber

08.03.2015 16:06

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

mysteryPC

08.03.2015 17:54

Hallo Schrauber, ich habe mir jetzt das FRST64 runtergeladen und es ist auch gelaufen (auf der Website steht das eh nur ein Programm von den beiden läuft von daher denke ich das war das richtige), aber ich finde kein #-Symbol und damit weiß ich nicht wie ich Dir was rübersenden soll...Er hat eine schadhafte Datei gefunden...

würde mich freuen wenn Du mir da weiterhilfst (bin totaler PC-Leghateniker aber ich gebe mein bestes)

PS: es sind auch keine Logdateien oder so auf meinem desktop...:-(

schrauber

08.03.2015 19:30

Zitat:

Er hat eine schadhafte Datei gefunden.

Kann nicht sein. Das Ding scannt nicht nach Schädlingen, der macht einfach nne Abbild des Systems, ich muss das von Hand auswerten.

Und nach dem Lauf öffnen sich automatisch zwei Logfiles.
Sicher dass Du das korrekte Tool geladen hast und nicht auf WErbung geklickt hast?

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

mysteryPC

08.03.2015 20:08

Juhuu jetzt hab ichs:
FRST.txt.:
FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2015 03

Ran by Slim (administrator) on SLIM-36FB768E46 on 08-03-2015 20:00:37

Running from C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4UGBU3HV

Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe

(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

(Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE

(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe

(RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe

(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe

() C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

() C:\Programme\CDBurnerXP\NMSAccessU.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

(Reimage®) C:\Programme\Reimage\Reimage Protector\ReiGuard.exe

(Reimage®) C:\Programme\Reimage\Reimage Protector\ReiSystem.exe

(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(RealNetworks, Inc.) C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\update.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\updrgui.exe

(Farbar) C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4UGBU3HV\FRST[1].exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\update.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP)

HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation)

HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)

HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.)

HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] ()

HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-05] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [MSMSGS] => C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\MountPoints2: {31dc8b12-1fbe-11e3-b359-0019dbcf6bff} - H:\VTP_Manager.exe

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk

ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Google

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: HKU\S-1-5-21-796845957-926492609-839522115-1003 - ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)

URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.)

BHO: ST-de3 Toolbar -> {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} -> C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)

Toolbar: HKLM - ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\.DEFAULT -> ST-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> ST-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12]

FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06]

FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06]
 

Chrome: 

=======

CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11]

CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]

CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Programme\facemoods.com\facemoods\1.4.17.3\facemoods.crx [Not Found]
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]

R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)

S2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]

R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]

S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google)

R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-27] (Mozilla Foundation)

R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()

R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 ReimageRealTimeProtector; C:\Programme\Reimage\Reimage Protector\ReiGuard.exe [6079848 2015-01-14] (Reimage®)

R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)

R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)

R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed]

R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]

R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)

R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation)

R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)

S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)

S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)

S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)

S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]

S3 cpuz134; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\cpuz134\cpuz134_x32.sys [X]

S4 IntelIde; No ImagePath

U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

U1 WS2IFSL; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-08 20:00 - 2015-03-08 20:00 - 00000000 ____D () C:\FRST

2015-03-08 17:33 - 2015-03-08 19:51 - 00000322 _____ () C:\WINDOWS\Tasks\ReimageUpdater.job

2015-03-08 17:32 - 2015-03-08 19:58 - 00000000 ____D () C:\Programme\Reimage

2015-03-08 17:32 - 2015-03-08 17:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Reimage Protector

2015-03-08 17:29 - 2015-03-08 18:04 - 00000165 _____ () C:\WINDOWS\Reimage.ini

2015-03-08 16:59 - 2015-03-08 17:00 - 00016486 _____ () C:\WINDOWS\KB2807986.log

2015-03-08 16:59 - 2015-03-08 16:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$

2015-03-08 16:52 - 2015-03-08 16:52 - 00013796 _____ () C:\WINDOWS\KB2868038.log

2015-03-08 16:52 - 2015-03-08 16:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$

2015-03-08 16:51 - 2015-03-08 16:52 - 00011537 _____ () C:\WINDOWS\KB978695.log

2015-03-08 16:48 - 2015-03-08 16:48 - 00014698 _____ () C:\WINDOWS\KB2603381.log

2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$

2015-03-08 16:47 - 2015-03-08 16:47 - 00015361 _____ () C:\WINDOWS\KB952069.log

2015-03-08 16:47 - 2015-03-08 16:47 - 00010517 _____ () C:\WINDOWS\KB2834903-v2.log

2015-03-08 16:47 - 2015-03-08 16:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$

2015-03-08 16:46 - 2015-03-08 16:47 - 00015844 _____ () C:\WINDOWS\KB2698365.log

2015-03-08 16:46 - 2015-03-08 16:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$

2015-03-08 16:41 - 2015-03-08 16:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$

2015-03-08 16:40 - 2015-03-08 16:41 - 00014505 _____ () C:\WINDOWS\KB2723135-v2.log

2015-03-08 16:40 - 2015-03-08 16:40 - 00011957 _____ () C:\WINDOWS\KB2909210-IE8.log

2015-03-08 16:40 - 2015-03-08 16:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$

2015-03-08 16:36 - 2015-03-08 16:47 - 00003199 _____ () C:\WINDOWS\updspapi.log

2015-03-08 16:35 - 2015-03-08 16:36 - 00014632 _____ () C:\WINDOWS\KB2936068-IE8.log

2015-03-08 16:32 - 2015-03-08 16:36 - 00009501 _____ () C:\WINDOWS\KB2868626.log

2015-03-08 16:30 - 2015-03-08 16:36 - 00007391 _____ () C:\WINDOWS\KB2922229.log

2015-03-08 16:30 - 2015-03-08 16:36 - 00007290 _____ () C:\WINDOWS\KB2712808.log

2015-03-08 16:23 - 2015-03-08 16:36 - 00007294 _____ () C:\WINDOWS\KB2916036.log

2015-03-08 16:22 - 2015-03-08 16:36 - 00007194 _____ () C:\WINDOWS\KB2780091.log

2015-03-08 16:22 - 2015-03-08 16:35 - 00007190 _____ () C:\WINDOWS\KB2864063.log

2015-03-08 16:22 - 2015-03-08 16:35 - 00007090 _____ () C:\WINDOWS\KB2585542.log

2015-03-08 16:21 - 2015-03-08 16:35 - 00007412 _____ () C:\WINDOWS\KB2930275.log

2015-03-08 16:21 - 2015-03-08 16:35 - 00006895 _____ () C:\WINDOWS\KB2876217.log

2015-03-08 16:21 - 2015-03-08 16:35 - 00006890 _____ () C:\WINDOWS\KB2802968.log

2015-03-08 16:21 - 2015-03-08 16:35 - 00006800 _____ () C:\WINDOWS\KB2631813.log

2015-03-08 16:21 - 2015-03-08 16:35 - 00006789 _____ () C:\WINDOWS\KB2847311.log

2015-03-08 16:20 - 2015-03-08 16:35 - 00006794 _____ () C:\WINDOWS\KB2898715.log

2015-03-08 16:20 - 2015-03-08 16:35 - 00006791 _____ () C:\WINDOWS\KB2929961.log

2015-03-08 16:19 - 2015-03-08 16:34 - 00006791 _____ () C:\WINDOWS\KB2850869.log

2015-03-08 16:19 - 2015-03-08 16:34 - 00006704 _____ () C:\WINDOWS\KB2691442.log

2015-03-08 16:18 - 2015-03-08 16:34 - 00006590 _____ () C:\WINDOWS\KB2655992.log

2015-03-08 16:16 - 2015-03-08 16:34 - 00006590 _____ () C:\WINDOWS\KB2862152.log

2015-03-08 16:16 - 2015-03-08 16:34 - 00006487 _____ () C:\WINDOWS\KB2598479.log

2015-03-08 16:16 - 2015-03-08 16:34 - 00006399 _____ () C:\WINDOWS\KB2719985.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00065980 _____ () C:\WINDOWS\iis6.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00061829 _____ () C:\WINDOWS\FaxSetup.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00029560 _____ () C:\WINDOWS\ocgen.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00028210 _____ () C:\WINDOWS\tsoc.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00020447 _____ () C:\WINDOWS\comsetup.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00018630 _____ () C:\WINDOWS\msmqinst.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00012380 _____ () C:\WINDOWS\ntdtcsetup.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00010830 _____ () C:\WINDOWS\netfxocm.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00004250 _____ () C:\WINDOWS\MedCtrOC.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00003420 _____ () C:\WINDOWS\ocmsn.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00003110 _____ () C:\WINDOWS\tabletoc.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00003090 _____ () C:\WINDOWS\msgsocm.log

2015-03-08 16:14 - 2015-03-08 17:00 - 00001355 _____ () C:\WINDOWS\imsins.log

2015-03-08 16:14 - 2015-03-08 16:52 - 00001355 _____ () C:\WINDOWS\imsins.BAK

2015-03-08 16:14 - 2015-03-08 16:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$

2015-03-08 16:13 - 2015-03-08 16:14 - 00007156 _____ () C:\WINDOWS\KB2914368.log

2015-03-08 16:06 - 2015-03-08 16:34 - 00006718 _____ () C:\WINDOWS\KB2859537.log

2015-03-08 16:06 - 2015-03-08 16:34 - 00006386 _____ () C:\WINDOWS\KB2876331.log

2015-03-08 16:06 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys

2015-03-08 16:06 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys

2015-03-08 16:03 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys

2015-03-08 16:03 - 2013-07-17 01:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys

2015-03-08 16:02 - 2015-03-08 16:33 - 00006289 _____ () C:\WINDOWS\KB2820917.log

2015-03-08 16:02 - 2015-03-08 16:33 - 00006288 _____ () C:\WINDOWS\KB2893294.log

2015-03-08 16:02 - 2015-03-08 16:33 - 00006194 _____ () C:\WINDOWS\KB2757638.log

2015-03-08 16:01 - 2015-03-08 16:33 - 00006088 _____ () C:\WINDOWS\KB2653956.log

2015-03-08 16:01 - 2015-03-08 16:33 - 00005989 _____ () C:\WINDOWS\KB2892075.log

2015-03-08 16:01 - 2015-03-08 16:33 - 00005988 _____ () C:\WINDOWS\KB2749655.log

2015-03-08 16:00 - 2015-03-08 16:33 - 00005889 _____ () C:\WINDOWS\KB2619339.log

2015-03-08 15:59 - 2015-03-08 16:33 - 00006449 _____ () C:\WINDOWS\KB2813345.log

2015-03-08 15:59 - 2015-03-08 16:33 - 00005832 _____ () C:\WINDOWS\KB2705219-v2.log

2015-03-08 15:59 - 2015-03-08 16:33 - 00005686 _____ () C:\WINDOWS\KB2727528.log

2015-03-08 15:59 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys

2015-03-08 15:59 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys

2015-03-08 15:59 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys

2015-03-08 15:58 - 2015-03-08 16:32 - 00007050 _____ () C:\WINDOWS\KB2676562.log

2015-03-08 15:56 - 2014-03-06 18:58 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6C1.tmp

2015-03-08 15:56 - 2014-03-06 18:58 - 06021632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6B9.tmp

2015-03-08 15:56 - 2014-03-06 18:58 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6BF.tmp

2015-03-08 15:56 - 2014-03-06 18:58 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6B3.tmp

2015-03-08 15:56 - 2014-03-06 18:58 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6BB.tmp

2015-03-08 15:56 - 2014-03-06 18:58 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll

2015-03-08 15:56 - 2014-03-06 18:58 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6B5.tmp

2015-03-08 15:56 - 2014-03-06 18:58 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6BA.tmp

2015-03-08 15:52 - 2015-03-08 16:30 - 00005386 _____ () C:\WINDOWS\KB2620712.log

2015-03-08 15:50 - 2015-03-08 16:15 - 00005352 _____ () C:\WINDOWS\KB2584146.log

2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\IETldCache
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-08 20:02 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp

2015-03-08 20:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-08 19:58 - 2013-10-08 13:38 - 00009248 _____ () C:\WINDOWS\system32\nvAppTimestamps

2015-03-08 19:58 - 2010-01-13 20:38 - 01306619 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-08 19:58 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme

2015-03-08 19:55 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-08 19:55 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-08 19:55 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-08 19:55 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl

2015-03-08 19:52 - 2010-01-13 20:31 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2015-03-08 19:52 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2015-03-08 19:51 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-08 19:51 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-08 19:51 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-08 19:14 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2015-03-08 19:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-08 18:40 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon

2015-03-08 18:40 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon

2015-03-08 18:39 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon

2015-03-08 18:39 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon

2015-03-08 18:37 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software

2015-03-08 18:37 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software

2015-03-08 18:37 - 2013-01-19 19:52 - 00000000 ____D () C:\Programme\Opera

2015-03-08 17:32 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme

2015-03-08 17:11 - 2010-01-13 20:44 - 00032566 _____ () C:\WINDOWS\SchedLgU.Txt

2015-03-08 17:10 - 2014-06-06 11:00 - 00131072 _____ () C:\WINDOWS\system32\config\CaptureL.evt

2015-03-08 17:10 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt

2015-03-08 17:08 - 2010-01-13 20:29 - 01468408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-03-08 16:59 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$

2015-03-08 16:52 - 2013-07-23 11:12 - 00121165 _____ () C:\WINDOWS\setupapi.log

2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates

2015-03-08 16:37 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer

2015-03-08 16:10 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini

2015-03-08 16:10 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim

2015-03-08 15:22 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn

2015-03-08 14:29 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2015-03-08 13:56 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService

2015-03-08 12:24 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration

2015-03-08 11:27 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Eigene Bilder

2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google

2015-03-02 14:23 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk

2015-02-23 08:27 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client

2015-02-21 11:24 - 2014-04-29 17:48 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-02-21 06:42 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService

2015-02-17 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-02-13 19:29 - 2011-05-06 09:50 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Meine Bilder (D)
 

==================== Files in the root of some directories =======
 

2013-09-30 14:01 - 2013-09-30 14:01 - 2328864 _____ () C:\Programme\AmazonMP3DownloaderInstall._V383688031_.exe

2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe

2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe

2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe

2011-02-18 10:13 - 2011-02-18 10:13 - 0287032 _____ () C:\Programme\SoftonicDownloader_fuer_picture-converter.exe

2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini

2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 

Some content of TEMP:

====================

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\AskSLib.dll

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\AutoRun.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\AutoRunGUI.dll

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\avgnt.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\BearShare_setup.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\drm_dialogs.dll

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\eauninstall.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\facemoods.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\fp_pl_pfs_installer.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\FreemakeVideoDownloader_3.7.0.1.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\Installhelper.dll

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\nsbE.tmp.ConduitEngineEmbbed.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\nsk9.tmp.ConduitEngineEmbbed.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\nsx9.tmp.ConduitEngineEmbbed.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\Offercast_AVIRAV7_.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\ReimagePackage.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\ReiSysUpdate.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\softonic-de3.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\sqlite3.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\stubhelper.dll

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\The Battle for Middle-earth_uninst.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\YSPCUNLR.dll

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is1.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is2.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is35.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is4.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is5.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is6.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is9.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is93.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_isD6.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_isE8.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_isE9.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt.

dditional scan result of Farbar Recovery Scan Tool (x86) Version: 08-03-2015 03
Ran by Slim at 2015-03-08 20:03:13
Running from C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4UGBU3HV
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden
ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)
CloneDVD2 (HKLM\...\CloneDVD2) (Version: - Elaborate Bytes)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version: - )
hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version: - )
InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)
Media & Office Keyboard (HKLM\...\OfficeKB) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version: - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834903-v2) (HKLM\...\KB2834903-v2_WM10L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
Skins (Version: 2009.0225.1546.28221 - ATI) Hidden
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden
softonic-de3 Toolbar (HKLM\...\softonic-de3 Toolbar) (Version: 5.7.1.1 - softonic-de3) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)
Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).

==================== Restore Points =========================

21-12-2014 16:30:17 alles gut und aufgeräumt
23-12-2014 12:04:23 Systemprüfpunkt
25-12-2014 11:39:40 Systemprüfpunkt
27-12-2014 11:28:21 Systemprüfpunkt
28-12-2014 17:24:43 Systemprüfpunkt
30-12-2014 06:57:18 Systemprüfpunkt
31-12-2014 11:13:10 Systemprüfpunkt
01-01-2015 16:03:49 Systemprüfpunkt
02-01-2015 16:04:04 Wiederherstellungsvorgang
03-01-2015 19:32:05 Systemprüfpunkt
05-01-2015 07:16:04 Systemprüfpunkt
06-01-2015 14:42:46 Systemprüfpunkt
08-01-2015 17:19:26 Software Distribution Service 3.0
10-01-2015 14:22:50 Systemprüfpunkt
11-01-2015 21:24:08 Systemprüfpunkt
13-01-2015 12:39:34 Systemprüfpunkt
15-01-2015 12:00:53 Systemprüfpunkt
16-01-2015 18:22:35 Systemprüfpunkt
18-01-2015 09:36:59 Systemprüfpunkt
19-01-2015 09:47:37 Systemprüfpunkt
20-01-2015 10:58:43 Systemprüfpunkt
21-01-2015 19:32:02 Systemprüfpunkt
23-01-2015 13:43:07 Systemprüfpunkt
25-01-2015 10:45:21 Systemprüfpunkt
26-01-2015 13:05:49 Systemprüfpunkt
28-01-2015 08:58:51 Systemprüfpunkt
01-02-2015 16:45:40 Systemprüfpunkt
04-02-2015 10:39:51 Systemprüfpunkt
05-02-2015 17:40:21 Systemprüfpunkt
06-02-2015 19:19:06 Systemprüfpunkt
08-02-2015 16:43:34 Systemprüfpunkt
09-02-2015 19:48:18 Systemprüfpunkt
13-02-2015 09:06:57 Systemprüfpunkt
14-02-2015 14:37:16 Systemprüfpunkt
16-02-2015 12:27:12 Systemprüfpunkt
17-02-2015 14:59:27 Systemprüfpunkt
18-02-2015 20:33:43 Systemprüfpunkt
20-02-2015 09:58:46 Systemprüfpunkt
21-02-2015 06:41:35 Wiederherstellungsvorgang
22-02-2015 10:23:25 Systemprüfpunkt
23-02-2015 12:03:52 Systemprüfpunkt
25-02-2015 08:59:20 Systemprüfpunkt
26-02-2015 12:51:19 Systemprüfpunkt
01-03-2015 10:16:00 Systemprüfpunkt
02-03-2015 18:48:27 Systemprüfpunkt
04-03-2015 09:05:07 Systemprüfpunkt
05-03-2015 16:55:36 Systemprüfpunkt
06-03-2015 17:39:59 Systemprüfpunkt
08-03-2015 09:48:11 Systemprüfpunkt
08-03-2015 16:10:23 Software Distribution Service 3.0
08-03-2015 18:38:36 Konfiguriert Ulead VideoStudio

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-02-28 13:00 - 2006-02-28 13:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\ReimageUpdater.job => C:\Programme\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2009-02-27 16:41 - 2009-02-27 16:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-01-13 21:28 - 2010-01-13 21:28 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2008-10-30 14:39 - 2008-10-30 14:39 - 00016384 ____R () C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS:E29D75DD5045D8C6
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)
ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)
Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)
Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)
Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim
SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/07/2015 06:25:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x00067a38.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.

Error: (03/07/2015 06:25:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x00067a38.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.

Error: (03/05/2015 04:35:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/27/2015 07:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung WINWORD.EXE, Version 10.0.6866.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/27/2015 07:52:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung WINWORD.EXE, Version 10.0.6866.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/22/2015 09:11:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/21/2015 05:20:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung avguard.exe, Version 14.0.7.462, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x03932136.
Das medienspezifische Ereignis für [avguard.exe!ws!] wird verarbeitet.

Error: (02/21/2015 05:19:53 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (02/21/2015 10:30:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung avguard.exe, Version 14.0.7.462, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x03932136.
Das medienspezifische Ereignis für [avguard.exe!ws!] wird verarbeitet.

Error: (02/21/2015 10:29:49 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

System errors:
=============
Error: (03/08/2015 07:52:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/08/2015 07:52:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Freemake Improver.

Error: (03/08/2015 05:16:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/08/2015 05:16:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Freemake Improver.

Error: (03/08/2015 04:47:39 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Silverlight (KB2977218)

Error: (03/08/2015 07:46:57 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.

Error: (03/07/2015 06:12:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.

Error: (03/06/2015 05:27:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.

Error: (03/06/2015 11:00:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.

Error: (03/06/2015 06:39:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.

Microsoft Office Sessions:
=========================
Error: (03/07/2015 06:25:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1915400067a38

Error: (03/07/2015 06:25:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1915400067a38

Error: (03/05/2015 04:35:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/27/2015 07:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000

Error: (02/27/2015 07:52:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000

Error: (02/22/2015 09:11:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/21/2015 05:20:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avguard.exe14.0.7.462unknown0.0.0.003932136

Error: (02/21/2015 05:19:53 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (02/21/2015 10:30:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: avguard.exe14.0.7.462unknown0.0.0.003932136

Error: (02/21/2015 10:29:49 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 49%
Total physical RAM: 1535.29 MB
Available physical RAM: 769.25 MB
Total Pagefile: 3431.74 MB
Available Pagefile: 2709.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.08 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:3.22 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:24.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber

09.03.2015 08:03

XP? Verschenkst Du gerne Passwörter und Geld??

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

softonic-de3 Toolbar
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

mysteryPC

09.03.2015 15:14

Code:

XP? Verschenkst Du gerne Passwörter und Geld??

???

Code:

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit

Ich wollte Dir nicht die Arbeit erschweren...Entschuldigung... aber so ganz versteh ich nicht...also alles nochmal und dann # und dazwischen einsetzen, ja?!

Oh man bitte hab Geduld mit mir ...

Punkt 1: Revo unistaller so wie Du beschrieben hast ausgeführt und entsprechende datei gelöscht...
war ganz leicht :-)

weiter gehts...

So: das Malwarebytes Anti-Rootkit hängt irgendwann und habe es abgebrochen um es erneut zu versuchen. Dort kam die Meldung wie ich es in letzter Zeit öfter bei einigen Dingen/Seiten habe:

Das Programm reagiert nicht....

was nun?

schrauber

09.03.2015 19:10

Mach gleich TDSSKiller.

zu XP:
XP ist seit April 14 tot. Nicht mehr unterstützt von MS. JEdes Passwort was dort benutzt wird, jede Geldtransaktion ist schon so gut wie verschenkt, es werden keine Sicherheitslücken mehr in XP geschlossen.

mysteryPC

10.03.2015 14:54

ok, werde gleich nach der Arbeit machen wie Du gesagt hast.

Soll ich den IE löschen oder einfach nicht mehr darüber reingehen?
Ok...eines nach dem anderen...ich denke ich habe sowieso noch das ein oder andere Problem dem ich mich nun PC-mäßig stellen muß...

Mal Danke sag für Deine Hilfe :-)

So. Habe das Maleware Rootkit nochmal durchlaufen lassen und jetzt ging es
Hoffe ich habe diesmal richtig eingegeben.
Er sagt er hat nix gefunden

Code:

Malwarebytes Anti-Rootkit BETA 1.09.1.1004

www.malwarebytes.org
 

Database version:

  main:    v2015.03.10.02

  rootkit: v2015.02.25.01
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Slim :: SLIM-36FB768E46 [administrator]
 

10.03.2015 10:18:40

mbar-log-2015-03-10 (10-18-40).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 376861

Time elapsed: 1 hour(s), 54 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

Hier der Killer

Code:

11:34:29.0812 0x0270  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

11:34:33.0953 0x0270  ============================================================

11:34:33.0953 0x0270  Current date / time: 2015/03/10 11:34:33.0953

11:34:33.0953 0x0270  SystemInfo:

11:34:33.0953 0x0270  

11:34:33.0953 0x0270  OS Version: 5.1.2600 ServicePack: 3.0

11:34:33.0953 0x0270  Product type: Workstation

11:34:33.0953 0x0270  ComputerName: SLIM-36FB768E46

11:34:33.0953 0x0270  UserName: Slim

11:34:33.0953 0x0270  Windows directory: C:\WINDOWS

11:34:33.0953 0x0270  System windows directory: C:\WINDOWS

11:34:33.0953 0x0270  Processor architecture: Intel x86

11:34:33.0953 0x0270  Number of processors: 2

11:34:33.0953 0x0270  Page size: 0x1000

11:34:33.0953 0x0270  Boot type: Normal boot

11:34:33.0953 0x0270  ============================================================

11:34:36.0828 0x0270  KLMD registered as C:\WINDOWS\system32\drivers\32397460.sys

11:34:37.0734 0x0270  System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}

11:34:38.0937 0x0270  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

11:34:38.0937 0x0270  ============================================================

11:34:38.0937 0x0270  \Device\Harddisk0\DR0:

11:34:38.0937 0x0270  MBR partitions:

11:34:38.0937 0x0270  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927

11:34:38.0937 0x0270  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B

11:34:38.0937 0x0270  ============================================================

11:34:38.0953 0x0270  C: <-> \Device\Harddisk0\DR0\Partition1

11:34:39.0000 0x0270  D: <-> \Device\Harddisk0\DR0\Partition2

11:34:39.0000 0x0270  ============================================================

11:34:39.0000 0x0270  Initialize success

11:34:39.0000 0x0270  ============================================================

11:35:07.0406 0x07b0  ============================================================

11:35:07.0406 0x07b0  Scan started

11:35:07.0406 0x07b0  Mode: Manual; SigCheck; TDLFS; 

11:35:07.0406 0x07b0  ============================================================

11:35:07.0406 0x07b0  KSN ping started

11:35:21.0703 0x07b0  KSN ping finished: true

11:35:22.0343 0x07b0  ================ Scan system memory ========================

11:35:22.0359 0x07b0  System memory - ok

11:35:22.0359 0x07b0  ================ Scan services =============================

11:35:22.0437 0x07b0  Abiosdsk - ok

11:35:22.0437 0x07b0  abp480n5 - ok

11:35:22.0484 0x07b0  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

11:35:24.0859 0x07b0  ACPI - ok

11:35:24.0890 0x07b0  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

11:35:25.0046 0x07b0  ACPIEC - ok

11:35:25.0109 0x07b0  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

11:35:25.0125 0x07b0  AdobeFlashPlayerUpdateSvc - ok

11:35:25.0140 0x07b0  adpu160m - ok

11:35:25.0156 0x07b0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

11:35:25.0328 0x07b0  aec - ok

11:35:25.0359 0x07b0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

11:35:25.0437 0x07b0  AFD - ok

11:35:25.0437 0x07b0  Aha154x - ok

11:35:25.0437 0x07b0  aic78u2 - ok

11:35:25.0453 0x07b0  aic78xx - ok

11:35:25.0484 0x07b0  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

11:35:25.0625 0x07b0  Alerter - ok

11:35:25.0656 0x07b0  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

11:35:25.0718 0x07b0  ALG - ok

11:35:25.0718 0x07b0  AliIde - ok

11:35:25.0859 0x07b0  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

11:35:26.0015 0x07b0  Ambfilt - ok

11:35:26.0031 0x07b0  amsint - ok

11:35:26.0156 0x07b0  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

11:35:26.0187 0x07b0  AntiVirSchedulerService - ok

11:35:26.0265 0x07b0  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

11:35:26.0281 0x07b0  AntiVirService - ok

11:35:26.0328 0x07b0  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

11:35:26.0406 0x07b0  AppMgmt - ok

11:35:26.0406 0x07b0  asc - ok

11:35:26.0421 0x07b0  asc3350p - ok

11:35:26.0421 0x07b0  asc3550 - ok

11:35:26.0531 0x07b0  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

11:35:26.0546 0x07b0  aspnet_state - ok

11:35:26.0578 0x07b0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

11:35:26.0718 0x07b0  AsyncMac - ok

11:35:26.0750 0x07b0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

11:35:26.0875 0x07b0  atapi - ok

11:35:26.0890 0x07b0  Atdisk - ok

11:35:27.0000 0x07b0  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

11:35:27.0140 0x07b0  Ati HotKey Poller - ok

11:35:27.0203 0x07b0  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

11:35:27.0265 0x07b0  ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )

11:35:29.0609 0x07b0  Detect skipped due to KSN trusted

11:35:29.0609 0x07b0  ATI Smart - ok

11:35:29.0828 0x07b0  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

11:35:30.0078 0x07b0  ati2mtag - ok

11:35:30.0125 0x07b0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

11:35:30.0265 0x07b0  Atmarpc - ok

11:35:30.0296 0x07b0  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

11:35:30.0437 0x07b0  AudioSrv - ok

11:35:30.0484 0x07b0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

11:35:30.0625 0x07b0  audstub - ok

11:35:30.0656 0x07b0  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

11:35:30.0703 0x07b0  avgntflt - ok

11:35:30.0734 0x07b0  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

11:35:30.0734 0x07b0  avipbb - ok

11:35:30.0750 0x07b0  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

11:35:30.0765 0x07b0  avkmgr - ok

11:35:30.0796 0x07b0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

11:35:30.0937 0x07b0  Beep - ok

11:35:31.0000 0x07b0  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

11:35:31.0187 0x07b0  BITS - ok

11:35:31.0234 0x07b0  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

11:35:31.0375 0x07b0  Browser - ok

11:35:31.0421 0x07b0  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

11:35:31.0437 0x07b0  Capture Device Service - ok

11:35:31.0468 0x07b0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

11:35:31.0625 0x07b0  cbidf2k - ok

11:35:31.0625 0x07b0  cd20xrnt - ok

11:35:31.0640 0x07b0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

11:35:31.0781 0x07b0  Cdaudio - ok

11:35:31.0796 0x07b0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

11:35:31.0937 0x07b0  Cdfs - ok

11:35:31.0968 0x07b0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

11:35:32.0109 0x07b0  Cdrom - ok

11:35:32.0109 0x07b0  Changer - ok

11:35:32.0156 0x07b0  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

11:35:32.0296 0x07b0  CiSvc - ok

11:35:32.0328 0x07b0  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

11:35:32.0468 0x07b0  ClipSrv - ok

11:35:32.0515 0x07b0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:35:32.0531 0x07b0  clr_optimization_v2.0.50727_32 - ok

11:35:32.0562 0x07b0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:35:32.0578 0x07b0  clr_optimization_v4.0.30319_32 - ok

11:35:32.0593 0x07b0  CmdIde - ok

11:35:32.0593 0x07b0  COMSysApp - ok

11:35:32.0609 0x07b0  Cpqarray - ok

11:35:32.0640 0x07b0  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

11:35:32.0781 0x07b0  CryptSvc - ok

11:35:32.0781 0x07b0  dac2w2k - ok

11:35:32.0796 0x07b0  dac960nt - ok

11:35:32.0859 0x07b0  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

11:35:32.0937 0x07b0  DcomLaunch - ok

11:35:32.0984 0x07b0  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

11:35:33.0125 0x07b0  Dhcp - ok

11:35:33.0171 0x07b0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

11:35:33.0296 0x07b0  Disk - ok

11:35:33.0296 0x07b0  dmadmin - ok

11:35:33.0390 0x07b0  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

11:35:33.0562 0x07b0  dmboot - ok

11:35:33.0593 0x07b0  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

11:35:33.0718 0x07b0  dmio - ok

11:35:33.0765 0x07b0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

11:35:33.0875 0x07b0  dmload - ok

11:35:33.0906 0x07b0  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

11:35:34.0031 0x07b0  dmserver - ok

11:35:34.0046 0x07b0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

11:35:34.0171 0x07b0  DMusic - ok

11:35:34.0218 0x07b0  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

11:35:34.0296 0x07b0  Dnscache - ok

11:35:34.0328 0x07b0  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

11:35:34.0468 0x07b0  Dot3svc - ok

11:35:34.0468 0x07b0  dpti2o - ok

11:35:34.0515 0x07b0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

11:35:34.0640 0x07b0  drmkaud - ok

11:35:34.0671 0x07b0  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

11:35:34.0796 0x07b0  EapHost - ok

11:35:34.0828 0x07b0  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

11:35:34.0843 0x07b0  ElbyCDIO - ok

11:35:34.0890 0x07b0  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

11:35:35.0000 0x07b0  ERSvc - ok

11:35:35.0046 0x07b0  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

11:35:35.0078 0x07b0  Eventlog - ok

11:35:35.0125 0x07b0  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

11:35:35.0187 0x07b0  EventSystem - ok

11:35:35.0218 0x07b0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

11:35:35.0343 0x07b0  Fastfat - ok

11:35:35.0375 0x07b0  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

11:35:35.0421 0x07b0  FastUserSwitchingCompatibility - ok

11:35:35.0468 0x07b0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

11:35:35.0578 0x07b0  Fdc - ok

11:35:35.0609 0x07b0  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

11:35:35.0734 0x07b0  Fips - ok

11:35:35.0750 0x07b0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

11:35:35.0859 0x07b0  Flpydisk - ok

11:35:35.0906 0x07b0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

11:35:36.0031 0x07b0  FltMgr - ok

11:35:36.0093 0x07b0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

11:35:36.0109 0x07b0  FontCache3.0.0.0 - ok

11:35:36.0218 0x07b0  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

11:35:36.0218 0x07b0  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

11:35:38.0546 0x07b0  Detect skipped due to KSN trusted

11:35:38.0546 0x07b0  Freemake Improver - ok

11:35:38.0609 0x07b0  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

11:35:38.0609 0x07b0  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

11:35:40.0953 0x07b0  Detect skipped due to KSN trusted

11:35:40.0953 0x07b0  FreemakeVideoCapture - ok

11:35:40.0968 0x07b0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

11:35:41.0078 0x07b0  Fs_Rec - ok

11:35:41.0093 0x07b0  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

11:35:41.0218 0x07b0  Ftdisk - ok

11:35:41.0281 0x07b0  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

11:35:41.0296 0x07b0  getPlusHelper - ok

11:35:41.0328 0x07b0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

11:35:41.0453 0x07b0  Gpc - ok

11:35:41.0515 0x07b0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

11:35:41.0531 0x07b0  gupdate - ok

11:35:41.0531 0x07b0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

11:35:41.0546 0x07b0  gupdatem - ok

11:35:41.0593 0x07b0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

11:35:41.0609 0x07b0  gusvc - ok

11:35:41.0656 0x07b0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

11:35:41.0781 0x07b0  HDAudBus - ok

11:35:41.0859 0x07b0  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

11:35:41.0968 0x07b0  helpsvc - ok

11:35:42.0015 0x07b0  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

11:35:42.0031 0x07b0  HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )

11:35:44.0359 0x07b0  Detect skipped due to KSN trusted

11:35:44.0359 0x07b0  HIDKbFlt - ok

11:35:44.0390 0x07b0  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

11:35:44.0531 0x07b0  HidServ - ok

11:35:44.0578 0x07b0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

11:35:44.0734 0x07b0  HidUsb - ok

11:35:44.0765 0x07b0  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

11:35:44.0906 0x07b0  hkmsvc - ok

11:35:44.0921 0x07b0  hpn - ok

11:35:44.0968 0x07b0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

11:35:45.0015 0x07b0  HTTP - ok

11:35:45.0062 0x07b0  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

11:35:45.0218 0x07b0  HTTPFilter - ok

11:35:45.0218 0x07b0  i2omgmt - ok

11:35:45.0234 0x07b0  i2omp - ok

11:35:45.0265 0x07b0  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

11:35:45.0421 0x07b0  i8042prt - ok

11:35:45.0546 0x07b0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

11:35:45.0593 0x07b0  idsvc - ok

11:35:45.0625 0x07b0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

11:35:45.0750 0x07b0  Imapi - ok

11:35:45.0796 0x07b0  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

11:35:45.0921 0x07b0  ImapiService - ok

11:35:45.0937 0x07b0  ini910u - ok

11:35:46.0250 0x07b0  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

11:35:46.0578 0x07b0  IntcAzAudAddService - ok

11:35:46.0593 0x07b0  IntelIde - ok

11:35:46.0640 0x07b0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

11:35:46.0765 0x07b0  Ip6Fw - ok

11:35:46.0796 0x07b0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

11:35:46.0921 0x07b0  IpFilterDriver - ok

11:35:46.0937 0x07b0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

11:35:47.0062 0x07b0  IpInIp - ok

11:35:47.0093 0x07b0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

11:35:47.0234 0x07b0  IpNat - ok

11:35:47.0250 0x07b0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

11:35:47.0375 0x07b0  IPSec - ok

11:35:47.0390 0x07b0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

11:35:47.0468 0x07b0  IRENUM - ok

11:35:47.0484 0x07b0  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

11:35:47.0593 0x07b0  isapnp - ok

11:35:47.0640 0x07b0  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

11:35:47.0656 0x07b0  Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )

11:35:49.0984 0x07b0  Detect skipped due to KSN trusted

11:35:49.0984 0x07b0  Iviaspi - ok

11:35:50.0015 0x07b0  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

11:35:50.0078 0x07b0  iviVD - ok

11:35:50.0125 0x07b0  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

11:35:50.0234 0x07b0  Kbdclass - ok

11:35:50.0265 0x07b0  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

11:35:50.0375 0x07b0  kbdhid - ok

11:35:50.0390 0x07b0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

11:35:50.0515 0x07b0  kmixer - ok

11:35:50.0562 0x07b0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

11:35:50.0609 0x07b0  KSecDD - ok

11:35:50.0656 0x07b0  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

11:35:50.0703 0x07b0  lanmanserver - ok

11:35:50.0750 0x07b0  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

11:35:50.0781 0x07b0  lanmanworkstation - ok

11:35:50.0781 0x07b0  lbrtfdc - ok

11:35:50.0828 0x07b0  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

11:35:50.0937 0x07b0  LmHosts - ok

11:35:50.0968 0x07b0  [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

11:35:50.0984 0x07b0  mbamchameleon - ok

11:35:51.0093 0x07b0  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

11:35:51.0109 0x07b0  MDM - ok

11:35:51.0140 0x07b0  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

11:35:51.0265 0x07b0  Messenger - ok

11:35:51.0296 0x07b0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

11:35:51.0406 0x07b0  mnmdd - ok

11:35:51.0437 0x07b0  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

11:35:51.0546 0x07b0  mnmsrvc - ok

11:35:51.0593 0x07b0  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

11:35:51.0703 0x07b0  Modem - ok

11:35:51.0828 0x07b0  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

11:35:51.0937 0x07b0  Monfilt - ok

11:35:51.0953 0x07b0  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

11:35:52.0062 0x07b0  Mouclass - ok

11:35:52.0093 0x07b0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

11:35:52.0203 0x07b0  MountMgr - ok

11:35:52.0250 0x07b0  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

11:35:52.0265 0x07b0  MozillaMaintenance - ok

11:35:52.0265 0x07b0  mraid35x - ok

11:35:52.0281 0x07b0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

11:35:52.0406 0x07b0  MRxDAV - ok

11:35:52.0468 0x07b0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

11:35:52.0531 0x07b0  MRxSmb - ok

11:35:52.0578 0x07b0  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

11:35:52.0671 0x07b0  MSDTC - ok

11:35:52.0703 0x07b0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

11:35:52.0812 0x07b0  Msfs - ok

11:35:52.0828 0x07b0  MSIServer - ok

11:35:52.0859 0x07b0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

11:35:52.0968 0x07b0  MSKSSRV - ok

11:35:52.0984 0x07b0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

11:35:53.0093 0x07b0  MSPCLOCK - ok

11:35:53.0109 0x07b0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

11:35:53.0203 0x07b0  MSPQM - ok

11:35:53.0234 0x07b0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

11:35:53.0328 0x07b0  mssmbios - ok

11:35:53.0375 0x07b0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

11:35:53.0421 0x07b0  Mup - ok

11:35:53.0468 0x07b0  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

11:35:53.0593 0x07b0  napagent - ok

11:35:53.0640 0x07b0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

11:35:53.0750 0x07b0  NDIS - ok

11:35:53.0781 0x07b0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

11:35:53.0828 0x07b0  NdisTapi - ok

11:35:53.0843 0x07b0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

11:35:53.0937 0x07b0  Ndisuio - ok

11:35:53.0968 0x07b0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

11:35:54.0078 0x07b0  NdisWan - ok

11:35:54.0125 0x07b0  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

11:35:54.0171 0x07b0  NDProxy - ok

11:35:54.0218 0x07b0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

11:35:54.0328 0x07b0  NetBIOS - ok

11:35:54.0359 0x07b0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

11:35:54.0468 0x07b0  NetBT - ok

11:35:54.0500 0x07b0  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

11:35:54.0625 0x07b0  NetDDE - ok

11:35:54.0625 0x07b0  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

11:35:54.0734 0x07b0  NetDDEdsdm - ok

11:35:54.0781 0x07b0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

11:35:54.0875 0x07b0  Netlogon - ok

11:35:54.0906 0x07b0  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

11:35:55.0015 0x07b0  Netman - ok

11:35:55.0062 0x07b0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:35:55.0078 0x07b0  NetTcpPortSharing - ok

11:35:55.0109 0x07b0  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

11:35:55.0140 0x07b0  Nla - ok

11:35:55.0203 0x07b0  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

11:35:55.0218 0x07b0  NMSAccess - ok

11:35:55.0265 0x07b0  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

11:35:55.0265 0x07b0  npf - ok

11:35:55.0312 0x07b0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

11:35:55.0421 0x07b0  Npfs - ok

11:35:55.0468 0x07b0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

11:35:55.0625 0x07b0  Ntfs - ok

11:35:55.0625 0x07b0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

11:35:55.0734 0x07b0  NtLmSsp - ok

11:35:55.0796 0x07b0  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

11:35:55.0953 0x07b0  NtmsSvc - ok

11:35:55.0968 0x07b0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

11:35:56.0078 0x07b0  Null - ok

11:35:56.0718 0x07b0  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

11:35:57.0296 0x07b0  nv - ok

11:35:57.0359 0x07b0  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

11:35:57.0359 0x07b0  NVHDA - ok

11:35:57.0406 0x07b0  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

11:35:57.0421 0x07b0  NVSvc - ok

11:35:57.0609 0x07b0  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

11:35:57.0718 0x07b0  nvUpdatusService - ok

11:35:57.0750 0x07b0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

11:35:57.0859 0x07b0  NwlnkFlt - ok

11:35:57.0890 0x07b0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

11:35:57.0984 0x07b0  NwlnkFwd - ok

11:35:58.0031 0x07b0  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

11:35:58.0156 0x07b0  Parport - ok

11:35:58.0171 0x07b0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

11:35:58.0281 0x07b0  PartMgr - ok

11:35:58.0312 0x07b0  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

11:35:58.0421 0x07b0  ParVdm - ok

11:35:58.0437 0x07b0  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

11:35:58.0546 0x07b0  PCI - ok

11:35:58.0562 0x07b0  PCIDump - ok

11:35:58.0593 0x07b0  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

11:35:58.0703 0x07b0  PCIIde - ok

11:35:58.0765 0x07b0  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

11:35:58.0875 0x07b0  Pcmcia - ok

11:35:58.0875 0x07b0  PDCOMP - ok

11:35:58.0890 0x07b0  PDFRAME - ok

11:35:58.0890 0x07b0  PDRELI - ok

11:35:58.0906 0x07b0  PDRFRAME - ok

11:35:58.0906 0x07b0  perc2 - ok

11:35:58.0906 0x07b0  perc2hib - ok

11:35:58.0953 0x07b0  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

11:35:58.0968 0x07b0  PlugPlay - ok

11:35:58.0968 0x07b0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

11:35:59.0078 0x07b0  PolicyAgent - ok

11:35:59.0078 0x07b0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

11:35:59.0203 0x07b0  PptpMiniport - ok

11:35:59.0218 0x07b0  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

11:35:59.0328 0x07b0  Processor - ok

11:35:59.0328 0x07b0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

11:35:59.0437 0x07b0  ProtectedStorage - ok

11:35:59.0453 0x07b0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

11:35:59.0562 0x07b0  PSched - ok

11:35:59.0593 0x07b0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

11:35:59.0703 0x07b0  Ptilink - ok

11:35:59.0703 0x07b0  ql1080 - ok

11:35:59.0718 0x07b0  Ql10wnt - ok

11:35:59.0718 0x07b0  ql12160 - ok

11:35:59.0734 0x07b0  ql1240 - ok

11:35:59.0734 0x07b0  ql1280 - ok

11:35:59.0765 0x07b0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

11:35:59.0875 0x07b0  RasAcd - ok

11:35:59.0890 0x07b0  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

11:36:00.0015 0x07b0  RasAuto - ok

11:36:00.0031 0x07b0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

11:36:00.0140 0x07b0  Rasl2tp - ok

11:36:00.0187 0x07b0  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

11:36:00.0296 0x07b0  RasMan - ok

11:36:00.0328 0x07b0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

11:36:00.0437 0x07b0  RasPppoe - ok

11:36:00.0453 0x07b0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

11:36:00.0546 0x07b0  Raspti - ok

11:36:00.0609 0x07b0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

11:36:00.0718 0x07b0  Rdbss - ok

11:36:00.0734 0x07b0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

11:36:00.0843 0x07b0  RDPCDD - ok

11:36:00.0875 0x07b0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

11:36:01.0000 0x07b0  rdpdr - ok

11:36:01.0031 0x07b0  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

11:36:01.0093 0x07b0  RDPWD - ok

11:36:01.0140 0x07b0  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

11:36:01.0265 0x07b0  RDSessMgr - ok

11:36:01.0328 0x07b0  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

11:36:01.0343 0x07b0  RealNetworks Downloader Resolver Service - ok

11:36:01.0359 0x07b0  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

11:36:01.0468 0x07b0  redbook - ok

11:36:01.0500 0x07b0  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

11:36:01.0609 0x07b0  RemoteAccess - ok

11:36:01.0640 0x07b0  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

11:36:01.0750 0x07b0  RemoteRegistry - ok

11:36:01.0781 0x07b0  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

11:36:01.0890 0x07b0  RpcLocator - ok

11:36:01.0953 0x07b0  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

11:36:02.0000 0x07b0  RpcSs - ok

11:36:02.0046 0x07b0  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

11:36:02.0171 0x07b0  RSVP - ok

11:36:02.0218 0x07b0  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

11:36:02.0250 0x07b0  RTLE8023xp - ok

11:36:02.0281 0x07b0  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

11:36:02.0375 0x07b0  SamSs - ok

11:36:02.0421 0x07b0  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

11:36:02.0531 0x07b0  SCardSvr - ok

11:36:02.0578 0x07b0  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

11:36:02.0687 0x07b0  Schedule - ok

11:36:02.0718 0x07b0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

11:36:02.0765 0x07b0  Secdrv - ok

11:36:02.0812 0x07b0  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

11:36:02.0906 0x07b0  seclogon - ok

11:36:02.0953 0x07b0  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

11:36:03.0062 0x07b0  SENS - ok

11:36:03.0078 0x07b0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

11:36:03.0187 0x07b0  serenum - ok

11:36:03.0203 0x07b0  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

11:36:03.0312 0x07b0  Serial - ok

11:36:03.0343 0x07b0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

11:36:03.0453 0x07b0  Sfloppy - ok

11:36:03.0515 0x07b0  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

11:36:03.0656 0x07b0  SharedAccess - ok

11:36:03.0687 0x07b0  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

11:36:03.0703 0x07b0  ShellHWDetection - ok

11:36:03.0703 0x07b0  Simbad - ok

11:36:03.0718 0x07b0  Sparrow - ok

11:36:03.0750 0x07b0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

11:36:03.0859 0x07b0  splitter - ok

11:36:03.0890 0x07b0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

11:36:03.0921 0x07b0  Spooler - ok

11:36:03.0937 0x07b0  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

11:36:04.0000 0x07b0  sr - ok

11:36:04.0062 0x07b0  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

11:36:04.0125 0x07b0  srservice - ok

11:36:04.0187 0x07b0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

11:36:04.0265 0x07b0  Srv - ok

11:36:04.0312 0x07b0  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

11:36:04.0375 0x07b0  SSDPSRV - ok

11:36:04.0390 0x07b0  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

11:36:04.0406 0x07b0  ssmdrv - ok

11:36:04.0437 0x07b0  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

11:36:04.0453 0x07b0  ss_bbus - ok

11:36:04.0484 0x07b0  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

11:36:04.0500 0x07b0  ss_bmdfl - ok

11:36:04.0546 0x07b0  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

11:36:04.0562 0x07b0  ss_bmdm - ok

11:36:04.0593 0x07b0  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

11:36:04.0609 0x07b0  ss_bserd - ok

11:36:04.0640 0x07b0  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

11:36:04.0656 0x07b0  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

11:36:07.0000 0x07b0  Detect skipped due to KSN trusted

11:36:07.0000 0x07b0  StarOpen - ok

11:36:07.0046 0x07b0  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

11:36:07.0203 0x07b0  stisvc - ok

11:36:07.0250 0x07b0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

11:36:07.0343 0x07b0  swenum - ok

11:36:07.0359 0x07b0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

11:36:07.0468 0x07b0  swmidi - ok

11:36:07.0484 0x07b0  SwPrv - ok

11:36:07.0484 0x07b0  symc810 - ok

11:36:07.0500 0x07b0  symc8xx - ok

11:36:07.0500 0x07b0  sym_hi - ok

11:36:07.0515 0x07b0  sym_u3 - ok

11:36:07.0531 0x07b0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

11:36:07.0640 0x07b0  sysaudio - ok

11:36:07.0687 0x07b0  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

11:36:07.0796 0x07b0  SysmonLog - ok

11:36:07.0859 0x07b0  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

11:36:07.0984 0x07b0  TapiSrv - ok

11:36:08.0062 0x07b0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

11:36:08.0125 0x07b0  Tcpip - ok

11:36:08.0156 0x07b0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

11:36:08.0250 0x07b0  TDPIPE - ok

11:36:08.0281 0x07b0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

11:36:08.0390 0x07b0  TDTCP - ok

11:36:08.0406 0x07b0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

11:36:08.0500 0x07b0  TermDD - ok

11:36:08.0546 0x07b0  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

11:36:08.0687 0x07b0  TermService - ok

11:36:08.0718 0x07b0  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

11:36:08.0734 0x07b0  Themes - ok

11:36:08.0765 0x07b0  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

11:36:08.0843 0x07b0  TlntSvr - ok

11:36:08.0843 0x07b0  TosIde - ok

11:36:08.0875 0x07b0  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

11:36:09.0015 0x07b0  TrkWks - ok

11:36:09.0031 0x07b0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

11:36:09.0156 0x07b0  Udfs - ok

11:36:09.0234 0x07b0  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

11:36:09.0250 0x07b0  UleadBurningHelper - ok

11:36:09.0250 0x07b0  ultra - ok

11:36:09.0296 0x07b0  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

11:36:09.0328 0x07b0  UMWdf - ok

11:36:09.0375 0x07b0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

11:36:09.0531 0x07b0  Update - ok

11:36:09.0562 0x07b0  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

11:36:09.0640 0x07b0  upnphost - ok

11:36:09.0671 0x07b0  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

11:36:09.0796 0x07b0  UPS - ok

11:36:09.0828 0x07b0  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

11:36:09.0953 0x07b0  usbaudio - ok

11:36:09.0984 0x07b0  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

11:36:10.0093 0x07b0  usbccgp - ok

11:36:10.0093 0x07b0  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

11:36:10.0203 0x07b0  usbehci - ok

11:36:10.0234 0x07b0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

11:36:10.0375 0x07b0  usbhub - ok

11:36:10.0390 0x07b0  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

11:36:10.0500 0x07b0  usbohci - ok

11:36:10.0531 0x07b0  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

11:36:10.0656 0x07b0  usbprint - ok

11:36:10.0703 0x07b0  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

11:36:10.0812 0x07b0  usbscan - ok

11:36:10.0859 0x07b0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

11:36:10.0984 0x07b0  USBSTOR - ok

11:36:11.0015 0x07b0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

11:36:11.0171 0x07b0  VgaSave - ok

11:36:11.0171 0x07b0  ViaIde - ok

11:36:11.0203 0x07b0  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

11:36:11.0328 0x07b0  VolSnap - ok

11:36:11.0375 0x07b0  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

11:36:11.0484 0x07b0  VSS - ok

11:36:11.0515 0x07b0  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

11:36:11.0625 0x07b0  W32Time - ok

11:36:11.0671 0x07b0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

11:36:11.0796 0x07b0  Wanarp - ok

11:36:11.0796 0x07b0  WDICA - ok

11:36:11.0843 0x07b0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

11:36:11.0968 0x07b0  wdmaud - ok

11:36:12.0015 0x07b0  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

11:36:12.0156 0x07b0  WebClient - ok

11:36:12.0234 0x07b0  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

11:36:12.0343 0x07b0  winmgmt - ok

11:36:12.0406 0x07b0  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

11:36:12.0468 0x07b0  WmdmPmSN - ok

11:36:12.0531 0x07b0  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

11:36:12.0609 0x07b0  Wmi - ok

11:36:12.0656 0x07b0  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

11:36:12.0765 0x07b0  WmiApSrv - ok

11:36:12.0796 0x07b0  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

11:36:12.0859 0x07b0  WpdUsb - ok

11:36:12.0953 0x07b0  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

11:36:13.0015 0x07b0  WPFFontCache_v0400 - ok

11:36:13.0062 0x07b0  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

11:36:13.0171 0x07b0  wscsvc - ok

11:36:13.0203 0x07b0  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

11:36:13.0312 0x07b0  wuauserv - ok

11:36:13.0390 0x07b0  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

11:36:13.0531 0x07b0  WZCSVC - ok

11:36:13.0562 0x07b0  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

11:36:13.0703 0x07b0  xmlprov - ok

11:36:13.0703 0x07b0  ================ Scan global ===============================

11:36:13.0718 0x07b0  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

11:36:13.0765 0x07b0  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

11:36:13.0796 0x07b0  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

11:36:13.0828 0x07b0  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

11:36:13.0828 0x07b0  [ Global ] - ok

11:36:13.0828 0x07b0  ================ Scan MBR ==================================

11:36:13.0843 0x07b0  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

11:36:14.0046 0x07b0  \Device\Harddisk0\DR0 - ok

11:36:14.0046 0x07b0  ================ Scan VBR ==================================

11:36:14.0046 0x07b0  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

11:36:14.0062 0x07b0  \Device\Harddisk0\DR0\Partition1 - ok

11:36:14.0062 0x07b0  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

11:36:14.0062 0x07b0  \Device\Harddisk0\DR0\Partition2 - ok

11:36:14.0062 0x07b0  ================ Scan generic autorun ======================

11:36:14.0171 0x07b0  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

11:36:14.0171 0x07b0  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

11:36:16.0500 0x07b0  Detect skipped due to KSN trusted

11:36:16.0500 0x07b0  StartCCC - ok

11:36:17.0453 0x07b0  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

11:36:18.0515 0x07b0  RTHDCPL - ok

11:36:18.0656 0x07b0  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

11:36:18.0671 0x07b0  Adobe Reader Speed Launcher - ok

11:36:18.0781 0x07b0  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

11:36:18.0828 0x07b0  Adobe ARM - ok

11:36:18.0906 0x07b0  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

11:36:19.0000 0x07b0  HPDJ Taskbar Utility - ok

11:36:19.0093 0x07b0  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

11:36:19.0125 0x07b0  UVS11 Preload - ok

11:36:19.0203 0x07b0  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

11:36:19.0234 0x07b0  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

11:36:21.0562 0x07b0  Detect skipped due to KSN trusted

11:36:21.0562 0x07b0  QuickTime Task - ok

11:36:21.0625 0x07b0  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

11:36:21.0625 0x07b0  OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )

11:36:31.0687 0x07b0  OfficeKB ( UnsignedFile.Multi.Generic ) - warning

11:36:31.0687 0x07b0  Force sending object to P2P due to detect: C:\PROGRA~1\OfficeKB\OfficeKB.EXE

11:36:36.0125 0x07b0  Object send P2P result: true

11:36:38.0468 0x07b0  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

11:36:38.0484 0x07b0  KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )

11:36:40.0812 0x07b0  KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning

11:36:43.0156 0x07b0  NvCplDaemon - ok

11:36:43.0156 0x07b0  NvMediaCenter - ok

11:36:43.0343 0x07b0  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

11:36:43.0468 0x07b0  nwiz - ok

11:36:43.0562 0x07b0  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

11:36:43.0609 0x07b0  Nvtmru - ok

11:36:43.0734 0x07b0  [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

11:36:43.0765 0x07b0  avgnt - ok

11:36:43.0890 0x07b0  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

11:36:43.0906 0x07b0  TkBellExe - ok

11:36:43.0937 0x07b0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

11:36:44.0046 0x07b0  CTFMON.EXE - ok

11:36:44.0062 0x07b0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

11:36:44.0156 0x07b0  CTFMON.EXE - ok

11:36:44.0156 0x07b0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

11:36:44.0265 0x07b0  CTFMON.EXE - ok

11:36:44.0265 0x07b0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

11:36:44.0359 0x07b0  CTFMON.EXE - ok

11:36:44.0500 0x07b0  [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe

11:36:44.0640 0x07b0  MSMSGS - ok

11:36:44.0812 0x07b0  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

11:36:44.0843 0x07b0  AmazonMP3DownloaderHelper - ok

11:36:44.0859 0x07b0  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

11:36:44.0968 0x07b0  CTFMON.EXE - ok

11:36:44.0968 0x07b0  Waiting for KSN requests completion. In queue: 11

11:36:45.0968 0x07b0  Waiting for KSN requests completion. In queue: 11

11:36:46.0968 0x07b0  Waiting for KSN requests completion. In queue: 11

11:36:47.0984 0x07b0  AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated

11:36:47.0984 0x07b0  Win FW state via NFM: enabled

11:36:50.0328 0x07b0  ============================================================

11:36:50.0328 0x07b0  Scan finished

11:36:50.0328 0x07b0  ============================================================

11:36:50.0328 0x0c74  Detected object count: 2

11:36:50.0328 0x0c74  Actual detected object count: 2

11:38:19.0546 0x0c74  OfficeKB ( UnsignedFile.Multi.Generic ) - skipped by user

11:38:19.0546 0x0c74  OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Skip 

11:38:19.0546 0x0c74  KPDrv4XP ( UnsignedFile.Multi.Generic ) - skipped by user

11:38:19.0546 0x0c74  KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Skip

Der TDSSKiller hat keine Verknüpfung auf dem Desktop warum weiß ich nicht :-(

PS: ich weiß nicht ob das wichtig ist für die weitere vorgehensweise, aber ich dachte ich erwähne es mal:

Die Schrift bei der Festplatte C sowie 2 andere Dateien sind neuerdings in blau dargestellt statt wie alles andere in Schwarz.

Desweiteren bekomme ich die Meldung nach dem hochfahren:
Could not load file assembly 'sorttbls.nlp' one of it's dependencies. das System konnte die angegebene Datei nicht finden.

schrauber

11.03.2015 06:48

Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"

Drücke auf Start Scan.
Mache während dem Scan nichts am Rechner
Gehe sicher das Cure ( default ) angehackt ist !
Drücke Continue --> Reboot.

TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

mysteryPC

11.03.2015 07:55

Irgendwas mache ich falsch habs jetzt mehrmals probiert und geguckt:

Code:

Gehe sicher das Cure ( default ) angehackt ist ! 

Drücke Continue --> Reboot.

Das gibt es bei mir nicht...

wenn der bei mir durchläuft habe ich genau das was vorher auch war zum schluß kommt ein fenster wo rechts ein knopf ist wo ich die zwei dateien entweder in Quaranäte kopieren kann oder Skip oder delete und oben in der grünen Leiste steht Copy all in Quaratäne und Restore default action...

häckchen für cure = ???

schrauber

11.03.2015 18:10

Dann wähle Copy to quarantine bitte :)

mysteryPC

11.03.2015 19:10

Code:

19:04:35.0343 0x0af4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

19:04:37.0843 0x0af4  ============================================================

19:04:37.0843 0x0af4  Current date / time: 2015/03/11 19:04:37.0843

19:04:37.0843 0x0af4  SystemInfo:

19:04:37.0843 0x0af4  

19:04:37.0843 0x0af4  OS Version: 5.1.2600 ServicePack: 3.0

19:04:37.0843 0x0af4  Product type: Workstation

19:04:37.0843 0x0af4  ComputerName: SLIM-36FB768E46

19:04:37.0843 0x0af4  UserName: Slim

19:04:37.0843 0x0af4  Windows directory: C:\WINDOWS

19:04:37.0843 0x0af4  System windows directory: C:\WINDOWS

19:04:37.0843 0x0af4  Processor architecture: Intel x86

19:04:37.0843 0x0af4  Number of processors: 2

19:04:37.0843 0x0af4  Page size: 0x1000

19:04:37.0843 0x0af4  Boot type: Normal boot

19:04:37.0843 0x0af4  ============================================================

19:04:41.0000 0x0af4  KLMD registered as C:\WINDOWS\system32\drivers\80761335.sys

19:04:41.0234 0x0af4  System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}

19:04:41.0890 0x0af4  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

19:04:41.0890 0x0af4  ============================================================

19:04:41.0890 0x0af4  \Device\Harddisk0\DR0:

19:04:41.0890 0x0af4  MBR partitions:

19:04:41.0890 0x0af4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927

19:04:41.0890 0x0af4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B

19:04:41.0890 0x0af4  ============================================================

19:04:41.0906 0x0af4  C: <-> \Device\Harddisk0\DR0\Partition1

19:04:41.0953 0x0af4  D: <-> \Device\Harddisk0\DR0\Partition2

19:04:41.0968 0x0af4  ============================================================

19:04:41.0968 0x0af4  Initialize success

19:04:41.0968 0x0af4  ============================================================

19:04:56.0843 0x0e7c  ============================================================

19:04:56.0843 0x0e7c  Scan started

19:04:56.0843 0x0e7c  Mode: Manual; SigCheck; TDLFS; 

19:04:56.0843 0x0e7c  ============================================================

19:04:56.0843 0x0e7c  KSN ping started

19:05:10.0343 0x0e7c  KSN ping finished: true

19:05:16.0828 0x0e7c  ================ Scan system memory ========================

19:05:16.0828 0x0e7c  System memory - ok

19:05:16.0828 0x0e7c  ================ Scan services =============================

19:05:17.0015 0x0e7c  Abiosdsk - ok

19:05:17.0015 0x0e7c  abp480n5 - ok

19:05:17.0093 0x0e7c  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:05:20.0718 0x0e7c  ACPI - ok

19:05:20.0812 0x0e7c  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:05:21.0031 0x0e7c  ACPIEC - ok

19:05:21.0218 0x0e7c  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:05:21.0359 0x0e7c  AdobeFlashPlayerUpdateSvc - ok

19:05:21.0437 0x0e7c  adpu160m - ok

19:05:21.0609 0x0e7c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:05:21.0937 0x0e7c  aec - ok

19:05:21.0984 0x0e7c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:05:22.0265 0x0e7c  AFD - ok

19:05:22.0265 0x0e7c  Aha154x - ok

19:05:22.0281 0x0e7c  aic78u2 - ok

19:05:22.0296 0x0e7c  aic78xx - ok

19:05:22.0437 0x0e7c  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:05:22.0671 0x0e7c  Alerter - ok

19:05:22.0859 0x0e7c  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

19:05:23.0000 0x0e7c  ALG - ok

19:05:23.0000 0x0e7c  AliIde - ok

19:05:23.0250 0x0e7c  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

19:05:24.0562 0x0e7c  Ambfilt - ok

19:05:24.0578 0x0e7c  amsint - ok

19:05:25.0109 0x0e7c  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:05:25.0218 0x0e7c  AntiVirSchedulerService - ok

19:05:25.0359 0x0e7c  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:05:25.0515 0x0e7c  AntiVirService - ok

19:05:25.0703 0x0e7c  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

19:05:26.0218 0x0e7c  AppMgmt - ok

19:05:26.0218 0x0e7c  asc - ok

19:05:26.0234 0x0e7c  asc3350p - ok

19:05:26.0234 0x0e7c  asc3550 - ok

19:05:26.0343 0x0e7c  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

19:05:26.0531 0x0e7c  aspnet_state - ok

19:05:26.0562 0x0e7c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:05:26.0734 0x0e7c  AsyncMac - ok

19:05:26.0765 0x0e7c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:05:26.0906 0x0e7c  atapi - ok

19:05:26.0921 0x0e7c  Atdisk - ok

19:05:27.0125 0x0e7c  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

19:05:27.0390 0x0e7c  Ati HotKey Poller - ok

19:05:27.0609 0x0e7c  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

19:05:27.0765 0x0e7c  ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )

19:05:30.0125 0x0e7c  Detect skipped due to KSN trusted

19:05:30.0125 0x0e7c  ATI Smart - ok

19:05:30.0359 0x0e7c  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

19:05:30.0765 0x0e7c  ati2mtag - ok

19:05:30.0828 0x0e7c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:05:31.0000 0x0e7c  Atmarpc - ok

19:05:31.0062 0x0e7c  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:05:31.0218 0x0e7c  AudioSrv - ok

19:05:31.0265 0x0e7c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:05:31.0500 0x0e7c  audstub - ok

19:05:31.0546 0x0e7c  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:05:31.0625 0x0e7c  avgntflt - ok

19:05:31.0656 0x0e7c  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:05:31.0703 0x0e7c  avipbb - ok

19:05:31.0718 0x0e7c  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:05:31.0734 0x0e7c  avkmgr - ok

19:05:31.0765 0x0e7c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:05:31.0921 0x0e7c  Beep - ok

19:05:31.0984 0x0e7c  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

19:05:32.0250 0x0e7c  BITS - ok

19:05:32.0281 0x0e7c  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

19:05:32.0437 0x0e7c  Browser - ok

19:05:32.0500 0x0e7c  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

19:05:32.0546 0x0e7c  Capture Device Service - ok

19:05:32.0609 0x0e7c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:05:32.0765 0x0e7c  cbidf2k - ok

19:05:32.0765 0x0e7c  cd20xrnt - ok

19:05:32.0781 0x0e7c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:05:32.0921 0x0e7c  Cdaudio - ok

19:05:32.0937 0x0e7c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:05:33.0109 0x0e7c  Cdfs - ok

19:05:33.0140 0x0e7c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:05:33.0281 0x0e7c  Cdrom - ok

19:05:33.0281 0x0e7c  Changer - ok

19:05:33.0328 0x0e7c  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:05:33.0453 0x0e7c  CiSvc - ok

19:05:33.0484 0x0e7c  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:05:33.0609 0x0e7c  ClipSrv - ok

19:05:33.0671 0x0e7c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:05:33.0765 0x0e7c  clr_optimization_v2.0.50727_32 - ok

19:05:33.0812 0x0e7c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:05:33.0875 0x0e7c  clr_optimization_v4.0.30319_32 - ok

19:05:33.0890 0x0e7c  CmdIde - ok

19:05:33.0890 0x0e7c  COMSysApp - ok

19:05:33.0906 0x0e7c  Cpqarray - ok

19:05:33.0937 0x0e7c  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:05:34.0078 0x0e7c  CryptSvc - ok

19:05:34.0093 0x0e7c  dac2w2k - ok

19:05:34.0093 0x0e7c  dac960nt - ok

19:05:34.0156 0x0e7c  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:05:34.0265 0x0e7c  DcomLaunch - ok

19:05:34.0312 0x0e7c  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:05:34.0453 0x0e7c  Dhcp - ok

19:05:34.0500 0x0e7c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:05:34.0640 0x0e7c  Disk - ok

19:05:34.0640 0x0e7c  dmadmin - ok

19:05:34.0718 0x0e7c  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:05:34.0953 0x0e7c  dmboot - ok

19:05:34.0984 0x0e7c  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:05:35.0140 0x0e7c  dmio - ok

19:05:35.0171 0x0e7c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:05:35.0343 0x0e7c  dmload - ok

19:05:35.0375 0x0e7c  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:05:35.0546 0x0e7c  dmserver - ok

19:05:35.0562 0x0e7c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:05:35.0750 0x0e7c  DMusic - ok

19:05:35.0796 0x0e7c  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:05:35.0921 0x0e7c  Dnscache - ok

19:05:35.0984 0x0e7c  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:05:36.0156 0x0e7c  Dot3svc - ok

19:05:36.0156 0x0e7c  dpti2o - ok

19:05:36.0187 0x0e7c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:05:36.0343 0x0e7c  drmkaud - ok

19:05:36.0406 0x0e7c  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:05:36.0546 0x0e7c  EapHost - ok

19:05:36.0625 0x0e7c  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

19:05:36.0671 0x0e7c  ElbyCDIO - ok

19:05:36.0718 0x0e7c  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:05:36.0890 0x0e7c  ERSvc - ok

19:05:36.0937 0x0e7c  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

19:05:37.0000 0x0e7c  Eventlog - ok

19:05:37.0062 0x0e7c  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

19:05:37.0156 0x0e7c  EventSystem - ok

19:05:37.0171 0x0e7c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:05:37.0312 0x0e7c  Fastfat - ok

19:05:37.0359 0x0e7c  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:05:37.0437 0x0e7c  FastUserSwitchingCompatibility - ok

19:05:37.0468 0x0e7c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

19:05:37.0609 0x0e7c  Fdc - ok

19:05:37.0640 0x0e7c  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:05:37.0781 0x0e7c  Fips - ok

19:05:37.0796 0x0e7c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

19:05:37.0953 0x0e7c  Flpydisk - ok

19:05:37.0984 0x0e7c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:05:38.0109 0x0e7c  FltMgr - ok

19:05:38.0187 0x0e7c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:05:38.0234 0x0e7c  FontCache3.0.0.0 - ok

19:05:38.0343 0x0e7c  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

19:05:38.0406 0x0e7c  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

19:05:40.0750 0x0e7c  Detect skipped due to KSN trusted

19:05:40.0750 0x0e7c  Freemake Improver - ok

19:05:40.0859 0x0e7c  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

19:05:40.0906 0x0e7c  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

19:05:43.0250 0x0e7c  Detect skipped due to KSN trusted

19:05:43.0250 0x0e7c  FreemakeVideoCapture - ok

19:05:43.0265 0x0e7c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:05:43.0390 0x0e7c  Fs_Rec - ok

19:05:43.0406 0x0e7c  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:05:43.0578 0x0e7c  Ftdisk - ok

19:05:43.0656 0x0e7c  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

19:05:43.0781 0x0e7c  getPlusHelper - ok

19:05:44.0125 0x0e7c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:05:44.0437 0x0e7c  Gpc - ok

19:05:44.0640 0x0e7c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:05:44.0734 0x0e7c  gupdate - ok

19:05:44.0750 0x0e7c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:05:44.0765 0x0e7c  gupdatem - ok

19:05:44.0984 0x0e7c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

19:05:45.0140 0x0e7c  gusvc - ok

19:05:45.0312 0x0e7c  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:05:45.0562 0x0e7c  HDAudBus - ok

19:05:45.0703 0x0e7c  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:05:45.0921 0x0e7c  helpsvc - ok

19:05:45.0968 0x0e7c  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

19:05:46.0125 0x0e7c  HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )

19:05:48.0453 0x0e7c  Detect skipped due to KSN trusted

19:05:48.0453 0x0e7c  HIDKbFlt - ok

19:05:48.0484 0x0e7c  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

19:05:48.0640 0x0e7c  HidServ - ok

19:05:48.0671 0x0e7c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:05:48.0828 0x0e7c  HidUsb - ok

19:05:48.0906 0x0e7c  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:05:49.0046 0x0e7c  hkmsvc - ok

19:05:49.0062 0x0e7c  hpn - ok

19:05:49.0109 0x0e7c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:05:49.0171 0x0e7c  HTTP - ok

19:05:49.0218 0x0e7c  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:05:49.0343 0x0e7c  HTTPFilter - ok

19:05:49.0343 0x0e7c  i2omgmt - ok

19:05:49.0359 0x0e7c  i2omp - ok

19:05:49.0390 0x0e7c  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:05:49.0531 0x0e7c  i8042prt - ok

19:05:49.0656 0x0e7c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:05:49.0812 0x0e7c  idsvc - ok

19:05:49.0843 0x0e7c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:05:50.0000 0x0e7c  Imapi - ok

19:05:50.0031 0x0e7c  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:05:50.0171 0x0e7c  ImapiService - ok

19:05:50.0187 0x0e7c  ini910u - ok

19:05:50.0500 0x0e7c  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

19:05:51.0078 0x0e7c  IntcAzAudAddService - ok

19:05:51.0093 0x0e7c  IntelIde - ok

19:05:51.0140 0x0e7c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:05:51.0281 0x0e7c  Ip6Fw - ok

19:05:51.0312 0x0e7c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:05:51.0453 0x0e7c  IpFilterDriver - ok

19:05:51.0484 0x0e7c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:05:51.0625 0x0e7c  IpInIp - ok

19:05:51.0656 0x0e7c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:05:51.0812 0x0e7c  IpNat - ok

19:05:51.0828 0x0e7c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:05:51.0953 0x0e7c  IPSec - ok

19:05:51.0968 0x0e7c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:05:52.0062 0x0e7c  IRENUM - ok

19:05:52.0093 0x0e7c  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:05:52.0234 0x0e7c  isapnp - ok

19:05:52.0281 0x0e7c  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

19:05:52.0312 0x0e7c  Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )

19:05:54.0640 0x0e7c  Detect skipped due to KSN trusted

19:05:54.0640 0x0e7c  Iviaspi - ok

19:05:54.0671 0x0e7c  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

19:05:54.0734 0x0e7c  iviVD - ok

19:05:54.0781 0x0e7c  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:05:54.0921 0x0e7c  Kbdclass - ok

19:05:54.0968 0x0e7c  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:05:55.0093 0x0e7c  kbdhid - ok

19:05:55.0140 0x0e7c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:05:55.0265 0x0e7c  kmixer - ok

19:05:55.0359 0x0e7c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:05:55.0578 0x0e7c  KSecDD - ok

19:05:55.0671 0x0e7c  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:05:55.0859 0x0e7c  lanmanserver - ok

19:05:56.0015 0x0e7c  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:05:56.0312 0x0e7c  lanmanworkstation - ok

19:05:56.0312 0x0e7c  lbrtfdc - ok

19:05:56.0562 0x0e7c  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:05:56.0875 0x0e7c  LmHosts - ok

19:05:57.0000 0x0e7c  [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

19:05:57.0078 0x0e7c  mbamchameleon - ok

19:05:57.0359 0x0e7c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

19:05:57.0578 0x0e7c  MDM - ok

19:05:57.0765 0x0e7c  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:05:58.0093 0x0e7c  Messenger - ok

19:05:58.0203 0x0e7c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:05:58.0390 0x0e7c  mnmdd - ok

19:05:58.0484 0x0e7c  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:05:58.0656 0x0e7c  mnmsrvc - ok

19:05:58.0765 0x0e7c  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:05:58.0968 0x0e7c  Modem - ok

19:05:59.0421 0x0e7c  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

19:06:00.0578 0x0e7c  Monfilt - ok

19:06:00.0656 0x0e7c  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:06:00.0843 0x0e7c  Mouclass - ok

19:06:00.0921 0x0e7c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:06:01.0093 0x0e7c  MountMgr - ok

19:06:01.0171 0x0e7c  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

19:06:01.0218 0x0e7c  MozillaMaintenance - ok

19:06:01.0218 0x0e7c  mraid35x - ok

19:06:01.0250 0x0e7c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:06:01.0421 0x0e7c  MRxDAV - ok

19:06:01.0484 0x0e7c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:06:01.0718 0x0e7c  MRxSmb - ok

19:06:01.0828 0x0e7c  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:06:02.0015 0x0e7c  MSDTC - ok

19:06:02.0078 0x0e7c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:06:02.0234 0x0e7c  Msfs - ok

19:06:02.0250 0x0e7c  MSIServer - ok

19:06:02.0281 0x0e7c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:06:02.0406 0x0e7c  MSKSSRV - ok

19:06:02.0421 0x0e7c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:06:02.0562 0x0e7c  MSPCLOCK - ok

19:06:02.0593 0x0e7c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:06:02.0718 0x0e7c  MSPQM - ok

19:06:02.0750 0x0e7c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:06:02.0859 0x0e7c  mssmbios - ok

19:06:02.0906 0x0e7c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:06:02.0984 0x0e7c  Mup - ok

19:06:03.0031 0x0e7c  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:06:03.0187 0x0e7c  napagent - ok

19:06:03.0234 0x0e7c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:06:03.0390 0x0e7c  NDIS - ok

19:06:03.0421 0x0e7c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:06:03.0515 0x0e7c  NdisTapi - ok

19:06:03.0515 0x0e7c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:06:03.0656 0x0e7c  Ndisuio - ok

19:06:03.0671 0x0e7c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:06:03.0796 0x0e7c  NdisWan - ok

19:06:03.0843 0x0e7c  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:06:03.0906 0x0e7c  NDProxy - ok

19:06:03.0953 0x0e7c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:06:04.0078 0x0e7c  NetBIOS - ok

19:06:04.0109 0x0e7c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:06:04.0281 0x0e7c  NetBT - ok

19:06:04.0312 0x0e7c  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:06:04.0437 0x0e7c  NetDDE - ok

19:06:04.0468 0x0e7c  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:06:04.0562 0x0e7c  NetDDEdsdm - ok

19:06:04.0609 0x0e7c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:06:04.0718 0x0e7c  Netlogon - ok

19:06:04.0750 0x0e7c  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

19:06:04.0921 0x0e7c  Netman - ok

19:06:04.0968 0x0e7c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:06:05.0046 0x0e7c  NetTcpPortSharing - ok

19:06:05.0078 0x0e7c  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:06:05.0140 0x0e7c  Nla - ok

19:06:05.0203 0x0e7c  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

19:06:05.0250 0x0e7c  NMSAccess - ok

19:06:05.0281 0x0e7c  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

19:06:05.0312 0x0e7c  npf - ok

19:06:05.0359 0x0e7c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:06:05.0500 0x0e7c  Npfs - ok

19:06:05.0562 0x0e7c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:06:05.0750 0x0e7c  Ntfs - ok

19:06:05.0765 0x0e7c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:06:05.0875 0x0e7c  NtLmSsp - ok

19:06:05.0937 0x0e7c  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:06:06.0140 0x0e7c  NtmsSvc - ok

19:06:06.0156 0x0e7c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:06:06.0296 0x0e7c  Null - ok

19:06:06.0937 0x0e7c  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:06:08.0000 0x0e7c  nv - ok

19:06:08.0078 0x0e7c  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

19:06:08.0140 0x0e7c  NVHDA - ok

19:06:08.0171 0x0e7c  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

19:06:08.0218 0x0e7c  NVSvc - ok

19:06:08.0421 0x0e7c  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

19:06:08.0968 0x0e7c  nvUpdatusService - ok

19:06:09.0000 0x0e7c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:06:09.0171 0x0e7c  NwlnkFlt - ok

19:06:09.0203 0x0e7c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:06:09.0328 0x0e7c  NwlnkFwd - ok

19:06:09.0359 0x0e7c  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:06:09.0515 0x0e7c  Parport - ok

19:06:09.0531 0x0e7c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:06:09.0734 0x0e7c  PartMgr - ok

19:06:09.0765 0x0e7c  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:06:09.0921 0x0e7c  ParVdm - ok

19:06:09.0937 0x0e7c  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:06:10.0093 0x0e7c  PCI - ok

19:06:10.0093 0x0e7c  PCIDump - ok

19:06:10.0140 0x0e7c  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:06:10.0281 0x0e7c  PCIIde - ok

19:06:10.0328 0x0e7c  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:06:10.0468 0x0e7c  Pcmcia - ok

19:06:10.0468 0x0e7c  PDCOMP - ok

19:06:10.0484 0x0e7c  PDFRAME - ok

19:06:10.0484 0x0e7c  PDRELI - ok

19:06:10.0500 0x0e7c  PDRFRAME - ok

19:06:10.0500 0x0e7c  perc2 - ok

19:06:10.0515 0x0e7c  perc2hib - ok

19:06:10.0546 0x0e7c  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

19:06:10.0578 0x0e7c  PlugPlay - ok

19:06:10.0593 0x0e7c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:06:10.0703 0x0e7c  PolicyAgent - ok

19:06:10.0734 0x0e7c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:06:10.0875 0x0e7c  PptpMiniport - ok

19:06:10.0890 0x0e7c  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

19:06:11.0031 0x0e7c  Processor - ok

19:06:11.0031 0x0e7c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:06:11.0140 0x0e7c  ProtectedStorage - ok

19:06:11.0156 0x0e7c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:06:11.0296 0x0e7c  PSched - ok

19:06:11.0328 0x0e7c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:06:11.0453 0x0e7c  Ptilink - ok

19:06:11.0453 0x0e7c  ql1080 - ok

19:06:11.0468 0x0e7c  Ql10wnt - ok

19:06:11.0468 0x0e7c  ql12160 - ok

19:06:11.0484 0x0e7c  ql1240 - ok

19:06:11.0484 0x0e7c  ql1280 - ok

19:06:11.0500 0x0e7c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:06:11.0656 0x0e7c  RasAcd - ok

19:06:11.0687 0x0e7c  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:06:11.0828 0x0e7c  RasAuto - ok

19:06:11.0859 0x0e7c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:06:12.0000 0x0e7c  Rasl2tp - ok

19:06:12.0046 0x0e7c  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:06:12.0171 0x0e7c  RasMan - ok

19:06:12.0187 0x0e7c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:06:12.0343 0x0e7c  RasPppoe - ok

19:06:12.0359 0x0e7c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:06:12.0484 0x0e7c  Raspti - ok

19:06:12.0531 0x0e7c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:06:12.0718 0x0e7c  Rdbss - ok

19:06:12.0734 0x0e7c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:06:12.0906 0x0e7c  RDPCDD - ok

19:06:12.0937 0x0e7c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:06:13.0109 0x0e7c  rdpdr - ok

19:06:13.0156 0x0e7c  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:06:13.0250 0x0e7c  RDPWD - ok

19:06:13.0296 0x0e7c  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:06:13.0453 0x0e7c  RDSessMgr - ok

19:06:13.0546 0x0e7c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

19:06:13.0578 0x0e7c  RealNetworks Downloader Resolver Service - ok

19:06:13.0609 0x0e7c  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:06:13.0750 0x0e7c  redbook - ok

19:06:13.0796 0x0e7c  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:06:13.0921 0x0e7c  RemoteAccess - ok

19:06:13.0968 0x0e7c  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

19:06:14.0109 0x0e7c  RemoteRegistry - ok

19:06:14.0140 0x0e7c  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:06:14.0281 0x0e7c  RpcLocator - ok

19:06:14.0328 0x0e7c  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:06:14.0406 0x0e7c  RpcSs - ok

19:06:14.0437 0x0e7c  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:06:14.0593 0x0e7c  RSVP - ok

19:06:14.0625 0x0e7c  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

19:06:14.0718 0x0e7c  RTLE8023xp - ok

19:06:14.0734 0x0e7c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:06:14.0843 0x0e7c  SamSs - ok

19:06:14.0890 0x0e7c  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:06:15.0031 0x0e7c  SCardSvr - ok

19:06:15.0078 0x0e7c  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:06:15.0218 0x0e7c  Schedule - ok

19:06:15.0250 0x0e7c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:06:15.0328 0x0e7c  Secdrv - ok

19:06:15.0375 0x0e7c  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:06:15.0515 0x0e7c  seclogon - ok

19:06:15.0531 0x0e7c  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

19:06:15.0656 0x0e7c  SENS - ok

19:06:15.0687 0x0e7c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:06:15.0828 0x0e7c  serenum - ok

19:06:15.0843 0x0e7c  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:06:15.0953 0x0e7c  Serial - ok

19:06:16.0000 0x0e7c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:06:16.0140 0x0e7c  Sfloppy - ok

19:06:16.0203 0x0e7c  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:06:16.0375 0x0e7c  SharedAccess - ok

19:06:16.0390 0x0e7c  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:06:16.0406 0x0e7c  ShellHWDetection - ok

19:06:16.0421 0x0e7c  Simbad - ok

19:06:16.0437 0x0e7c  Sparrow - ok

19:06:16.0468 0x0e7c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:06:16.0593 0x0e7c  splitter - ok

19:06:16.0640 0x0e7c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:06:16.0734 0x0e7c  Spooler - ok

19:06:16.0750 0x0e7c  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:06:16.0859 0x0e7c  sr - ok

19:06:16.0906 0x0e7c  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

19:06:17.0015 0x0e7c  srservice - ok

19:06:17.0078 0x0e7c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:06:17.0203 0x0e7c  Srv - ok

19:06:17.0250 0x0e7c  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:06:17.0328 0x0e7c  SSDPSRV - ok

19:06:17.0359 0x0e7c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:06:17.0390 0x0e7c  ssmdrv - ok

19:06:17.0437 0x0e7c  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

19:06:17.0468 0x0e7c  ss_bbus - ok

19:06:17.0500 0x0e7c  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

19:06:17.0562 0x0e7c  ss_bmdfl - ok

19:06:17.0625 0x0e7c  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

19:06:17.0671 0x0e7c  ss_bmdm - ok

19:06:17.0703 0x0e7c  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

19:06:17.0734 0x0e7c  ss_bserd - ok

19:06:17.0781 0x0e7c  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

19:06:17.0812 0x0e7c  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

19:06:27.0875 0x0e7c  StarOpen ( UnsignedFile.Multi.Generic ) - warning

19:06:27.0875 0x0e7c  Force sending object to P2P due to detect: StarOpen

19:06:46.0812 0x0e7c  Object send P2P result: true

19:06:49.0437 0x0e7c  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:06:49.0765 0x0e7c  stisvc - ok

19:06:50.0140 0x0e7c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:06:50.0328 0x0e7c  swenum - ok

19:06:50.0359 0x0e7c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:06:50.0625 0x0e7c  swmidi - ok

19:06:50.0640 0x0e7c  SwPrv - ok

19:06:50.0656 0x0e7c  symc810 - ok

19:06:50.0671 0x0e7c  symc8xx - ok

19:06:50.0687 0x0e7c  sym_hi - ok

19:06:50.0703 0x0e7c  sym_u3 - ok

19:06:50.0812 0x0e7c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:06:51.0078 0x0e7c  sysaudio - ok

19:06:51.0250 0x0e7c  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:06:51.0468 0x0e7c  SysmonLog - ok

19:06:51.0546 0x0e7c  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:06:51.0843 0x0e7c  TapiSrv - ok

19:06:52.0000 0x0e7c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:06:52.0375 0x0e7c  Tcpip - ok

19:06:52.0468 0x0e7c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:06:52.0671 0x0e7c  TDPIPE - ok

19:06:52.0843 0x0e7c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:06:53.0109 0x0e7c  TDTCP - ok

19:06:53.0234 0x0e7c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:06:53.0468 0x0e7c  TermDD - ok

19:06:53.0562 0x0e7c  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

19:06:53.0734 0x0e7c  TermService - ok

19:06:53.0875 0x0e7c  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:06:53.0906 0x0e7c  Themes - ok

19:06:54.0062 0x0e7c  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

19:06:54.0265 0x0e7c  TlntSvr - ok

19:06:54.0281 0x0e7c  TosIde - ok

19:06:54.0406 0x0e7c  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:06:54.0640 0x0e7c  TrkWks - ok

19:06:54.0796 0x0e7c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:06:54.0968 0x0e7c  Udfs - ok

19:06:55.0187 0x0e7c  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

19:06:55.0250 0x0e7c  UleadBurningHelper - ok

19:06:55.0265 0x0e7c  ultra - ok

19:06:55.0359 0x0e7c  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

19:06:55.0562 0x0e7c  UMWdf - ok

19:06:55.0703 0x0e7c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:06:56.0078 0x0e7c  Update - ok

19:06:56.0156 0x0e7c  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:06:56.0359 0x0e7c  upnphost - ok

19:06:56.0421 0x0e7c  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

19:06:56.0609 0x0e7c  UPS - ok

19:06:56.0781 0x0e7c  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

19:06:57.0125 0x0e7c  usbaudio - ok

19:06:57.0250 0x0e7c  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:06:57.0484 0x0e7c  usbccgp - ok

19:06:57.0531 0x0e7c  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:06:58.0109 0x0e7c  usbehci - ok

19:06:58.0171 0x0e7c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:06:58.0359 0x0e7c  usbhub - ok

19:06:58.0468 0x0e7c  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:06:58.0656 0x0e7c  usbohci - ok

19:06:58.0703 0x0e7c  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:06:58.0890 0x0e7c  usbprint - ok

19:06:58.0921 0x0e7c  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:06:59.0062 0x0e7c  usbscan - ok

19:06:59.0093 0x0e7c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:06:59.0265 0x0e7c  USBSTOR - ok

19:06:59.0312 0x0e7c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:06:59.0468 0x0e7c  VgaSave - ok

19:06:59.0468 0x0e7c  ViaIde - ok

19:06:59.0500 0x0e7c  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:06:59.0718 0x0e7c  VolSnap - ok

19:07:00.0109 0x0e7c  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

19:07:00.0218 0x0e7c  VSS - ok

19:07:00.0250 0x0e7c  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:07:00.0453 0x0e7c  W32Time - ok

19:07:00.0515 0x0e7c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:07:00.0671 0x0e7c  Wanarp - ok

19:07:00.0687 0x0e7c  WDICA - ok

19:07:00.0734 0x0e7c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:07:00.0906 0x0e7c  wdmaud - ok

19:07:00.0968 0x0e7c  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:07:01.0109 0x0e7c  WebClient - ok

19:07:01.0234 0x0e7c  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:07:01.0453 0x0e7c  winmgmt - ok

19:07:01.0531 0x0e7c  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:07:01.0656 0x0e7c  WmdmPmSN - ok

19:07:01.0718 0x0e7c  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

19:07:01.0921 0x0e7c  Wmi - ok

19:07:01.0953 0x0e7c  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:07:02.0078 0x0e7c  WmiApSrv - ok

19:07:02.0109 0x0e7c  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

19:07:02.0125 0x0e7c  WpdUsb - ok

19:07:02.0250 0x0e7c  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:07:02.0312 0x0e7c  WPFFontCache_v0400 - ok

19:07:02.0343 0x0e7c  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:07:02.0500 0x0e7c  wscsvc - ok

19:07:02.0531 0x0e7c  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:07:02.0687 0x0e7c  wuauserv - ok

19:07:02.0750 0x0e7c  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:07:02.0968 0x0e7c  WZCSVC - ok

19:07:03.0000 0x0e7c  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:07:03.0218 0x0e7c  xmlprov - ok

19:07:03.0218 0x0e7c  ================ Scan global ===============================

19:07:03.0234 0x0e7c  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

19:07:03.0296 0x0e7c  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

19:07:03.0359 0x0e7c  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

19:07:03.0375 0x0e7c  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

19:07:03.0375 0x0e7c  [ Global ] - ok

19:07:03.0375 0x0e7c  ================ Scan MBR ==================================

19:07:03.0406 0x0e7c  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:07:03.0656 0x0e7c  \Device\Harddisk0\DR0 - ok

19:07:03.0656 0x0e7c  ================ Scan VBR ==================================

19:07:03.0656 0x0e7c  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

19:07:03.0656 0x0e7c  \Device\Harddisk0\DR0\Partition1 - ok

19:07:03.0671 0x0e7c  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

19:07:03.0671 0x0e7c  \Device\Harddisk0\DR0\Partition2 - ok

19:07:03.0671 0x0e7c  ================ Scan generic autorun ======================

19:07:03.0765 0x0e7c  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

19:07:03.0796 0x0e7c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

19:07:06.0218 0x0e7c  Detect skipped due to KSN trusted

19:07:06.0218 0x0e7c  StartCCC - ok

19:07:07.0171 0x0e7c  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

19:07:10.0109 0x0e7c  RTHDCPL - ok

19:07:10.0234 0x0e7c  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

19:07:10.0250 0x0e7c  Adobe Reader Speed Launcher - ok

19:07:10.0375 0x0e7c  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

19:07:10.0500 0x0e7c  Adobe ARM - ok

19:07:10.0609 0x0e7c  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

19:07:10.0750 0x0e7c  HPDJ Taskbar Utility - ok

19:07:10.0843 0x0e7c  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

19:07:10.0984 0x0e7c  UVS11 Preload - ok

19:07:11.0078 0x0e7c  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

19:07:11.0125 0x0e7c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

19:07:13.0453 0x0e7c  Detect skipped due to KSN trusted

19:07:13.0453 0x0e7c  QuickTime Task - ok

19:07:13.0500 0x0e7c  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

19:07:13.0546 0x0e7c  OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )

19:07:15.0875 0x0e7c  OfficeKB ( UnsignedFile.Multi.Generic ) - warning

19:07:18.0281 0x0e7c  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

19:07:18.0312 0x0e7c  KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )

19:07:20.0640 0x0e7c  KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning

19:07:23.0015 0x0e7c  NvCplDaemon - ok

19:07:23.0015 0x0e7c  NvMediaCenter - ok

19:07:23.0187 0x0e7c  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

19:07:23.0437 0x0e7c  nwiz - ok

19:07:23.0531 0x0e7c  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

19:07:23.0687 0x0e7c  Nvtmru - ok

19:07:23.0812 0x0e7c  [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

19:07:23.0875 0x0e7c  avgnt - ok

19:07:24.0000 0x0e7c  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

19:07:24.0046 0x0e7c  TkBellExe - ok

19:07:24.0078 0x0e7c  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:07:24.0203 0x0e7c  CTFMON.EXE - ok

19:07:24.0203 0x0e7c  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:07:24.0296 0x0e7c  CTFMON.EXE - ok

19:07:24.0312 0x0e7c  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:07:24.0406 0x0e7c  CTFMON.EXE - ok

19:07:24.0406 0x0e7c  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

19:07:24.0515 0x0e7c  CTFMON.EXE - ok

19:07:24.0671 0x0e7c  [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe

19:07:24.0875 0x0e7c  MSMSGS - ok

19:07:25.0046 0x0e7c  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

19:07:25.0125 0x0e7c  AmazonMP3DownloaderHelper - ok

19:07:25.0140 0x0e7c  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:07:25.0234 0x0e7c  CTFMON.EXE - ok

19:07:25.0234 0x0e7c  Waiting for KSN requests completion. In queue: 11

19:07:26.0234 0x0e7c  Waiting for KSN requests completion. In queue: 11

19:07:27.0234 0x0e7c  Waiting for KSN requests completion. In queue: 11

19:07:28.0281 0x0e7c  AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated

19:07:28.0281 0x0e7c  Win FW state via NFM: enabled

19:07:30.0656 0x0e7c  ============================================================

19:07:30.0656 0x0e7c  Scan finished

19:07:30.0656 0x0e7c  ============================================================

19:07:30.0687 0x0d9c  Detected object count: 3

19:07:30.0687 0x0d9c  Actual detected object count: 3

19:08:03.0046 0x0d9c  C:\WINDOWS\system32\drivers\StarOpen.sys - copied to quarantine

19:08:03.0046 0x0d9c  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:08:03.0125 0x0d9c  C:\PROGRA~1\OfficeKB\OfficeKB.EXE - copied to quarantine

19:08:03.0125 0x0d9c  OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:08:03.0156 0x0d9c  C:\PROGRA~1\OfficeKB\KPDrv4XP.exe - copied to quarantine

19:08:03.0156 0x0d9c  KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:08:38.0046 0x0b44  Deinitialize success

mysteryPC

11.03.2015 19:19

Code:

19:11:06.0390 0x06b8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

19:11:08.0812 0x06b8  ============================================================

19:11:08.0812 0x06b8  Current date / time: 2015/03/11 19:11:08.0812

19:11:08.0812 0x06b8  SystemInfo:

19:11:08.0812 0x06b8  

19:11:08.0812 0x06b8  OS Version: 5.1.2600 ServicePack: 3.0

19:11:08.0812 0x06b8  Product type: Workstation

19:11:08.0812 0x06b8  ComputerName: SLIM-36FB768E46

19:11:08.0812 0x06b8  UserName: Slim

19:11:08.0812 0x06b8  Windows directory: C:\WINDOWS

19:11:08.0812 0x06b8  System windows directory: C:\WINDOWS

19:11:08.0812 0x06b8  Processor architecture: Intel x86

19:11:08.0812 0x06b8  Number of processors: 2

19:11:08.0812 0x06b8  Page size: 0x1000

19:11:08.0812 0x06b8  Boot type: Normal boot

19:11:08.0812 0x06b8  ============================================================

19:11:12.0015 0x06b8  KLMD registered as C:\WINDOWS\system32\drivers\49980631.sys

19:11:12.0156 0x06b8  System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}

19:11:12.0921 0x06b8  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

19:11:12.0921 0x06b8  ============================================================

19:11:12.0921 0x06b8  \Device\Harddisk0\DR0:

19:11:12.0921 0x06b8  MBR partitions:

19:11:12.0921 0x06b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927

19:11:12.0921 0x06b8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B

19:11:12.0921 0x06b8  ============================================================

19:11:12.0953 0x06b8  C: <-> \Device\Harddisk0\DR0\Partition1

19:11:12.0984 0x06b8  D: <-> \Device\Harddisk0\DR0\Partition2

19:11:12.0984 0x06b8  ============================================================

19:11:12.0984 0x06b8  Initialize success

19:11:12.0984 0x06b8  ============================================================

19:11:22.0500 0x07b4  ============================================================

19:11:22.0500 0x07b4  Scan started

19:11:22.0500 0x07b4  Mode: Manual; SigCheck; TDLFS; 

19:11:22.0500 0x07b4  ============================================================

19:11:22.0500 0x07b4  KSN ping started

19:11:35.0843 0x07b4  KSN ping finished: true

19:11:36.0437 0x07b4  ================ Scan system memory ========================

19:11:36.0437 0x07b4  System memory - ok

19:11:36.0437 0x07b4  ================ Scan services =============================

19:11:36.0531 0x07b4  Abiosdsk - ok

19:11:36.0531 0x07b4  abp480n5 - ok

19:11:36.0609 0x07b4  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:11:36.0859 0x07b4  ACPI - ok

19:11:36.0906 0x07b4  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:11:37.0031 0x07b4  ACPIEC - ok

19:11:37.0109 0x07b4  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:11:37.0125 0x07b4  AdobeFlashPlayerUpdateSvc - ok

19:11:37.0125 0x07b4  adpu160m - ok

19:11:37.0156 0x07b4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:11:37.0281 0x07b4  aec - ok

19:11:37.0328 0x07b4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:11:37.0359 0x07b4  AFD - ok

19:11:37.0359 0x07b4  Aha154x - ok

19:11:37.0375 0x07b4  aic78u2 - ok

19:11:37.0375 0x07b4  aic78xx - ok

19:11:37.0406 0x07b4  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:11:37.0546 0x07b4  Alerter - ok

19:11:37.0593 0x07b4  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

19:11:37.0656 0x07b4  ALG - ok

19:11:37.0671 0x07b4  AliIde - ok

19:11:37.0796 0x07b4  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

19:11:37.0953 0x07b4  Ambfilt - ok

19:11:37.0968 0x07b4  amsint - ok

19:11:38.0109 0x07b4  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:11:38.0125 0x07b4  AntiVirSchedulerService - ok

19:11:38.0203 0x07b4  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:11:38.0218 0x07b4  AntiVirService - ok

19:11:38.0265 0x07b4  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

19:11:38.0343 0x07b4  AppMgmt - ok

19:11:38.0359 0x07b4  asc - ok

19:11:38.0359 0x07b4  asc3350p - ok

19:11:38.0359 0x07b4  asc3550 - ok

19:11:38.0484 0x07b4  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

19:11:38.0484 0x07b4  aspnet_state - ok

19:11:38.0531 0x07b4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:11:38.0656 0x07b4  AsyncMac - ok

19:11:38.0687 0x07b4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:11:38.0812 0x07b4  atapi - ok

19:11:38.0828 0x07b4  Atdisk - ok

19:11:38.0906 0x07b4  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

19:11:39.0000 0x07b4  Ati HotKey Poller - ok

19:11:39.0078 0x07b4  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

19:11:39.0140 0x07b4  ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )

19:11:41.0468 0x07b4  Detect skipped due to KSN trusted

19:11:41.0468 0x07b4  ATI Smart - ok

19:11:41.0687 0x07b4  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

19:11:41.0921 0x07b4  ati2mtag - ok

19:11:41.0984 0x07b4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:11:42.0109 0x07b4  Atmarpc - ok

19:11:42.0156 0x07b4  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:11:42.0296 0x07b4  AudioSrv - ok

19:11:42.0343 0x07b4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:11:42.0484 0x07b4  audstub - ok

19:11:42.0515 0x07b4  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:11:42.0546 0x07b4  avgntflt - ok

19:11:42.0593 0x07b4  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:11:42.0609 0x07b4  avipbb - ok

19:11:42.0640 0x07b4  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:11:42.0656 0x07b4  avkmgr - ok

19:11:42.0687 0x07b4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:11:42.0828 0x07b4  Beep - ok

19:11:42.0890 0x07b4  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

19:11:43.0093 0x07b4  BITS - ok

19:11:43.0125 0x07b4  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

19:11:43.0265 0x07b4  Browser - ok

19:11:43.0312 0x07b4  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

19:11:43.0328 0x07b4  Capture Device Service - ok

19:11:43.0375 0x07b4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:11:43.0515 0x07b4  cbidf2k - ok

19:11:43.0515 0x07b4  cd20xrnt - ok

19:11:43.0531 0x07b4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:11:43.0656 0x07b4  Cdaudio - ok

19:11:43.0687 0x07b4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:11:43.0828 0x07b4  Cdfs - ok

19:11:43.0859 0x07b4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:11:44.0000 0x07b4  Cdrom - ok

19:11:44.0000 0x07b4  Changer - ok

19:11:44.0031 0x07b4  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:11:44.0171 0x07b4  CiSvc - ok

19:11:44.0187 0x07b4  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:11:44.0343 0x07b4  ClipSrv - ok

19:11:44.0390 0x07b4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:11:44.0406 0x07b4  clr_optimization_v2.0.50727_32 - ok

19:11:44.0453 0x07b4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:11:44.0453 0x07b4  clr_optimization_v4.0.30319_32 - ok

19:11:44.0468 0x07b4  CmdIde - ok

19:11:44.0468 0x07b4  COMSysApp - ok

19:11:44.0484 0x07b4  Cpqarray - ok

19:11:44.0515 0x07b4  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:11:44.0656 0x07b4  CryptSvc - ok

19:11:44.0656 0x07b4  dac2w2k - ok

19:11:44.0671 0x07b4  dac960nt - ok

19:11:44.0734 0x07b4  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:11:44.0781 0x07b4  DcomLaunch - ok

19:11:44.0828 0x07b4  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:11:44.0984 0x07b4  Dhcp - ok

19:11:45.0015 0x07b4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:11:45.0156 0x07b4  Disk - ok

19:11:45.0156 0x07b4  dmadmin - ok

19:11:45.0234 0x07b4  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:11:45.0437 0x07b4  dmboot - ok

19:11:45.0453 0x07b4  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:11:45.0609 0x07b4  dmio - ok

19:11:45.0640 0x07b4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:11:45.0750 0x07b4  dmload - ok

19:11:45.0796 0x07b4  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:11:45.0906 0x07b4  dmserver - ok

19:11:45.0921 0x07b4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:11:46.0046 0x07b4  DMusic - ok

19:11:46.0093 0x07b4  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:11:46.0109 0x07b4  Dnscache - ok

19:11:46.0156 0x07b4  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:11:46.0296 0x07b4  Dot3svc - ok

19:11:46.0312 0x07b4  dpti2o - ok

19:11:46.0343 0x07b4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:11:46.0453 0x07b4  drmkaud - ok

19:11:46.0484 0x07b4  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:11:46.0625 0x07b4  EapHost - ok

19:11:46.0656 0x07b4  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

19:11:46.0671 0x07b4  ElbyCDIO - ok

19:11:46.0718 0x07b4  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:11:46.0828 0x07b4  ERSvc - ok

19:11:46.0859 0x07b4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

19:11:46.0890 0x07b4  Eventlog - ok

19:11:46.0921 0x07b4  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

19:11:46.0968 0x07b4  EventSystem - ok

19:11:46.0984 0x07b4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:11:47.0109 0x07b4  Fastfat - ok

19:11:47.0156 0x07b4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:11:47.0171 0x07b4  FastUserSwitchingCompatibility - ok

19:11:47.0203 0x07b4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

19:11:47.0312 0x07b4  Fdc - ok

19:11:47.0328 0x07b4  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:11:47.0437 0x07b4  Fips - ok

19:11:47.0453 0x07b4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

19:11:47.0562 0x07b4  Flpydisk - ok

19:11:47.0609 0x07b4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:11:47.0734 0x07b4  FltMgr - ok

19:11:47.0796 0x07b4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:11:47.0812 0x07b4  FontCache3.0.0.0 - ok

19:11:47.0921 0x07b4  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

19:11:47.0921 0x07b4  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

19:11:50.0250 0x07b4  Detect skipped due to KSN trusted

19:11:50.0250 0x07b4  Freemake Improver - ok

19:11:50.0312 0x07b4  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

19:11:50.0312 0x07b4  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

19:11:52.0671 0x07b4  Detect skipped due to KSN trusted

19:11:52.0671 0x07b4  FreemakeVideoCapture - ok

19:11:52.0687 0x07b4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:11:52.0812 0x07b4  Fs_Rec - ok

19:11:52.0843 0x07b4  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:11:52.0953 0x07b4  Ftdisk - ok

19:11:53.0000 0x07b4  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

19:11:53.0015 0x07b4  getPlusHelper - ok

19:11:53.0062 0x07b4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:11:53.0171 0x07b4  Gpc - ok

19:11:53.0250 0x07b4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:11:53.0265 0x07b4  gupdate - ok

19:11:53.0265 0x07b4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:11:53.0281 0x07b4  gupdatem - ok

19:11:53.0328 0x07b4  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

19:11:53.0343 0x07b4  gusvc - ok

19:11:53.0390 0x07b4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:11:53.0500 0x07b4  HDAudBus - ok

19:11:53.0609 0x07b4  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:11:53.0750 0x07b4  helpsvc - ok

19:11:53.0781 0x07b4  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

19:11:53.0796 0x07b4  HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )

19:11:56.0125 0x07b4  Detect skipped due to KSN trusted

19:11:56.0125 0x07b4  HIDKbFlt - ok

19:11:56.0140 0x07b4  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

19:11:56.0265 0x07b4  HidServ - ok

19:11:56.0312 0x07b4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:11:56.0421 0x07b4  HidUsb - ok

19:11:56.0500 0x07b4  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:11:56.0609 0x07b4  hkmsvc - ok

19:11:56.0625 0x07b4  hpn - ok

19:11:56.0671 0x07b4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:11:56.0687 0x07b4  HTTP - ok

19:11:56.0734 0x07b4  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:11:56.0843 0x07b4  HTTPFilter - ok

19:11:56.0859 0x07b4  i2omgmt - ok

19:11:56.0859 0x07b4  i2omp - ok

19:11:56.0906 0x07b4  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:11:57.0015 0x07b4  i8042prt - ok

19:11:57.0125 0x07b4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:11:57.0171 0x07b4  idsvc - ok

19:11:57.0203 0x07b4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:11:57.0328 0x07b4  Imapi - ok

19:11:57.0375 0x07b4  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:11:57.0484 0x07b4  ImapiService - ok

19:11:57.0500 0x07b4  ini910u - ok

19:11:57.0843 0x07b4  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

19:11:58.0156 0x07b4  IntcAzAudAddService - ok

19:11:58.0171 0x07b4  IntelIde - ok

19:11:58.0218 0x07b4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:11:58.0328 0x07b4  Ip6Fw - ok

19:11:58.0375 0x07b4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:11:58.0484 0x07b4  IpFilterDriver - ok

19:11:58.0515 0x07b4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:11:58.0625 0x07b4  IpInIp - ok

19:11:58.0656 0x07b4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:11:58.0781 0x07b4  IpNat - ok

19:11:58.0796 0x07b4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:11:58.0921 0x07b4  IPSec - ok

19:11:58.0937 0x07b4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:11:59.0015 0x07b4  IRENUM - ok

19:11:59.0031 0x07b4  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:11:59.0140 0x07b4  isapnp - ok

19:11:59.0171 0x07b4  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

19:11:59.0187 0x07b4  Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )

19:12:01.0515 0x07b4  Detect skipped due to KSN trusted

19:12:01.0515 0x07b4  Iviaspi - ok

19:12:01.0531 0x07b4  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

19:12:01.0562 0x07b4  iviVD - ok

19:12:01.0609 0x07b4  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:12:01.0718 0x07b4  Kbdclass - ok

19:12:01.0750 0x07b4  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:12:01.0859 0x07b4  kbdhid - ok

19:12:01.0875 0x07b4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:12:01.0984 0x07b4  kmixer - ok

19:12:02.0031 0x07b4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:12:02.0062 0x07b4  KSecDD - ok

19:12:02.0093 0x07b4  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:12:02.0125 0x07b4  lanmanserver - ok

19:12:02.0171 0x07b4  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:12:02.0187 0x07b4  lanmanworkstation - ok

19:12:02.0203 0x07b4  lbrtfdc - ok

19:12:02.0234 0x07b4  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:12:02.0343 0x07b4  LmHosts - ok

19:12:02.0375 0x07b4  [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

19:12:02.0390 0x07b4  mbamchameleon - ok

19:12:02.0500 0x07b4  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

19:12:02.0515 0x07b4  MDM - ok

19:12:02.0546 0x07b4  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:12:02.0656 0x07b4  Messenger - ok

19:12:02.0703 0x07b4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:12:02.0796 0x07b4  mnmdd - ok

19:12:02.0828 0x07b4  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:12:02.0937 0x07b4  mnmsrvc - ok

19:12:02.0984 0x07b4  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:12:03.0093 0x07b4  Modem - ok

19:12:03.0203 0x07b4  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

19:12:03.0296 0x07b4  Monfilt - ok

19:12:03.0328 0x07b4  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:12:03.0437 0x07b4  Mouclass - ok

19:12:03.0453 0x07b4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:12:03.0562 0x07b4  MountMgr - ok

19:12:03.0609 0x07b4  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

19:12:03.0625 0x07b4  MozillaMaintenance - ok

19:12:03.0640 0x07b4  mraid35x - ok

19:12:03.0640 0x07b4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:12:03.0765 0x07b4  MRxDAV - ok

19:12:03.0828 0x07b4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:12:03.0890 0x07b4  MRxSmb - ok

19:12:03.0937 0x07b4  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:12:04.0031 0x07b4  MSDTC - ok

19:12:04.0046 0x07b4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:12:04.0171 0x07b4  Msfs - ok

19:12:04.0187 0x07b4  MSIServer - ok

19:12:04.0203 0x07b4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:12:04.0312 0x07b4  MSKSSRV - ok

19:12:04.0328 0x07b4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:12:04.0421 0x07b4  MSPCLOCK - ok

19:12:04.0437 0x07b4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:12:04.0531 0x07b4  MSPQM - ok

19:12:04.0593 0x07b4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:12:04.0687 0x07b4  mssmbios - ok

19:12:04.0718 0x07b4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:12:04.0750 0x07b4  Mup - ok

19:12:04.0781 0x07b4  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:12:04.0906 0x07b4  napagent - ok

19:12:04.0953 0x07b4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:12:05.0078 0x07b4  NDIS - ok

19:12:05.0109 0x07b4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:12:05.0125 0x07b4  NdisTapi - ok

19:12:05.0140 0x07b4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:12:05.0234 0x07b4  Ndisuio - ok

19:12:05.0250 0x07b4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:12:05.0359 0x07b4  NdisWan - ok

19:12:05.0390 0x07b4  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:12:05.0406 0x07b4  NDProxy - ok

19:12:05.0453 0x07b4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:12:05.0562 0x07b4  NetBIOS - ok

19:12:05.0609 0x07b4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:12:05.0718 0x07b4  NetBT - ok

19:12:05.0750 0x07b4  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:12:05.0875 0x07b4  NetDDE - ok

19:12:05.0875 0x07b4  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:12:05.0968 0x07b4  NetDDEdsdm - ok

19:12:06.0015 0x07b4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:12:06.0109 0x07b4  Netlogon - ok

19:12:06.0140 0x07b4  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

19:12:06.0265 0x07b4  Netman - ok

19:12:06.0312 0x07b4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:12:06.0312 0x07b4  NetTcpPortSharing - ok

19:12:06.0343 0x07b4  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:12:06.0375 0x07b4  Nla - ok

19:12:06.0453 0x07b4  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

19:12:06.0453 0x07b4  NMSAccess - ok

19:12:06.0500 0x07b4  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

19:12:06.0515 0x07b4  npf - ok

19:12:06.0546 0x07b4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:12:06.0703 0x07b4  Npfs - ok

19:12:06.0750 0x07b4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:12:06.0906 0x07b4  Ntfs - ok

19:12:06.0906 0x07b4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:12:07.0015 0x07b4  NtLmSsp - ok

19:12:07.0078 0x07b4  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:12:07.0218 0x07b4  NtmsSvc - ok

19:12:07.0250 0x07b4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:12:07.0343 0x07b4  Null - ok

19:12:07.0968 0x07b4  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:12:08.0546 0x07b4  nv - ok

19:12:08.0625 0x07b4  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

19:12:08.0640 0x07b4  NVHDA - ok

19:12:08.0687 0x07b4  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

19:12:08.0703 0x07b4  NVSvc - ok

19:12:08.0890 0x07b4  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

19:12:09.0000 0x07b4  nvUpdatusService - ok

19:12:09.0015 0x07b4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:12:09.0140 0x07b4  NwlnkFlt - ok

19:12:09.0156 0x07b4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:12:09.0265 0x07b4  NwlnkFwd - ok

19:12:09.0312 0x07b4  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:12:09.0406 0x07b4  Parport - ok

19:12:09.0421 0x07b4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:12:09.0531 0x07b4  PartMgr - ok

19:12:09.0562 0x07b4  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:12:09.0656 0x07b4  ParVdm - ok

19:12:09.0687 0x07b4  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:12:09.0796 0x07b4  PCI - ok

19:12:09.0796 0x07b4  PCIDump - ok

19:12:09.0843 0x07b4  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:12:09.0937 0x07b4  PCIIde - ok

19:12:10.0000 0x07b4  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:12:10.0093 0x07b4  Pcmcia - ok

19:12:10.0093 0x07b4  PDCOMP - ok

19:12:10.0109 0x07b4  PDFRAME - ok

19:12:10.0109 0x07b4  PDRELI - ok

19:12:10.0125 0x07b4  PDRFRAME - ok

19:12:10.0125 0x07b4  perc2 - ok

19:12:10.0125 0x07b4  perc2hib - ok

19:12:10.0156 0x07b4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

19:12:10.0171 0x07b4  PlugPlay - ok

19:12:10.0187 0x07b4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:12:10.0281 0x07b4  PolicyAgent - ok

19:12:10.0296 0x07b4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:12:10.0406 0x07b4  PptpMiniport - ok

19:12:10.0421 0x07b4  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

19:12:10.0531 0x07b4  Processor - ok

19:12:10.0531 0x07b4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:12:10.0625 0x07b4  ProtectedStorage - ok

19:12:10.0656 0x07b4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:12:10.0765 0x07b4  PSched - ok

19:12:10.0796 0x07b4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:12:10.0890 0x07b4  Ptilink - ok

19:12:10.0906 0x07b4  ql1080 - ok

19:12:10.0906 0x07b4  Ql10wnt - ok

19:12:10.0921 0x07b4  ql12160 - ok

19:12:10.0921 0x07b4  ql1240 - ok

19:12:10.0937 0x07b4  ql1280 - ok

19:12:10.0953 0x07b4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:12:11.0062 0x07b4  RasAcd - ok

19:12:11.0093 0x07b4  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:12:11.0203 0x07b4  RasAuto - ok

19:12:11.0218 0x07b4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:12:11.0328 0x07b4  Rasl2tp - ok

19:12:11.0375 0x07b4  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:12:11.0500 0x07b4  RasMan - ok

19:12:11.0515 0x07b4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:12:11.0625 0x07b4  RasPppoe - ok

19:12:11.0656 0x07b4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:12:11.0765 0x07b4  Raspti - ok

19:12:11.0812 0x07b4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:12:11.0921 0x07b4  Rdbss - ok

19:12:11.0937 0x07b4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:12:12.0046 0x07b4  RDPCDD - ok

19:12:12.0078 0x07b4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:12:12.0187 0x07b4  rdpdr - ok

19:12:12.0234 0x07b4  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:12:12.0265 0x07b4  RDPWD - ok

19:12:12.0296 0x07b4  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:12:12.0421 0x07b4  RDSessMgr - ok

19:12:12.0484 0x07b4  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

19:12:12.0500 0x07b4  RealNetworks Downloader Resolver Service - ok

19:12:12.0515 0x07b4  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:12:12.0609 0x07b4  redbook - ok

19:12:12.0640 0x07b4  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:12:12.0750 0x07b4  RemoteAccess - ok

19:12:12.0796 0x07b4  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

19:12:12.0906 0x07b4  RemoteRegistry - ok

19:12:12.0921 0x07b4  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:12:13.0046 0x07b4  RpcLocator - ok

19:12:13.0078 0x07b4  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:12:13.0109 0x07b4  RpcSs - ok

19:12:13.0140 0x07b4  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:12:13.0250 0x07b4  RSVP - ok

19:12:13.0296 0x07b4  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

19:12:13.0328 0x07b4  RTLE8023xp - ok

19:12:13.0328 0x07b4  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:12:13.0421 0x07b4  SamSs - ok

19:12:13.0468 0x07b4  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:12:13.0578 0x07b4  SCardSvr - ok

19:12:13.0625 0x07b4  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:12:13.0734 0x07b4  Schedule - ok

19:12:13.0750 0x07b4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:12:13.0812 0x07b4  Secdrv - ok

19:12:13.0843 0x07b4  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:12:13.0953 0x07b4  seclogon - ok

19:12:13.0968 0x07b4  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

19:12:14.0093 0x07b4  SENS - ok

19:12:14.0109 0x07b4  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:12:14.0218 0x07b4  serenum - ok

19:12:14.0234 0x07b4  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:12:14.0343 0x07b4  Serial - ok

19:12:14.0375 0x07b4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:12:14.0484 0x07b4  Sfloppy - ok

19:12:14.0546 0x07b4  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:12:14.0687 0x07b4  SharedAccess - ok

19:12:14.0718 0x07b4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:12:14.0734 0x07b4  ShellHWDetection - ok

19:12:14.0750 0x07b4  Simbad - ok

19:12:14.0750 0x07b4  Sparrow - ok

19:12:14.0796 0x07b4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:12:14.0890 0x07b4  splitter - ok

19:12:14.0921 0x07b4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:12:14.0953 0x07b4  Spooler - ok

19:12:14.0968 0x07b4  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:12:15.0031 0x07b4  sr - ok

19:12:15.0078 0x07b4  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

19:12:15.0156 0x07b4  srservice - ok

19:12:15.0218 0x07b4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:12:15.0265 0x07b4  Srv - ok

19:12:15.0312 0x07b4  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:12:15.0375 0x07b4  SSDPSRV - ok

19:12:15.0390 0x07b4  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:12:15.0390 0x07b4  ssmdrv - ok

19:12:15.0437 0x07b4  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

19:12:15.0453 0x07b4  ss_bbus - ok

19:12:15.0484 0x07b4  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

19:12:15.0500 0x07b4  ss_bmdfl - ok

19:12:15.0546 0x07b4  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

19:12:15.0562 0x07b4  ss_bmdm - ok

19:12:15.0625 0x07b4  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

19:12:15.0640 0x07b4  ss_bserd - ok

19:12:15.0671 0x07b4  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

19:12:15.0687 0x07b4  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

19:12:18.0000 0x07b4  Detect skipped due to KSN trusted

19:12:18.0015 0x07b4  StarOpen - ok

19:12:18.0062 0x07b4  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:12:18.0203 0x07b4  stisvc - ok

19:12:18.0234 0x07b4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:12:18.0343 0x07b4  swenum - ok

19:12:18.0359 0x07b4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:12:18.0468 0x07b4  swmidi - ok

19:12:18.0484 0x07b4  SwPrv - ok

19:12:18.0484 0x07b4  symc810 - ok

19:12:18.0500 0x07b4  symc8xx - ok

19:12:18.0500 0x07b4  sym_hi - ok

19:12:18.0500 0x07b4  sym_u3 - ok

19:12:18.0515 0x07b4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:12:18.0640 0x07b4  sysaudio - ok

19:12:18.0671 0x07b4  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:12:18.0781 0x07b4  SysmonLog - ok

19:12:18.0828 0x07b4  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:12:18.0953 0x07b4  TapiSrv - ok

19:12:19.0015 0x07b4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:12:19.0078 0x07b4  Tcpip - ok

19:12:19.0109 0x07b4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:12:19.0203 0x07b4  TDPIPE - ok

19:12:19.0218 0x07b4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:12:19.0328 0x07b4  TDTCP - ok

19:12:19.0328 0x07b4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:12:19.0437 0x07b4  TermDD - ok

19:12:19.0484 0x07b4  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

19:12:19.0593 0x07b4  TermService - ok

19:12:19.0625 0x07b4  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:12:19.0640 0x07b4  Themes - ok

19:12:19.0687 0x07b4  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

19:12:19.0750 0x07b4  TlntSvr - ok

19:12:19.0765 0x07b4  TosIde - ok

19:12:19.0812 0x07b4  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:12:19.0906 0x07b4  TrkWks - ok

19:12:19.0921 0x07b4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:12:20.0046 0x07b4  Udfs - ok

19:12:20.0125 0x07b4  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

19:12:20.0125 0x07b4  UleadBurningHelper - ok

19:12:20.0140 0x07b4  ultra - ok

19:12:20.0171 0x07b4  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

19:12:20.0187 0x07b4  UMWdf - ok

19:12:20.0250 0x07b4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:12:20.0390 0x07b4  Update - ok

19:12:20.0437 0x07b4  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:12:20.0515 0x07b4  upnphost - ok

19:12:20.0546 0x07b4  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

19:12:20.0656 0x07b4  UPS - ok

19:12:20.0687 0x07b4  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

19:12:20.0796 0x07b4  usbaudio - ok

19:12:20.0843 0x07b4  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:12:20.0953 0x07b4  usbccgp - ok

19:12:20.0968 0x07b4  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:12:21.0078 0x07b4  usbehci - ok

19:12:21.0109 0x07b4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:12:21.0218 0x07b4  usbhub - ok

19:12:21.0218 0x07b4  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:12:21.0328 0x07b4  usbohci - ok

19:12:21.0343 0x07b4  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:12:21.0453 0x07b4  usbprint - ok

19:12:21.0500 0x07b4  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:12:21.0609 0x07b4  usbscan - ok

19:12:21.0640 0x07b4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:12:21.0765 0x07b4  USBSTOR - ok

19:12:21.0796 0x07b4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:12:21.0906 0x07b4  VgaSave - ok

19:12:21.0906 0x07b4  ViaIde - ok

19:12:21.0921 0x07b4  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:12:22.0031 0x07b4  VolSnap - ok

19:12:22.0093 0x07b4  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

19:12:22.0171 0x07b4  VSS - ok

19:12:22.0203 0x07b4  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:12:22.0312 0x07b4  W32Time - ok

19:12:22.0359 0x07b4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:12:22.0453 0x07b4  Wanarp - ok

19:12:22.0468 0x07b4  WDICA - ok

19:12:22.0515 0x07b4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:12:22.0609 0x07b4  wdmaud - ok

19:12:22.0656 0x07b4  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:12:22.0765 0x07b4  WebClient - ok

19:12:22.0843 0x07b4  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:12:22.0953 0x07b4  winmgmt - ok

19:12:23.0015 0x07b4  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:12:23.0031 0x07b4  WmdmPmSN - ok

19:12:23.0078 0x07b4  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

19:12:23.0125 0x07b4  Wmi - ok

19:12:23.0171 0x07b4  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:12:23.0281 0x07b4  WmiApSrv - ok

19:12:23.0312 0x07b4  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

19:12:23.0328 0x07b4  WpdUsb - ok

19:12:23.0453 0x07b4  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:12:23.0484 0x07b4  WPFFontCache_v0400 - ok

19:12:23.0531 0x07b4  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:12:23.0640 0x07b4  wscsvc - ok

19:12:23.0656 0x07b4  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:12:23.0765 0x07b4  wuauserv - ok

19:12:23.0828 0x07b4  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:12:23.0968 0x07b4  WZCSVC - ok

19:12:24.0015 0x07b4  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:12:24.0125 0x07b4  xmlprov - ok

19:12:24.0125 0x07b4  ================ Scan global ===============================

19:12:24.0156 0x07b4  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

19:12:24.0218 0x07b4  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

19:12:24.0234 0x07b4  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

19:12:24.0250 0x07b4  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

19:12:24.0265 0x07b4  [ Global ] - ok

19:12:24.0265 0x07b4  ================ Scan MBR ==================================

19:12:24.0281 0x07b4  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:12:24.0484 0x07b4  \Device\Harddisk0\DR0 - ok

19:12:24.0484 0x07b4  ================ Scan VBR ==================================

19:12:24.0484 0x07b4  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

19:12:24.0484 0x07b4  \Device\Harddisk0\DR0\Partition1 - ok

19:12:24.0500 0x07b4  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

19:12:24.0500 0x07b4  \Device\Harddisk0\DR0\Partition2 - ok

19:12:24.0500 0x07b4  ================ Scan generic autorun ======================

19:12:24.0640 0x07b4  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

19:12:24.0640 0x07b4  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

19:12:26.0953 0x07b4  Detect skipped due to KSN trusted

19:12:26.0953 0x07b4  StartCCC - ok

19:12:27.0906 0x07b4  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

19:12:28.0984 0x07b4  RTHDCPL - ok

19:12:29.0093 0x07b4  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

19:12:29.0109 0x07b4  Adobe Reader Speed Launcher - ok

19:12:29.0234 0x07b4  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

19:12:29.0281 0x07b4  Adobe ARM - ok

19:12:29.0359 0x07b4  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

19:12:29.0390 0x07b4  HPDJ Taskbar Utility - ok

19:12:29.0484 0x07b4  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

19:12:29.0515 0x07b4  UVS11 Preload - ok

19:12:29.0609 0x07b4  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

19:12:29.0671 0x07b4  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

19:12:32.0000 0x07b4  Detect skipped due to KSN trusted

19:12:32.0000 0x07b4  QuickTime Task - ok

19:12:32.0046 0x07b4  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

19:12:32.0062 0x07b4  OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )

19:12:34.0437 0x07b4  OfficeKB ( UnsignedFile.Multi.Generic ) - warning

19:12:48.0843 0x07b4  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

19:12:48.0843 0x07b4  KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )

19:12:55.0859 0x07b4  KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning

19:12:58.0234 0x07b4  NvCplDaemon - ok

19:12:58.0234 0x07b4  NvMediaCenter - ok

19:12:58.0406 0x07b4  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

19:12:58.0531 0x07b4  nwiz - ok

19:12:58.0656 0x07b4  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

19:12:58.0703 0x07b4  Nvtmru - ok

19:12:58.0812 0x07b4  [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

19:12:58.0859 0x07b4  avgnt - ok

19:12:58.0968 0x07b4  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

19:12:58.0984 0x07b4  TkBellExe - ok

19:12:59.0031 0x07b4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:12:59.0140 0x07b4  CTFMON.EXE - ok

19:12:59.0140 0x07b4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:12:59.0234 0x07b4  CTFMON.EXE - ok

19:12:59.0250 0x07b4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:12:59.0343 0x07b4  CTFMON.EXE - ok

19:12:59.0343 0x07b4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

19:12:59.0437 0x07b4  CTFMON.EXE - ok

19:12:59.0562 0x07b4  [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe

19:12:59.0718 0x07b4  MSMSGS - ok

19:12:59.0906 0x07b4  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

19:12:59.0921 0x07b4  AmazonMP3DownloaderHelper - ok

19:12:59.0953 0x07b4  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

mysteryPC

11.03.2015 19:20

Code:

19:13:00.0046 0x07b4  CTFMON.EXE - ok

19:13:00.0046 0x07b4  Waiting for KSN requests completion. In queue: 11

19:13:01.0046 0x07b4  Waiting for KSN requests completion. In queue: 11

19:13:02.0046 0x07b4  Waiting for KSN requests completion. In queue: 11

19:13:03.0062 0x07b4  AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated

19:13:03.0062 0x07b4  Win FW state via NFM: enabled

19:13:05.0453 0x07b4  ============================================================

19:13:05.0453 0x07b4  Scan finished

19:13:05.0453 0x07b4  ============================================================

19:13:05.0453 0x069c  Detected object count: 2

19:13:05.0453 0x069c  Actual detected object count: 2

19:13:16.0203 0x069c  C:\PROGRA~1\OfficeKB\OfficeKB.EXE - copied to quarantine

19:13:16.0203 0x069c  OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:13:16.0265 0x069c  C:\PROGRA~1\OfficeKB\KPDrv4XP.exe - copied to quarantine

19:13:16.0265 0x069c  KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:13:20.0937 0x0c10  ============================================================

19:13:20.0937 0x0c10  Scan started

19:13:20.0937 0x0c10  Mode: Manual; SigCheck; TDLFS; 

19:13:20.0937 0x0c10  ============================================================

19:13:20.0937 0x0c10  KSN ping started

19:13:23.0250 0x0c10  KSN ping finished: true

19:13:23.0640 0x0c10  ================ Scan system memory ========================

19:13:23.0640 0x0c10  System memory - ok

19:13:23.0640 0x0c10  ================ Scan services =============================

19:13:23.0734 0x0c10  Abiosdsk - ok

19:13:23.0734 0x0c10  abp480n5 - ok

19:13:23.0781 0x0c10  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:13:23.0906 0x0c10  ACPI - ok

19:13:23.0937 0x0c10  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:13:24.0062 0x0c10  ACPIEC - ok

19:13:24.0125 0x0c10  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:13:24.0156 0x0c10  AdobeFlashPlayerUpdateSvc - ok

19:13:24.0156 0x0c10  adpu160m - ok

19:13:24.0187 0x0c10  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:13:24.0281 0x0c10  aec - ok

19:13:24.0328 0x0c10  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:13:24.0359 0x0c10  AFD - ok

19:13:24.0359 0x0c10  Aha154x - ok

19:13:24.0359 0x0c10  aic78u2 - ok

19:13:24.0375 0x0c10  aic78xx - ok

19:13:24.0406 0x0c10  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:13:24.0515 0x0c10  Alerter - ok

19:13:24.0531 0x0c10  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

19:13:24.0593 0x0c10  ALG - ok

19:13:24.0609 0x0c10  AliIde - ok

19:13:24.0734 0x0c10  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

19:13:24.0875 0x0c10  Ambfilt - ok

19:13:24.0890 0x0c10  amsint - ok

19:13:25.0031 0x0c10  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

19:13:25.0062 0x0c10  AntiVirSchedulerService - ok

19:13:25.0125 0x0c10  [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

19:13:25.0156 0x0c10  AntiVirService - ok

19:13:25.0203 0x0c10  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

19:13:25.0281 0x0c10  AppMgmt - ok

19:13:25.0281 0x0c10  asc - ok

19:13:25.0296 0x0c10  asc3350p - ok

19:13:25.0296 0x0c10  asc3550 - ok

19:13:25.0406 0x0c10  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

19:13:25.0421 0x0c10  aspnet_state - ok

19:13:25.0453 0x0c10  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:13:25.0562 0x0c10  AsyncMac - ok

19:13:25.0593 0x0c10  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:13:25.0734 0x0c10  atapi - ok

19:13:25.0734 0x0c10  Atdisk - ok

19:13:25.0812 0x0c10  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

19:13:25.0906 0x0c10  Ati HotKey Poller - ok

19:13:25.0968 0x0c10  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

19:13:26.0015 0x0c10  ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )

19:13:26.0015 0x0c10  Detect skipped due to KSN trusted

19:13:26.0015 0x0c10  ATI Smart - ok

19:13:26.0250 0x0c10  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

19:13:26.0484 0x0c10  ati2mtag - ok

19:13:26.0531 0x0c10  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:13:26.0640 0x0c10  Atmarpc - ok

19:13:26.0671 0x0c10  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:13:26.0781 0x0c10  AudioSrv - ok

19:13:26.0828 0x0c10  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:13:26.0921 0x0c10  audstub - ok

19:13:26.0953 0x0c10  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

19:13:26.0968 0x0c10  avgntflt - ok

19:13:26.0984 0x0c10  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

19:13:27.0000 0x0c10  avipbb - ok

19:13:27.0015 0x0c10  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

19:13:27.0015 0x0c10  avkmgr - ok

19:13:27.0046 0x0c10  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:13:27.0156 0x0c10  Beep - ok

19:13:27.0234 0x0c10  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

19:13:27.0375 0x0c10  BITS - ok

19:13:27.0421 0x0c10  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

19:13:27.0515 0x0c10  Browser - ok

19:13:27.0578 0x0c10  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

19:13:27.0593 0x0c10  Capture Device Service - ok

19:13:27.0609 0x0c10  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:13:27.0718 0x0c10  cbidf2k - ok

19:13:27.0734 0x0c10  cd20xrnt - ok

19:13:27.0750 0x0c10  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:13:27.0843 0x0c10  Cdaudio - ok

19:13:27.0859 0x0c10  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:13:27.0984 0x0c10  Cdfs - ok

19:13:28.0015 0x0c10  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:13:28.0125 0x0c10  Cdrom - ok

19:13:28.0125 0x0c10  Changer - ok

19:13:28.0171 0x0c10  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:13:28.0265 0x0c10  CiSvc - ok

19:13:28.0296 0x0c10  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:13:28.0406 0x0c10  ClipSrv - ok

19:13:28.0453 0x0c10  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:13:28.0468 0x0c10  clr_optimization_v2.0.50727_32 - ok

19:13:28.0500 0x0c10  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:13:28.0515 0x0c10  clr_optimization_v4.0.30319_32 - ok

19:13:28.0531 0x0c10  CmdIde - ok

19:13:28.0531 0x0c10  COMSysApp - ok

19:13:28.0546 0x0c10  Cpqarray - ok

19:13:28.0609 0x0c10  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:13:28.0703 0x0c10  CryptSvc - ok

19:13:28.0718 0x0c10  dac2w2k - ok

19:13:28.0718 0x0c10  dac960nt - ok

19:13:28.0781 0x0c10  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:13:28.0812 0x0c10  DcomLaunch - ok

19:13:28.0859 0x0c10  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:13:28.0968 0x0c10  Dhcp - ok

19:13:29.0015 0x0c10  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:13:29.0109 0x0c10  Disk - ok

19:13:29.0109 0x0c10  dmadmin - ok

19:13:29.0218 0x0c10  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:13:29.0375 0x0c10  dmboot - ok

19:13:29.0390 0x0c10  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:13:29.0500 0x0c10  dmio - ok

19:13:29.0531 0x0c10  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:13:29.0640 0x0c10  dmload - ok

19:13:29.0671 0x0c10  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:13:29.0765 0x0c10  dmserver - ok

19:13:29.0781 0x0c10  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:13:29.0875 0x0c10  DMusic - ok

19:13:29.0921 0x0c10  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:13:29.0937 0x0c10  Dnscache - ok

19:13:29.0968 0x0c10  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:13:30.0078 0x0c10  Dot3svc - ok

19:13:30.0078 0x0c10  dpti2o - ok

19:13:30.0109 0x0c10  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:13:30.0203 0x0c10  drmkaud - ok

19:13:30.0250 0x0c10  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:13:30.0343 0x0c10  EapHost - ok

19:13:30.0375 0x0c10  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

19:13:30.0390 0x0c10  ElbyCDIO - ok

19:13:30.0421 0x0c10  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:13:30.0531 0x0c10  ERSvc - ok

19:13:30.0562 0x0c10  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

19:13:30.0578 0x0c10  Eventlog - ok

19:13:30.0625 0x0c10  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

19:13:30.0656 0x0c10  EventSystem - ok

19:13:30.0671 0x0c10  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:13:30.0765 0x0c10  Fastfat - ok

19:13:30.0812 0x0c10  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:13:30.0828 0x0c10  FastUserSwitchingCompatibility - ok

19:13:30.0859 0x0c10  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

19:13:30.0968 0x0c10  Fdc - ok

19:13:30.0968 0x0c10  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:13:31.0062 0x0c10  Fips - ok

19:13:31.0078 0x0c10  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

19:13:31.0171 0x0c10  Flpydisk - ok

19:13:31.0203 0x0c10  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:13:31.0312 0x0c10  FltMgr - ok

19:13:31.0375 0x0c10  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:13:31.0390 0x0c10  FontCache3.0.0.0 - ok

19:13:31.0500 0x0c10  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

19:13:31.0500 0x0c10  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

19:13:31.0500 0x0c10  Detect skipped due to KSN trusted

19:13:31.0500 0x0c10  Freemake Improver - ok

19:13:31.0609 0x0c10  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

19:13:31.0609 0x0c10  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

19:13:31.0609 0x0c10  Detect skipped due to KSN trusted

19:13:31.0609 0x0c10  FreemakeVideoCapture - ok

19:13:31.0625 0x0c10  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:13:31.0718 0x0c10  Fs_Rec - ok

19:13:31.0734 0x0c10  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:13:31.0828 0x0c10  Ftdisk - ok

19:13:31.0890 0x0c10  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

19:13:31.0906 0x0c10  getPlusHelper - ok

19:13:31.0921 0x0c10  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:13:32.0031 0x0c10  Gpc - ok

19:13:32.0093 0x0c10  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

19:13:32.0109 0x0c10  gupdate - ok

19:13:32.0109 0x0c10  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

19:13:32.0125 0x0c10  gupdatem - ok

19:13:32.0171 0x0c10  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

19:13:32.0187 0x0c10  gusvc - ok

19:13:32.0234 0x0c10  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:13:32.0343 0x0c10  HDAudBus - ok

19:13:32.0406 0x0c10  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:13:32.0500 0x0c10  helpsvc - ok

19:13:32.0546 0x0c10  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

19:13:32.0546 0x0c10  HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )

19:13:32.0546 0x0c10  Detect skipped due to KSN trusted

19:13:32.0546 0x0c10  HIDKbFlt - ok

19:13:32.0593 0x0c10  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

19:13:32.0703 0x0c10  HidServ - ok

19:13:32.0734 0x0c10  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:13:32.0828 0x0c10  HidUsb - ok

19:13:32.0906 0x0c10  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:13:33.0000 0x0c10  hkmsvc - ok

19:13:33.0015 0x0c10  hpn - ok

19:13:33.0062 0x0c10  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:13:33.0078 0x0c10  HTTP - ok

19:13:33.0125 0x0c10  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:13:33.0218 0x0c10  HTTPFilter - ok

19:13:33.0234 0x0c10  i2omgmt - ok

19:13:33.0234 0x0c10  i2omp - ok

19:13:33.0265 0x0c10  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:13:33.0359 0x0c10  i8042prt - ok

19:13:33.0484 0x0c10  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:13:33.0531 0x0c10  idsvc - ok

19:13:33.0546 0x0c10  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:13:33.0640 0x0c10  Imapi - ok

19:13:33.0687 0x0c10  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

19:13:33.0781 0x0c10  ImapiService - ok

19:13:33.0796 0x0c10  ini910u - ok

19:13:34.0109 0x0c10  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

19:13:34.0421 0x0c10  IntcAzAudAddService - ok

19:13:34.0453 0x0c10  IntelIde - ok

19:13:34.0468 0x0c10  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:13:34.0562 0x0c10  Ip6Fw - ok

19:13:34.0593 0x0c10  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:13:34.0703 0x0c10  IpFilterDriver - ok

19:13:34.0703 0x0c10  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:13:34.0796 0x0c10  IpInIp - ok

19:13:34.0843 0x0c10  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:13:34.0937 0x0c10  IpNat - ok

19:13:34.0953 0x0c10  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:13:35.0046 0x0c10  IPSec - ok

19:13:35.0062 0x0c10  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:13:35.0125 0x0c10  IRENUM - ok

19:13:35.0156 0x0c10  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:13:35.0250 0x0c10  isapnp - ok

19:13:35.0281 0x0c10  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

19:13:35.0281 0x0c10  Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )

19:13:35.0281 0x0c10  Detect skipped due to KSN trusted

19:13:35.0281 0x0c10  Iviaspi - ok

19:13:35.0312 0x0c10  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

19:13:35.0328 0x0c10  iviVD - ok

19:13:35.0343 0x0c10  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:13:35.0437 0x0c10  Kbdclass - ok

19:13:35.0484 0x0c10  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:13:35.0578 0x0c10  kbdhid - ok

19:13:35.0609 0x0c10  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:13:35.0703 0x0c10  kmixer - ok

19:13:35.0750 0x0c10  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:13:35.0765 0x0c10  KSecDD - ok

19:13:35.0812 0x0c10  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:13:35.0828 0x0c10  lanmanserver - ok

19:13:35.0859 0x0c10  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:13:35.0890 0x0c10  lanmanworkstation - ok

19:13:35.0890 0x0c10  lbrtfdc - ok

19:13:35.0937 0x0c10  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:13:36.0031 0x0c10  LmHosts - ok

19:13:36.0062 0x0c10  [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

19:13:36.0078 0x0c10  mbamchameleon - ok

19:13:36.0171 0x0c10  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

19:13:36.0203 0x0c10  MDM - ok

19:13:36.0218 0x0c10  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:13:36.0312 0x0c10  Messenger - ok

19:13:36.0343 0x0c10  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:13:36.0437 0x0c10  mnmdd - ok

19:13:36.0468 0x0c10  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

19:13:36.0562 0x0c10  mnmsrvc - ok

19:13:36.0593 0x0c10  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:13:36.0687 0x0c10  Modem - ok

19:13:36.0812 0x0c10  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

19:13:36.0906 0x0c10  Monfilt - ok

19:13:36.0937 0x0c10  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:13:37.0031 0x0c10  Mouclass - ok

19:13:37.0046 0x0c10  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:13:37.0140 0x0c10  MountMgr - ok

19:13:37.0187 0x0c10  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

19:13:37.0203 0x0c10  MozillaMaintenance - ok

19:13:37.0203 0x0c10  mraid35x - ok

19:13:37.0218 0x0c10  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:13:37.0328 0x0c10  MRxDAV - ok

19:13:37.0375 0x0c10  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:13:37.0421 0x0c10  MRxSmb - ok

19:13:37.0453 0x0c10  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

19:13:37.0546 0x0c10  MSDTC - ok

19:13:37.0593 0x0c10  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:13:37.0703 0x0c10  Msfs - ok

19:13:37.0703 0x0c10  MSIServer - ok

19:13:37.0734 0x0c10  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:13:37.0828 0x0c10  MSKSSRV - ok

19:13:37.0843 0x0c10  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:13:37.0937 0x0c10  MSPCLOCK - ok

19:13:37.0953 0x0c10  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:13:38.0046 0x0c10  MSPQM - ok

19:13:38.0078 0x0c10  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:13:38.0171 0x0c10  mssmbios - ok

19:13:38.0234 0x0c10  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:13:38.0234 0x0c10  Mup - ok

19:13:38.0281 0x0c10  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:13:38.0390 0x0c10  napagent - ok

19:13:38.0421 0x0c10  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:13:38.0515 0x0c10  NDIS - ok

19:13:38.0562 0x0c10  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:13:38.0578 0x0c10  NdisTapi - ok

19:13:38.0609 0x0c10  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:13:38.0703 0x0c10  Ndisuio - ok

19:13:38.0718 0x0c10  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:13:38.0812 0x0c10  NdisWan - ok

19:13:38.0859 0x0c10  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:13:38.0875 0x0c10  NDProxy - ok

19:13:38.0906 0x0c10  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:13:39.0015 0x0c10  NetBIOS - ok

19:13:39.0031 0x0c10  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:13:39.0140 0x0c10  NetBT - ok

19:13:39.0171 0x0c10  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:13:39.0265 0x0c10  NetDDE - ok

19:13:39.0281 0x0c10  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:13:39.0375 0x0c10  NetDDEdsdm - ok

19:13:39.0406 0x0c10  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

19:13:39.0500 0x0c10  Netlogon - ok

19:13:39.0531 0x0c10  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

19:13:39.0640 0x0c10  Netman - ok

19:13:39.0671 0x0c10  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:13:39.0687 0x0c10  NetTcpPortSharing - ok

19:13:39.0718 0x0c10  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:13:39.0734 0x0c10  Nla - ok

19:13:39.0812 0x0c10  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

19:13:39.0812 0x0c10  NMSAccess - ok

19:13:39.0859 0x0c10  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

19:13:39.0859 0x0c10  npf - ok

19:13:39.0906 0x0c10  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:13:40.0000 0x0c10  Npfs - ok

19:13:40.0046 0x0c10  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:13:40.0171 0x0c10  Ntfs - ok

19:13:40.0187 0x0c10  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

19:13:40.0296 0x0c10  NtLmSsp - ok

19:13:40.0359 0x0c10  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:13:40.0468 0x0c10  NtmsSvc - ok

19:13:40.0500 0x0c10  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:13:40.0593 0x0c10  Null - ok

19:13:41.0203 0x0c10  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:13:41.0812 0x0c10  nv - ok

19:13:41.0875 0x0c10  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

19:13:41.0890 0x0c10  NVHDA - ok

19:13:41.0937 0x0c10  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

19:13:41.0953 0x0c10  NVSvc - ok

19:13:42.0140 0x0c10  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

19:13:42.0250 0x0c10  nvUpdatusService - ok

19:13:42.0265 0x0c10  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:13:42.0359 0x0c10  NwlnkFlt - ok

19:13:42.0390 0x0c10  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:13:42.0484 0x0c10  NwlnkFwd - ok

19:13:42.0515 0x0c10  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:13:42.0625 0x0c10  Parport - ok

19:13:42.0640 0x0c10  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:13:42.0734 0x0c10  PartMgr - ok

19:13:42.0781 0x0c10  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:13:42.0875 0x0c10  ParVdm - ok

19:13:42.0875 0x0c10  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:13:42.0984 0x0c10  PCI - ok

19:13:42.0984 0x0c10  PCIDump - ok

19:13:43.0031 0x0c10  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

19:13:43.0125 0x0c10  PCIIde - ok

19:13:43.0140 0x0c10  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:13:43.0234 0x0c10  Pcmcia - ok

19:13:43.0250 0x0c10  PDCOMP - ok

19:13:43.0250 0x0c10  PDFRAME - ok

19:13:43.0265 0x0c10  PDRELI - ok

19:13:43.0265 0x0c10  PDRFRAME - ok

19:13:43.0281 0x0c10  perc2 - ok

19:13:43.0281 0x0c10  perc2hib - ok

19:13:43.0312 0x0c10  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

19:13:43.0328 0x0c10  PlugPlay - ok

19:13:43.0343 0x0c10  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

19:13:43.0437 0x0c10  PolicyAgent - ok

19:13:43.0453 0x0c10  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:13:43.0546 0x0c10  PptpMiniport - ok

19:13:43.0593 0x0c10  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

19:13:43.0687 0x0c10  Processor - ok

19:13:43.0703 0x0c10  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:13:43.0796 0x0c10  ProtectedStorage - ok

19:13:43.0812 0x0c10  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:13:43.0906 0x0c10  PSched - ok

19:13:43.0937 0x0c10  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:13:44.0031 0x0c10  Ptilink - ok

19:13:44.0046 0x0c10  ql1080 - ok

19:13:44.0046 0x0c10  Ql10wnt - ok

19:13:44.0062 0x0c10  ql12160 - ok

19:13:44.0062 0x0c10  ql1240 - ok

19:13:44.0078 0x0c10  ql1280 - ok

19:13:44.0078 0x0c10  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:13:44.0171 0x0c10  RasAcd - ok

19:13:44.0203 0x0c10  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:13:44.0296 0x0c10  RasAuto - ok

19:13:44.0328 0x0c10  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:13:44.0421 0x0c10  Rasl2tp - ok

19:13:44.0468 0x0c10  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:13:44.0578 0x0c10  RasMan - ok

19:13:44.0609 0x0c10  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:13:44.0703 0x0c10  RasPppoe - ok

19:13:44.0718 0x0c10  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:13:44.0812 0x0c10  Raspti - ok

19:13:44.0859 0x0c10  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:13:44.0953 0x0c10  Rdbss - ok

19:13:44.0968 0x0c10  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:13:45.0062 0x0c10  RDPCDD - ok

19:13:45.0078 0x0c10  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:13:45.0187 0x0c10  rdpdr - ok

19:13:45.0218 0x0c10  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:13:45.0234 0x0c10  RDPWD - ok

19:13:45.0281 0x0c10  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:13:45.0375 0x0c10  RDSessMgr - ok

19:13:45.0437 0x0c10  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

19:13:45.0453 0x0c10  RealNetworks Downloader Resolver Service - ok

19:13:45.0468 0x0c10  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:13:45.0562 0x0c10  redbook - ok

19:13:45.0609 0x0c10  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:13:45.0703 0x0c10  RemoteAccess - ok

19:13:45.0734 0x0c10  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

19:13:45.0843 0x0c10  RemoteRegistry - ok

19:13:45.0859 0x0c10  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

19:13:45.0953 0x0c10  RpcLocator - ok

19:13:46.0000 0x0c10  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:13:46.0031 0x0c10  RpcSs - ok

19:13:46.0062 0x0c10  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

19:13:46.0171 0x0c10  RSVP - ok

19:13:46.0203 0x0c10  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

19:13:46.0234 0x0c10  RTLE8023xp - ok

19:13:46.0234 0x0c10  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:13:46.0328 0x0c10  SamSs - ok

19:13:46.0375 0x0c10  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:13:46.0468 0x0c10  SCardSvr - ok

19:13:46.0531 0x0c10  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:13:46.0625 0x0c10  Schedule - ok

19:13:46.0656 0x0c10  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:13:46.0718 0x0c10  Secdrv - ok

19:13:46.0750 0x0c10  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:13:46.0843 0x0c10  seclogon - ok

19:13:46.0859 0x0c10  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

19:13:46.0968 0x0c10  SENS - ok

19:13:46.0968 0x0c10  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:13:47.0078 0x0c10  serenum - ok

19:13:47.0078 0x0c10  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:13:47.0187 0x0c10  Serial - ok

19:13:47.0218 0x0c10  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:13:47.0312 0x0c10  Sfloppy - ok

19:13:47.0390 0x0c10  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:13:47.0500 0x0c10  SharedAccess - ok

19:13:47.0531 0x0c10  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:13:47.0546 0x0c10  ShellHWDetection - ok

19:13:47.0562 0x0c10  Simbad - ok

19:13:47.0578 0x0c10  Sparrow - ok

19:13:47.0609 0x0c10  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:13:47.0703 0x0c10  splitter - ok

19:13:47.0750 0x0c10  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:13:47.0765 0x0c10  Spooler - ok

19:13:47.0781 0x0c10  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:13:47.0828 0x0c10  sr - ok

19:13:47.0890 0x0c10  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

19:13:47.0953 0x0c10  srservice - ok

19:13:48.0015 0x0c10  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:13:48.0046 0x0c10  Srv - ok

19:13:48.0062 0x0c10  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:13:48.0125 0x0c10  SSDPSRV - ok

19:13:48.0140 0x0c10  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

19:13:48.0140 0x0c10  ssmdrv - ok

19:13:48.0203 0x0c10  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

19:13:48.0218 0x0c10  ss_bbus - ok

19:13:48.0250 0x0c10  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

19:13:48.0265 0x0c10  ss_bmdfl - ok

19:13:48.0312 0x0c10  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

19:13:48.0328 0x0c10  ss_bmdm - ok

19:13:48.0375 0x0c10  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

19:13:48.0375 0x0c10  ss_bserd - ok

19:13:48.0421 0x0c10  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

19:13:48.0421 0x0c10  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

19:13:48.0421 0x0c10  Detect skipped due to KSN trusted

19:13:48.0421 0x0c10  StarOpen - ok

19:13:48.0484 0x0c10  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:13:48.0593 0x0c10  stisvc - ok

19:13:48.0625 0x0c10  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:13:48.0734 0x0c10  swenum - ok

19:13:48.0734 0x0c10  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:13:48.0843 0x0c10  swmidi - ok

19:13:48.0843 0x0c10  SwPrv - ok

19:13:48.0859 0x0c10  symc810 - ok

19:13:48.0859 0x0c10  symc8xx - ok

19:13:48.0859 0x0c10  sym_hi - ok

19:13:48.0875 0x0c10  sym_u3 - ok

19:13:48.0890 0x0c10  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:13:48.0984 0x0c10  sysaudio - ok

19:13:49.0031 0x0c10  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:13:49.0125 0x0c10  SysmonLog - ok

19:13:49.0171 0x0c10  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:13:49.0281 0x0c10  TapiSrv - ok

19:13:49.0328 0x0c10  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:13:49.0359 0x0c10  Tcpip - ok

19:13:49.0390 0x0c10  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:13:49.0484 0x0c10  TDPIPE - ok

19:13:49.0500 0x0c10  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:13:49.0609 0x0c10  TDTCP - ok

19:13:49.0625 0x0c10  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:13:49.0718 0x0c10  TermDD - ok

19:13:49.0781 0x0c10  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

19:13:49.0875 0x0c10  TermService - ok

19:13:49.0906 0x0c10  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:13:49.0921 0x0c10  Themes - ok

19:13:49.0953 0x0c10  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

19:13:50.0015 0x0c10  TlntSvr - ok

19:13:50.0015 0x0c10  TosIde - ok

19:13:50.0046 0x0c10  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:13:50.0140 0x0c10  TrkWks - ok

19:13:50.0187 0x0c10  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:13:50.0281 0x0c10  Udfs - ok

19:13:50.0359 0x0c10  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

19:13:50.0359 0x0c10  UleadBurningHelper - ok

19:13:50.0375 0x0c10  ultra - ok

19:13:50.0406 0x0c10  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

19:13:50.0421 0x0c10  UMWdf - ok

19:13:50.0484 0x0c10  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:13:50.0609 0x0c10  Update - ok

19:13:50.0640 0x0c10  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:13:50.0703 0x0c10  upnphost - ok

19:13:50.0734 0x0c10  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

19:13:50.0828 0x0c10  UPS - ok

19:13:50.0875 0x0c10  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

19:13:50.0968 0x0c10  usbaudio - ok

19:13:51.0015 0x0c10  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:13:51.0109 0x0c10  usbccgp - ok

19:13:51.0125 0x0c10  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:13:51.0218 0x0c10  usbehci - ok

19:13:51.0250 0x0c10  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:13:51.0343 0x0c10  usbhub - ok

19:13:51.0359 0x0c10  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:13:51.0453 0x0c10  usbohci - ok

19:13:51.0484 0x0c10  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:13:51.0578 0x0c10  usbprint - ok

19:13:51.0609 0x0c10  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:13:51.0703 0x0c10  usbscan - ok

19:13:51.0734 0x0c10  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:13:51.0828 0x0c10  USBSTOR - ok

19:13:51.0875 0x0c10  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:13:51.0968 0x0c10  VgaSave - ok

19:13:51.0968 0x0c10  ViaIde - ok

19:13:51.0984 0x0c10  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:13:52.0078 0x0c10  VolSnap - ok

19:13:52.0140 0x0c10  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

19:13:52.0218 0x0c10  VSS - ok

19:13:52.0250 0x0c10  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

19:13:52.0343 0x0c10  W32Time - ok

19:13:52.0359 0x0c10  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:13:52.0453 0x0c10  Wanarp - ok

19:13:52.0468 0x0c10  WDICA - ok

19:13:52.0500 0x0c10  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:13:52.0593 0x0c10  wdmaud - ok

19:13:52.0625 0x0c10  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:13:52.0734 0x0c10  WebClient - ok

19:13:52.0812 0x0c10  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:13:52.0921 0x0c10  winmgmt - ok

19:13:52.0968 0x0c10  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

19:13:52.0984 0x0c10  WmdmPmSN - ok

19:13:53.0046 0x0c10  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

19:13:53.0093 0x0c10  Wmi - ok

19:13:53.0125 0x0c10  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:13:53.0234 0x0c10  WmiApSrv - ok

19:13:53.0265 0x0c10  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

19:13:53.0281 0x0c10  WpdUsb - ok

19:13:53.0390 0x0c10  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:13:53.0421 0x0c10  WPFFontCache_v0400 - ok

19:13:53.0468 0x0c10  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:13:53.0562 0x0c10  wscsvc - ok

19:13:53.0593 0x0c10  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:13:53.0703 0x0c10  wuauserv - ok

19:13:53.0765 0x0c10  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:13:53.0890 0x0c10  WZCSVC - ok

19:13:53.0921 0x0c10  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:13:54.0031 0x0c10  xmlprov - ok

19:13:54.0031 0x0c10  ================ Scan global ===============================

19:13:54.0046 0x0c10  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

19:13:54.0109 0x0c10  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

19:13:54.0140 0x0c10  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

19:13:54.0171 0x0c10  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

19:13:54.0171 0x0c10  [ Global ] - ok

19:13:54.0171 0x0c10  ================ Scan MBR ==================================

19:13:54.0203 0x0c10  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

19:13:54.0390 0x0c10  \Device\Harddisk0\DR0 - ok

19:13:54.0390 0x0c10  ================ Scan VBR ==================================

19:13:54.0406 0x0c10  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

19:13:54.0406 0x0c10  \Device\Harddisk0\DR0\Partition1 - ok

19:13:54.0406 0x0c10  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

19:13:54.0406 0x0c10  \Device\Harddisk0\DR0\Partition2 - ok

19:13:54.0406 0x0c10  ================ Scan generic autorun ======================

19:13:54.0500 0x0c10  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

19:13:54.0515 0x0c10  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

19:13:54.0515 0x0c10  Detect skipped due to KSN trusted

19:13:54.0515 0x0c10  StartCCC - ok

19:13:55.0468 0x0c10  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

19:13:56.0531 0x0c10  RTHDCPL - ok

19:13:56.0656 0x0c10  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

19:13:56.0671 0x0c10  Adobe Reader Speed Launcher - ok

19:13:56.0765 0x0c10  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

19:13:56.0812 0x0c10  Adobe ARM - ok

19:13:56.0906 0x0c10  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

19:13:56.0921 0x0c10  HPDJ Taskbar Utility - ok

19:13:57.0031 0x0c10  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

19:13:57.0062 0x0c10  UVS11 Preload - ok

19:13:57.0140 0x0c10  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

19:13:57.0156 0x0c10  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

19:13:57.0156 0x0c10  Detect skipped due to KSN trusted

19:13:57.0156 0x0c10  QuickTime Task - ok

19:13:57.0218 0x0c10  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

19:13:57.0234 0x0c10  OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )

19:13:57.0234 0x0c10  OfficeKB ( UnsignedFile.Multi.Generic ) - warning

19:14:10.0625 0x0c10  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

19:14:10.0625 0x0c10  KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )

19:14:10.0625 0x0c10  KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning

19:14:10.0625 0x0c10  Force sending object to P2P due to detect: C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

19:14:13.0156 0x0c10  Object send P2P result: true

19:14:15.0531 0x0c10  NvCplDaemon - ok

19:14:15.0531 0x0c10  NvMediaCenter - ok

19:14:15.0734 0x0c10  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

19:14:15.0859 0x0c10  nwiz - ok

19:14:15.0968 0x0c10  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

19:14:16.0015 0x0c10  Nvtmru - ok

19:14:16.0125 0x0c10  [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

19:14:16.0171 0x0c10  avgnt - ok

19:14:16.0296 0x0c10  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

19:14:16.0312 0x0c10  TkBellExe - ok

19:14:16.0343 0x0c10  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:14:16.0453 0x0c10  CTFMON.EXE - ok

19:14:16.0453 0x0c10  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:14:16.0546 0x0c10  CTFMON.EXE - ok

19:14:16.0546 0x0c10  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:14:16.0656 0x0c10  CTFMON.EXE - ok

19:14:16.0656 0x0c10  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

19:14:16.0750 0x0c10  CTFMON.EXE - ok

19:14:16.0890 0x0c10  [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe

19:14:17.0000 0x0c10  MSMSGS - ok

19:14:17.0171 0x0c10  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

19:14:17.0203 0x0c10  AmazonMP3DownloaderHelper - ok

19:14:17.0218 0x0c10  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

19:14:17.0328 0x0c10  CTFMON.EXE - ok

19:14:17.0343 0x0c10  AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated

19:14:17.0343 0x0c10  Win FW state via NFM: enabled

19:14:19.0718 0x0c10  ============================================================

19:14:19.0718 0x0c10  Scan finished

19:14:19.0718 0x0c10  ============================================================

19:14:19.0718 0x051c  Detected object count: 2

19:14:19.0718 0x051c  Actual detected object count: 2

19:14:30.0625 0x051c  C:\PROGRA~1\OfficeKB\OfficeKB.EXE - copied to quarantine

19:14:30.0625 0x051c  OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:14:30.0640 0x051c  C:\PROGRA~1\OfficeKB\KPDrv4XP.exe - copied to quarantine

19:14:30.0640 0x051c  KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

19:14:35.0015 0x06c4  Deinitialize success

schrauber

12.03.2015 09:38

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es eine Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

mysteryPC

12.03.2015 16:41

Code:

ComboFix 15-03-09.01 - Slim 12.03.2015  16:17:37.1.2 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1535.896 [GMT 1:00]

ausgeführt von:: C:\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.
  ADS - WINDOWS: deleted 24 bytes in 1 streams. 

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\1.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\a.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\b.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\c.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\d.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\e.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\f.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\g.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\h.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\i.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\j.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\k.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\l.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\m.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\mru.xml

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\n.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\o.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\p.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\q.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\r.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\s.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\t.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\u.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\v.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\w.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\wlu.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\x.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\y.txt

c:\dokumente und einstellungen\LocalService\Anwendungsdaten\PriceGong\Data\z.txt

c:\dokumente und einstellungen\Slim\Anwendungsdaten\facemoods.com

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\1.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\a.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\b.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\c.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\d.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\e.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\f.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\g.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\h.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\i.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\J.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\k.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\l.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\m.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\mru.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\n.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\o.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\p.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\q.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\r.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\s.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\t.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\u.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\v.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\w.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\x.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\y.xml

c:\dokumente und einstellungen\Slim\Anwendungsdaten\PriceGong\Data\z.xml

c:\programme\AmazonMP3DownloaderInstall._V383688031_.exe

c:\windows\$msi31uninstall_kb893803v2$

c:\windows\$msi31uninstall_kb893803v2$\msi.dll

c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe

c:\windows\$msi31uninstall_kb893803v2$\msihnd.dll

c:\windows\$msi31uninstall_kb893803v2$\msimsg.dll

c:\windows\$msi31uninstall_kb893803v2$\msisip.dll

c:\windows\$msi31uninstall_kb893803v2$\reg00013

c:\windows\$msi31uninstall_kb893803v2$\reg00014

c:\windows\$msi31uninstall_kb893803v2$\reg00015

c:\windows\$msi31uninstall_kb893803v2$\reg00016

c:\windows\$msi31uninstall_kb893803v2$\reg00017

c:\windows\$msi31uninstall_kb893803v2$\reg00018

c:\windows\$msi31uninstall_kb893803v2$\reg00019

c:\windows\$msi31uninstall_kb893803v2$\reg00020

c:\windows\$msi31uninstall_kb893803v2$\reg00021

c:\windows\$msi31uninstall_kb893803v2$\reg00022

c:\windows\$msi31uninstall_kb893803v2$\reg00023

c:\windows\$msi31uninstall_kb893803v2$\reg00024

c:\windows\$msi31uninstall_kb893803v2$\reg00025

c:\windows\$msi31uninstall_kb893803v2$\reg00026

c:\windows\$msi31uninstall_kb893803v2$\reg00027

c:\windows\$msi31uninstall_kb893803v2$\reg00028

c:\windows\$msi31uninstall_kb893803v2$\reg00029

c:\windows\$msi31uninstall_kb893803v2$\reg00030

c:\windows\$msi31uninstall_kb893803v2$\reg00031

c:\windows\$msi31uninstall_kb893803v2$\reg00032

c:\windows\$msi31uninstall_kb893803v2$\reg00033

c:\windows\$msi31uninstall_kb893803v2$\reg00034

c:\windows\$msi31uninstall_kb893803v2$\reg00035

c:\windows\$msi31uninstall_kb893803v2$\reg00036

c:\windows\$msi31uninstall_kb893803v2$\reg00037

c:\windows\$msi31uninstall_kb893803v2$\reg00038

c:\windows\$msi31uninstall_kb893803v2$\reg00039

c:\windows\$msi31uninstall_kb893803v2$\reg00040

c:\windows\$msi31uninstall_kb893803v2$\reg00041

c:\windows\$msi31uninstall_kb893803v2$\reg00042

c:\windows\$msi31uninstall_kb893803v2$\reg00043

c:\windows\$msi31uninstall_kb893803v2$\reg00044

c:\windows\$msi31uninstall_kb893803v2$\reg00045

c:\windows\$msi31uninstall_kb893803v2$\reg00046

c:\windows\$msi31uninstall_kb893803v2$\reg00047

c:\windows\$msi31uninstall_kb893803v2$\reg00048

c:\windows\$msi31uninstall_kb893803v2$\reg00051

c:\windows\$msi31uninstall_kb893803v2$\reg00052

c:\windows\$msi31uninstall_kb893803v2$\reg00053

c:\windows\$msi31uninstall_kb893803v2$\reg00054

c:\windows\$msi31uninstall_kb893803v2$\reg00055

c:\windows\$msi31uninstall_kb893803v2$\reg00056

c:\windows\$msi31uninstall_kb893803v2$\reg00057

c:\windows\$msi31uninstall_kb893803v2$\reg00058

c:\windows\$msi31uninstall_kb893803v2$\reg00059

c:\windows\$msi31uninstall_kb893803v2$\reg00060

c:\windows\$msi31uninstall_kb893803v2$\reg00061

c:\windows\$msi31uninstall_kb893803v2$\reg00062

c:\windows\$msi31uninstall_kb893803v2$\reg00063

c:\windows\$msi31uninstall_kb893803v2$\reg00064

c:\windows\$msi31uninstall_kb893803v2$\reg00065

c:\windows\$msi31uninstall_kb893803v2$\reg00066

c:\windows\$msi31uninstall_kb893803v2$\reg00067

c:\windows\$msi31uninstall_kb893803v2$\reg00068

c:\windows\$msi31uninstall_kb893803v2$\reg00069

c:\windows\$msi31uninstall_kb893803v2$\reg00070

c:\windows\$msi31uninstall_kb893803v2$\reg00071

c:\windows\$msi31uninstall_kb893803v2$\reg00072

c:\windows\$msi31uninstall_kb893803v2$\reg00073

c:\windows\$msi31uninstall_kb893803v2$\reg00074

c:\windows\$msi31uninstall_kb893803v2$\reg00075

c:\windows\$msi31uninstall_kb893803v2$\reg00076

c:\windows\$msi31uninstall_kb893803v2$\reg00077

c:\windows\$msi31uninstall_kb893803v2$\reg00078

c:\windows\$msi31uninstall_kb893803v2$\reg00079

c:\windows\$msi31uninstall_kb893803v2$\reg00080

c:\windows\$msi31uninstall_kb893803v2$\reg00081

c:\windows\$msi31uninstall_kb893803v2$\reg00082

c:\windows\$msi31uninstall_kb893803v2$\reg00083

c:\windows\$msi31uninstall_kb893803v2$\reg00084

c:\windows\$msi31uninstall_kb893803v2$\reg00085

c:\windows\$msi31uninstall_kb893803v2$\reg00086

c:\windows\$msi31uninstall_kb893803v2$\reg00087

c:\windows\$msi31uninstall_kb893803v2$\reg00088

c:\windows\$msi31uninstall_kb893803v2$\reg00089

c:\windows\$msi31uninstall_kb893803v2$\reg00090

c:\windows\$msi31uninstall_kb893803v2$\reg00091

c:\windows\$msi31uninstall_kb893803v2$\reg00092

c:\windows\$msi31uninstall_kb893803v2$\reg00093

c:\windows\$msi31uninstall_kb893803v2$\reg00094

c:\windows\$msi31uninstall_kb893803v2$\reg00095

c:\windows\$msi31uninstall_kb893803v2$\reg00096

c:\windows\$msi31uninstall_kb893803v2$\reg00097

c:\windows\$msi31uninstall_kb893803v2$\reg00098

c:\windows\$msi31uninstall_kb893803v2$\reg00099

c:\windows\$msi31uninstall_kb893803v2$\reg00100

c:\windows\$msi31uninstall_kb893803v2$\reg00101

c:\windows\$msi31uninstall_kb893803v2$\reg00102

c:\windows\$msi31uninstall_kb893803v2$\reg00103

c:\windows\$msi31uninstall_kb893803v2$\reg00104

c:\windows\$msi31uninstall_kb893803v2$\reg00105

c:\windows\$msi31uninstall_kb893803v2$\reg00106

c:\windows\$msi31uninstall_kb893803v2$\reg00107

c:\windows\$msi31uninstall_kb893803v2$\reg00108

c:\windows\$msi31uninstall_kb893803v2$\reg00109

c:\windows\$msi31uninstall_kb893803v2$\reg00110

c:\windows\$msi31uninstall_kb893803v2$\reg00111

c:\windows\$msi31uninstall_kb893803v2$\reg00112

c:\windows\$msi31uninstall_kb893803v2$\reg00113

c:\windows\$msi31uninstall_kb893803v2$\reg00114

c:\windows\$msi31uninstall_kb893803v2$\reg00115

c:\windows\$msi31uninstall_kb893803v2$\reg00116

c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.exe

c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.inf

c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.txt

c:\windows\$msi31uninstall_kb893803v2$\spuninst\updspapi.dll

c:\windows\msdownld.tmp

c:\windows\system32\SET6B3.tmp

c:\windows\system32\SET6B5.tmp

c:\windows\system32\SET6B9.tmp

c:\windows\system32\SET6BA.tmp

c:\windows\system32\SET6BB.tmp

c:\windows\system32\SET6BF.tmp

c:\windows\system32\SET6C1.tmp

.

.

(((((((((((((((((((((((   Dateien erstellt von 2015-02-12 bis 2015-03-12  ))))))))))))))))))))))))))))))

.

.

2015-03-11 18:08 . 2015-03-11 18:08        --------        d-----w-        C:\TDSSKiller_Quarantine

2015-03-09 13:24 . 2015-03-09 13:24        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2015-03-09 13:23 . 2015-03-10 10:21        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)

2015-03-09 13:23 . 2015-03-10 09:17        119512        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys

2015-03-09 13:20 . 2015-03-09 13:20        120024        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2015-03-09 12:57 . 2015-03-09 12:57        --------        d-----w-        c:\programme\VS Revo Group

2015-03-09 06:15 . 2015-03-09 06:15        --------        d-----w-        c:\windows\system32\wbem\Repository

2015-03-09 05:58 . 2015-03-09 05:58        --------        dc----w-        C:\NVIDIA

2015-03-08 19:00 . 2015-03-09 06:01        --------        d-----w-        C:\FRST

2015-03-08 12:56 . 2015-03-08 12:56        --------        d-----w-        c:\dokumente und einstellungen\LocalService\IETldCache

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2015-03-05 13:41 . 2014-01-31 08:30        136216        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2015-03-05 13:41 . 2014-01-31 08:30        105864        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2015-02-04 20:00 . 2013-06-21 04:50        701616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2015-02-04 20:00 . 2011-11-23 12:13        71344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2011-02-18 09:13 . 2011-02-18 09:13        287032        ----a-w-        c:\programme\SoftonicDownloader_fuer_picture-converter.exe

2010-09-30 08:29 . 2010-09-30 08:28        291680        ----a-w-        c:\programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe

2010-07-01 17:39 . 2010-07-01 17:39        822296        ----a-w-        c:\programme\RealPlayerSPGold_de.exe

2010-06-30 05:28 . 2010-06-30 05:27        33177736        ----a-w-        c:\programme\Nero-9.4.12.708b_lite.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmazonMP3DownloaderHelper"="c:\dokumente und einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]

"RTHDCPL"="RTHDCPL.EXE" [2009-03-12 17531392]

"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-07-10 188416]

"UVS11 Preload"="c:\programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]

"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2006-09-01 282624]

"OfficeKB"="c:\progra~1\OfficeKB\OfficeKB.EXE" [2004-10-22 200704]

"KPDrv4XP"="c:\progra~1\OfficeKB\KPDrv4XP.exe" [2003-06-12 32768]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-09-12 15693600]

"NvMediaCenter"="NvMCTray.dll" [2013-09-12 209184]

"nwiz"="c:\programme\NVIDIA Corporation\nview\nwiz.exe" [2013-09-12 2586912]

"Nvtmru"="c:\programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]

"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2015-03-05 703280]

"TkBellExe"="c:\programme\Real\RealPlayer\update\realsched.exe" [2014-04-29 295512]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"DeleteEngineAfterUpdate"="reg DELETE HKCU\Software\ConduitEngine" [X]

.

c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\

InterVideo WinCinema Manager.lnk - c:\programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe [2010-7-13 303104]

Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programme\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=

"c:\\Programme\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=

"c:\\Programme\\Mozilla Firefox\\firefox.exe"=

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [31.01.2014 09:30 37352]

R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [31.01.2014 09:30 432888]

R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\programme\Freemake\CaptureLib\CaptureLibService.exe [12.06.2014 22:33 9216]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11.02.2011 22:23 35088]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\programme\RealNetworks\RealDownloader\rndlresolversvc.exe [14.08.2013 14:19 39056]

R3 HIDKbFlt;Dritek USB Keyboard HID Filter;c:\windows\system32\drivers\HIDKbFlt.sys [14.12.2004 03:49 21120]

S2 Freemake Improver;Freemake Improver;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [12.06.2014 22:33 108032]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [13.01.2010 21:10 1684736]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [09.03.2015 14:20 120024]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [17.09.2013 18:27 98432]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [17.09.2013 18:27 14848]

S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [17.09.2013 18:27 123648]

S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [17.09.2013 18:28 100224]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper        REG_MULTI_SZ           getPlusHelper

.

Inhalt des "geplante Tasks" Ordners

.

2015-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-21 20:00]

.

2015-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\programme\Google\Update\GoogleUpdate.exe [2013-08-14 12:54]

.

2015-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\programme\Google\Update\GoogleUpdate.exe [2013-08-14 12:54]

.

2015-02-21 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14 13:19]

.

2015-03-12 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14 13:19]

.

2015-03-06 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14 13:19]

.

2015-03-12 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2015-03-12 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2015-03-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2015-03-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\dokumente und einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default\

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

WebBrowser-{41564952-412D-5637-4300-7A786E7484D7} - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2015-03-12 16:23

Windows 5.1.2600 Service Pack 3 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,d1,36,59,79,fc,a9,47,a8,6c,c0,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,d1,36,59,79,fc,a9,47,a8,6c,c0,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]

@Denied: (A 2) (Everyone)

@="IFlashBroker6"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'winlogon.exe'(748)

c:\windows\system32\Ati2evxx.dll

.

Zeit der Fertigstellung: 2015-03-12  16:25:05

ComboFix-quarantined-files.txt  2015-03-12 15:25

.

Vor Suchlauf: 13 Verzeichnis(se), 17.484.423.168 Bytes frei

Nach Suchlauf: 16 Verzeichnis(se), 21.208.915.968 Bytes frei

.

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 0EF2AA11EFA0BB010E0B4E496792B1DD

72B8CE41AF0DE751C946802B3ED844B4

schrauber

13.03.2015 08:46

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

mysteryPC

13.03.2015 08:55

puuuh ok mache ich....
Bin seit ca 1 Stunde on und mein Rechner rechnet und rechnet im Hintergrund ist das normal oder hat das was mit dem combofix zu tun? (den habe ich ja erst seit gestern drauf....arbeitet der im Hintergrund?)
Und was siehst Du da Schrauber? Ich habe das Gefühl ich mache und tu und es tut sich nix? Oder täuscht das?

schrauber

13.03.2015 13:16

Combofix läuft nur einmal. Damit haben wir schon ne Tonne an Müll entfernt.

mysteryPC

13.03.2015 16:17

So anbei erstmal die Logfile von Antimalewarebites:

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 13.03.2015

Suchlauf-Zeit: 14:35:59

Logdatei: mbam.txt. für schrauber.txt

Administrator: Ja
 

Version: 2.00.4.1028

Malware Datenbank: v2015.03.13.05

Rootkit Datenbank: v2015.02.25.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows XP Service Pack 3

CPU: x86

Dateisystem: NTFS

Benutzer: Slim
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 373142

Verstrichene Zeit: 23 Min, 58 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(Keine schädliche Elemente erkannt)
 

Module: 0

(Keine schädliche Elemente erkannt)
 

Registrierungsschlüssel: 0

(Keine schädliche Elemente erkannt)
 

Registrierungswerte: 0

(Keine schädliche Elemente erkannt)
 

Registrierungsdaten: 0

(Keine schädliche Elemente erkannt)
 

Ordner: 0

(Keine schädliche Elemente erkannt)
 

Dateien: 0

(Keine schädliche Elemente erkannt)
 

Physische Sektoren: 0

(Keine schädliche Elemente erkannt)
 
 

(end)

Mit dem ADWCleaner komm ich nicht klar und habe daher die anderen Punkte auch noch nicht abgearbeitet...
ich versuche mal ein screenshot zu machen wo es bei mir hakt, da ich mit der Beschreibung auch nicht weiterkomme....

PS: bei malewarebytes waren es über 600 Eelemente die er gefunden hatte

okay für screenshot bin ich auch zu b.öd dann anders (ADWCleaner):
Nach dem Suchlauf steht da: Warte auf weitere Aktion. Bitte wähle die Elemente ab, die Sie behalten möchten.Darunter Ergebnisse geöffnet ist die Registerkarte "Dienste"und dann steht da : nix

in den anderen Registerkarten steht was aber in der Anleitung sind diese nicht berücksichtigt...
Erbitte nun weitere Anweisung um fortzufahren

Nochmal PS: seitdem die letzten 2 Programme durch sind (combofix und Malewarebytes) empfinde ich meinen rechner als immer langsamer, auch die Seitenweiterleitung funzt machmal nicht...oder ich bilde mir das jetzt ein :confused:
ich wart nochmal ab...

hier mal was ich davon habe ;-)

Code:

# AdwCleaner v4.112 - Bericht erstellt 13/03/2015 um 15:50:39

# Aktualisiert 09/03/2015 von Xplode

# Datenbank : 2015-03-05.1 [Server]

# Betriebssystem : Microsoft Windows XP Service Pack 3 (x86)

# Benutzername : Slim - SLIM-36FB768E46

# Gestarted von : C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Downloads\AdwCleaner_4.112.exe

# Option : Suchlauf
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Datei Gefunden : C:\WINDOWS\system32\conduitEngine.tmp

Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\apn

Ordner Gefunden : C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Gutscheinmieze

Ordner Gefunden : C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Uniblue

Ordner Gefunden : C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Conduit

Ordner Gefunden : C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\ConduitEngine

Ordner Gefunden : C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\OpenCandy

Ordner Gefunden : C:\Programme\BearShare Applications

Ordner Gefunden : C:\Programme\Conduit
 

***** [ Geplante Tasks ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gefunden : HKCU\Software\Conduit

Schlüssel Gefunden : HKCU\Software\conduitEngine

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}

Schlüssel Gefunden : HKCU\Software\Softonic

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT1460988

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2431245

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}

Schlüssel Gefunden : HKLM\SOFTWARE\Conduit

Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v8.0.6001.18702
 
 

-\\ Mozilla Firefox v35.0.1 (x86 de)
 
 

-\\ Google Chrome v
 
 

-\\ Opera v27.0.1689.76
 

*************************
 

AdwCleaner[R0].txt - [3410 Bytes] - [13/03/2015 15:33:16]

AdwCleaner[R1].txt - [3286 Bytes] - [13/03/2015 15:50:39]
 

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [3345 Bytes] ##########

schrauber

14.03.2015 09:27

AdwCleaner nochmal. Suchen klicken. Nix machen. Oben steht dann irgendwann Warte auf Aktion oder sowas, dann auf Löschen klicken.

Dan den Rest von Oben.

mysteryPC

14.03.2015 17:41

Na gut ich versuchs nochmal

und

Ja genau dann steht da: warte auf weitere Aktion, aber da ist nix zum löschen....(habe ich oben beschrieben) da steht nix...leere zeilen....soll ich dennoch?

Code:

# AdwCleaner v4.112 - Bericht erstellt 14/03/2015 um 17:21:30

# Aktualisiert 09/03/2015 von Xplode

# Datenbank : 2015-03-05.1 [Server]

# Betriebssystem : Microsoft Windows XP Service Pack 3 (x86)

# Benutzername : Slim - SLIM-36FB768E46

# Gestarted von : C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Downloads\AdwCleaner_4.112.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\apn

Ordner Gelöscht : C:\Programme\BearShare Applications

Ordner Gelöscht : C:\Programme\Conduit

Ordner Gelöscht : C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Conduit

Ordner Gelöscht : C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\ConduitEngine

Ordner Gelöscht : C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\OpenCandy

Ordner Gelöscht : C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Gutscheinmieze

Ordner Gelöscht : C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Uniblue

Datei Gelöscht : C:\WINDOWS\system32\conduitEngine.tmp
 

***** [ Geplante Tasks ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1460988

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\conduitEngine

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit

Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v8.0.6001.18702
 
 

-\\ Mozilla Firefox v36.0.1 (x86 de)
 
 

-\\ Google Chrome v
 
 

-\\ Opera v27.0.1689.76
 
 

*************************
 

AdwCleaner[R1].txt - [3424 Bytes] - [13/03/2015 15:50:39]

AdwCleaner[R2].txt - [3424 Bytes] - [14/03/2015 17:18:41]

AdwCleaner[S0].txt - [3346 Bytes] - [14/03/2015 17:21:30]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3405  Bytes] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.3 (03.01.2015:1)

OS: Microsoft Windows XP x86

Ran by Slim on 14.03.2015 at 17:32:35,75

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 14.03.2015 at 17:35:19,37

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015

Ran by Slim (administrator) on SLIM-36FB768E46 on 14-03-2015 17:39:23

Running from C:\

Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

(Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe

(RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe

() C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

(Freemake) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

() C:\Programme\CDBurnerXP\NMSAccessU.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(RealNetworks, Inc.) C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP)

HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation)

HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)

HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.)

HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] ()

HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-05] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk

ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12]

FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06]

FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06]
 

Chrome: 

=======

CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11]

CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]

R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)

R2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]

R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]

S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google)

R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-03-13] (Mozilla Foundation)

R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()

R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)

R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)

R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed]

R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]

R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-21] (Malwarebytes Corporation)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)

R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation)

R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)

S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)

S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)

S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)

S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]

S3 catchme; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\catchme.sys [X]

S4 IntelIde; No ImagePath

U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-14 17:39 - 2015-03-14 17:39 - 01135104 _____ (Farbar) C:\FRST.exe

2015-03-14 17:39 - 2015-03-14 17:39 - 00020241 _____ () C:\FRST.txt

2015-03-14 17:35 - 2015-03-14 17:35 - 00000727 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\JRT.txt

2015-03-14 17:31 - 2015-03-14 17:31 - 01388333 _____ (Thisisu) C:\JRT.exe

2015-03-13 16:00 - 2015-03-13 16:00 - 00000000 ____D () C:\Programme\Mozilla Firefox

2015-03-13 15:29 - 2015-03-14 17:21 - 00000000 ____D () C:\AdwCleaner

2015-03-13 15:01 - 2015-03-13 15:01 - 00001222 _____ () C:\mbam.txt. für schrauber.txt

2015-03-13 14:34 - 2015-03-13 14:34 - 00000756 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-13 14:34 - 2015-03-13 14:34 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware

2015-03-13 14:34 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-03-12 16:44 - 2015-03-12 16:44 - 00000422 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Verknüpfung mit ComboFix.lnk

2015-03-12 16:25 - 2015-03-14 17:39 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00022597 _____ () C:\ComboFix.txt

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp

2015-03-12 16:15 - 2015-03-12 16:15 - 00000000 _RSHD () C:\cmdcons

2015-03-12 16:15 - 2010-01-13 20:32 - 00000211 _____ () C:\Boot.bak

2015-03-12 16:15 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr

2015-03-12 16:06 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe

2015-03-12 16:06 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe

2015-03-12 16:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe

2015-03-12 16:05 - 2015-03-12 16:25 - 00000000 ____D () C:\Qoobox

2015-03-12 16:05 - 2015-03-12 16:05 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Verwaltung

2015-03-12 16:04 - 2015-03-12 16:24 - 00000000 ____D () C:\WINDOWS\erdnt

2015-03-12 16:04 - 2015-03-12 16:03 - 05613296 ____R (Swearware) C:\ComboFix.exe

2015-03-11 19:08 - 2015-03-11 19:08 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-03-11 07:39 - 2015-03-11 07:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Slim\Desktop\tdsskiller.exe

2015-03-09 14:24 - 2015-03-13 14:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

2015-03-09 14:23 - 2015-03-13 14:35 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-03-09 14:23 - 2015-03-13 08:48 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)

2015-03-09 14:20 - 2015-03-10 11:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Desktop\mbar

2015-03-09 14:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-03-09 13:57 - 2015-03-09 13:57 - 00000896 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Revo Uninstaller.lnk

2015-03-09 13:57 - 2015-03-09 13:57 - 00000000 ____D () C:\Programme\VS Revo Group

2015-03-09 07:59 - 2015-03-09 07:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Ulead VideoStudio

2015-03-09 07:24 - 2015-03-09 07:24 - 00000060 _____ () C:\WINDOWS\setupact.log

2015-03-09 07:24 - 2015-03-09 07:24 - 00000000 _____ () C:\WINDOWS\setuperr.log

2015-03-09 06:58 - 2015-03-09 06:58 - 00000000 ___DC () C:\NVIDIA

2015-03-08 21:03 - 2015-03-09 06:59 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$

2015-03-08 21:01 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$

2015-03-08 20:58 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB941569$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$

2015-03-08 20:00 - 2015-03-14 17:39 - 00000000 ____D () C:\FRST

2015-03-08 16:59 - 2015-03-09 07:05 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$

2015-03-08 16:52 - 2015-03-09 07:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$

2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$

2015-03-08 16:47 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$

2015-03-08 16:46 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$

2015-03-08 16:41 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$

2015-03-08 16:40 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$

2015-03-08 16:14 - 2015-03-09 07:13 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$

2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\IETldCache
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-14 17:38 - 2013-10-08 13:38 - 00009248 _____ () C:\WINDOWS\system32\nvAppTimestamps

2015-03-14 17:26 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-14 17:26 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-14 17:26 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-14 17:26 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl

2015-03-14 17:25 - 2010-01-13 20:38 - 01786218 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-14 17:24 - 2010-01-13 20:31 - 00000157 _____ () C:\WINDOWS\wiadebug.log

2015-03-14 17:24 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2015-03-14 17:23 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-14 17:23 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-14 17:23 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-14 17:22 - 2014-06-06 11:00 - 00196608 _____ () C:\WINDOWS\system32\config\CaptureL.evt

2015-03-14 17:22 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini

2015-03-14 17:22 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim

2015-03-14 17:22 - 2010-01-13 20:44 - 00032392 _____ () C:\WINDOWS\SchedLgU.Txt

2015-03-14 17:21 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme

2015-03-14 17:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-14 17:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-14 06:31 - 2014-03-13 15:56 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service

2015-03-13 15:53 - 2010-02-04 14:35 - 00082800 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\GDIPFONTCACHEV1.DAT

2015-03-13 15:52 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk

2015-03-13 15:03 - 2011-03-21 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443685$

2015-03-12 19:31 - 2010-01-15 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\vlc

2015-03-12 19:19 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn

2015-03-12 16:23 - 2006-02-28 13:00 - 00000227 _____ () C:\WINDOWS\system.ini

2015-03-12 16:15 - 2010-01-13 21:27 - 00000327 __RSH () C:\boot.ini

2015-03-12 16:05 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme

2015-03-10 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-10 07:52 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client

2015-03-09 14:07 - 2012-11-03 09:27 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit

2015-03-09 12:23 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2015-03-09 12:13 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration

2015-03-09 07:17 - 2010-01-13 20:28 - 00294864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-09 07:16 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService

2015-03-09 07:16 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService

2015-03-09 07:13 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$

2015-03-09 07:10 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer

2015-03-09 07:03 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon

2015-03-09 07:02 - 2013-01-19 19:52 - 00000000 ____D () C:\Programme\Opera

2015-03-09 07:02 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon

2015-03-09 06:58 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt

2015-03-09 06:24 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2015-03-08 20:58 - 2010-01-13 22:00 - 00031828 _____ () C:\WINDOWS\system32\TZLog.log

2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates

2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google

2015-02-21 11:24 - 2014-04-29 17:48 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
 

==================== Files in the root of some directories =======
 

2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe

2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe

2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe

2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini

2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 

Some content of TEMP:

====================

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\avgnt.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\Quarantine.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber

15.03.2015 07:13

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

mysteryPC

15.03.2015 09:27

Zitat:

Zitat von schrauber (Beitrag 1441418)

Noch Probleme? :)

Also Probleme hatte ich auch nicht MIT den Schrott der da drauf war/ist...:crazy:
die Kiste lief...aber den rest mache ich jetzt auch noch ;-)

In der Beschreibung vom ESET Online scanner steht das ich in die Beutzerkontensteuerung muß wie komme ich da rein? Ich finds nicht :-(

schrauber

15.03.2015 13:55

Nee muste nicht :)

mysteryPC

15.03.2015 20:02

Code:

ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=b85c174b64fe3f4a851a1a797e128de2

# engine=22917

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-03-15 05:51:19

# local_time=2015-03-15 06:51:19 (+0100, Westeuropäische Normalzeit)

# country="Germany"

# lang=1031

# osver=5.1.2600 NT Service Pack 3

# scanned=66755

# found=31

# cleaned=0

# scan_time=4571

sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Programme\Conduit\Community Alerts\Alert.dll.vir"

sh=743CF6F7C346A3CF7BB0B81442DC14A7F3DA352D ft=1 fh=67b200ae242c58b1 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Programme\Conduit\Community Alerts\Alert0.dll.vir"

sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Programme\Conduit\Community Alerts\Alert1.dll.vir"

sh=CE0344C39AEFD74197F3851124D956BEE9DAB99A ft=1 fh=ddba425ab13eab4f vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe"

sh=3EFCE8E60D9AEA8666F5A04990DB0451DBB8CCA1 ft=1 fh=9fcd97622c9e2cff vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437011.exe"

sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437013.dll"

sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437014.dll"

sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437015.dll"

sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437016.dll"

sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437017.dll"

sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437018.dll"

sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437019.dll"

sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437020.dll"

sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437021.dll"

sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437022.dll"

sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437024.dll"

sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437025.dll"

sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437026.dll"

sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437027.dll"

sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437028.dll"

sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437029.dll"

sh=31819C285AD68587D8DABEC74FD7F447FF439CA5 ft=1 fh=20c4afc2b350ab06 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437030.dll"

sh=49F05B2770D4CAE7550D8268FDCF50E3BAEBB7CC ft=1 fh=f6f4f0e4f3b1176c vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437031.dll"

sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437032.exe"

sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437033.exe"

sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437034.dll"

sh=42C28E041EA5F8B06D4857E8E6FCA75ABD4BCF2F ft=1 fh=b55fe72874790c5f vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437035.dll"

sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437036.dll"

sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438707.dll"

sh=743CF6F7C346A3CF7BB0B81442DC14A7F3DA352D ft=1 fh=67b200ae242c58b1 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438708.dll"

sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438709.dll"

Code:

 Results of screen317's Security Check version 0.99.97  

 Windows XP Service Pack 3 x86   

 Internet Explorer 8  
 ``````````````Antivirus/Firewall Check:`````````````` 

Warten Sie, w„hrend WMIC installiert wird.d 

i 

s 

p 

l 

a 

y 

N 

a 

m 

e 

ECHO ist ausgeschaltet (OFF).

A 

v 

i 

r 

a 

ECHO ist ausgeschaltet (OFF).

D 

e 

s 

k 

t 

o 

p 

ECHO ist ausgeschaltet (OFF).

 Antivirus up to date!  
 `````````Anti-malware/Other Utilities Check:````````` 

  Java 64-bit 8 Update 31  

 Adobe Flash Player         16.0.0.305  

 Adobe Reader 9 Adobe Reader out of Date! 

 Mozilla Firefox (36.0.1) 

 Google Chrome 32.0.1700.102  Google Chrome out of date!  
 ````````Process Check: objlist.exe by Laurent````````  

 Avira Antivir avgnt.exe 

 Avira Antivir avguard.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C::  
 ````````````````````End of Log``````````````````````

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015

Ran by Slim at 2015-03-15 19:19:46

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)

Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden

Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version:  - )

ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )

ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )

ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )

ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)

ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden

ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)

CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)

Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)

Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)

Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)

hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version:  - )

hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version:  - )

InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)

InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Media & Office Keyboard (HKLM\...\OfficeKB) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)

Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version:  - Nero AG)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)

NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

Opera Stable 27.0.1689.76 (HKLM\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)

QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)

Skins (Version: 2009.0225.1546.28221 - ATI) Hidden

SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)

Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)

upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)

Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden

VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )

Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)

WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).
 

==================== Restore Points  =========================
 

09-03-2015 06:58:11 Wiederherstellungsvorgang

09-03-2015 14:06:59 Revo Uninstaller's restore point - softonic-de3 Toolbar

11-03-2015 08:37:17 Systemprüfpunkt

12-03-2015 16:03:04 vor combifox

13-03-2015 09:35:16 Software Distribution Service 3.0

15-03-2015 10:03:19 Systemprüfpunkt
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-02-28 13:00 - 2015-03-12 16:23 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2009-02-27 16:41 - 2009-02-27 16:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU

2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe

2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)

ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)

Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)

Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)

Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim

SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)

UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/15/2015 11:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 03:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 03:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 03:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 09:34:40 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/11/2015 09:25:18 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/10/2015 06:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x0014cb6f.

Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.
 

Error: (03/09/2015 03:10:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung mbar.exe, Version 1.9.1.1004, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/09/2015 01:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/09/2015 01:52:11 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
 

System errors:

=============

Error: (03/15/2015 05:11:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/14/2015 04:51:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/14/2015 06:34:24 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/13/2015 03:04:00 PM) (Source: 0) (EventID: 1) (User: )

Description: 0xC0000001HarddiskVolume1
 

Error: (03/13/2015 02:24:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/13/2015 07:52:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/12/2015 04:04:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Freemake Improver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (03/12/2015 03:38:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/12/2015 02:41:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/12/2015 06:46:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 
 

Microsoft Office Sessions:

=========================

Error: (03/15/2015 11:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 03:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 03:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 03:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 09:34:40 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/11/2015 09:25:18 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/10/2015 06:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.191540014cb6f
 

Error: (03/09/2015 03:10:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: mbar.exe1.9.1.1004hungapp0.0.0.000000000
 

Error: (03/09/2015 01:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/09/2015 01:52:11 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+

Percentage of memory in use: 47%

Total physical RAM: 1535.29 MB

Available physical RAM: 800.27 MB

Total Pagefile: 3431.74 MB

Available Pagefile: 2718.92 MB

Total Virtual: 2047.88 MB

Available Virtual: 1929.09 MB
 

==================== Drives ================================
 

Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:19.7 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:14.68 GB) NTFS

Drive g: (Spaceloop) (Removable) (Total:7.46 GB) (Free:7.46 GB) FAT32

Drive h: (Datensicher) (Fixed) (Total:111.79 GB) (Free:86.75 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)

Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 294D1914)

Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015

Ran by Slim (administrator) on SLIM-36FB768E46 on 15-03-2015 19:19:06

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

(Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE

(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe

(RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe

() C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

(Freemake) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

() C:\Programme\CDBurnerXP\NMSAccessU.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(RealNetworks, Inc.) C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP)

HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation)

HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)

HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.)

HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] ()

HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-05] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk

ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12]

FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06]

FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06]
 

Chrome: 

=======

CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11]

CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]

R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)

R2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]

R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]

S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google)

R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-03-13] (Mozilla Foundation)

R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()

R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)

R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)

R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed]

R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]

R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-21] (Malwarebytes Corporation)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)

R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation)

R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)

S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)

S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)

S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)

S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]

S3 catchme; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\catchme.sys [X]

S4 IntelIde; No ImagePath

U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-15 19:19 - 2015-03-15 19:19 - 00020339 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\FRST.txt

2015-03-15 19:16 - 2015-03-15 19:16 - 00852604 _____ () C:\SecurityCheck.exe

2015-03-15 09:18 - 2015-03-15 09:18 - 00000000 ____D () C:\Programme\ESET

2015-03-14 17:40 - 2015-03-14 17:40 - 00039466 _____ () C:\Addition.txt

2015-03-14 17:39 - 2015-03-14 17:40 - 00035743 _____ () C:\FRST.txt

2015-03-14 17:39 - 2015-03-14 17:39 - 01135104 _____ (Farbar) C:\Dokumente und Einstellungen\Slim\Desktop\FRST.exe

2015-03-14 17:35 - 2015-03-14 17:35 - 00000727 _____ () C:\JRT.txt

2015-03-14 17:31 - 2015-03-14 17:31 - 01388333 _____ (Thisisu) C:\Dokumente und Einstellungen\Slim\Desktop\JRT.exe

2015-03-13 16:00 - 2015-03-13 16:00 - 00000000 ____D () C:\Programme\Mozilla Firefox

2015-03-13 15:29 - 2015-03-14 17:21 - 00000000 ____D () C:\AdwCleaner

2015-03-13 15:01 - 2015-03-13 15:01 - 00001222 _____ () C:\mbam.txt. für schrauber.txt

2015-03-13 14:34 - 2015-03-13 14:34 - 00000756 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-13 14:34 - 2015-03-13 14:34 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware

2015-03-13 14:34 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-03-12 16:44 - 2015-03-12 16:44 - 00000422 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Verknüpfung mit ComboFix.lnk

2015-03-12 16:25 - 2015-03-15 19:19 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00022597 _____ () C:\ComboFix.txt

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp

2015-03-12 16:15 - 2015-03-12 16:15 - 00000000 _RSHD () C:\cmdcons

2015-03-12 16:15 - 2010-01-13 20:32 - 00000211 _____ () C:\Boot.bak

2015-03-12 16:15 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr

2015-03-12 16:06 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe

2015-03-12 16:06 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe

2015-03-12 16:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe

2015-03-12 16:05 - 2015-03-12 16:25 - 00000000 ____D () C:\Qoobox

2015-03-12 16:05 - 2015-03-12 16:05 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Verwaltung

2015-03-12 16:04 - 2015-03-12 16:24 - 00000000 ____D () C:\WINDOWS\erdnt

2015-03-12 16:04 - 2015-03-12 16:03 - 05613296 ____R (Swearware) C:\ComboFix.exe

2015-03-11 19:08 - 2015-03-11 19:08 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-03-11 07:39 - 2015-03-11 07:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Slim\Desktop\tdsskiller.exe

2015-03-09 14:24 - 2015-03-13 14:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

2015-03-09 14:23 - 2015-03-13 14:35 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-03-09 14:23 - 2015-03-13 08:48 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)

2015-03-09 14:20 - 2015-03-10 11:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Desktop\mbar

2015-03-09 14:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-03-09 13:57 - 2015-03-09 13:57 - 00000896 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Revo Uninstaller.lnk

2015-03-09 13:57 - 2015-03-09 13:57 - 00000000 ____D () C:\Programme\VS Revo Group

2015-03-09 07:59 - 2015-03-09 07:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Ulead VideoStudio

2015-03-09 07:24 - 2015-03-09 07:24 - 00000060 _____ () C:\WINDOWS\setupact.log

2015-03-09 07:24 - 2015-03-09 07:24 - 00000000 _____ () C:\WINDOWS\setuperr.log

2015-03-09 06:58 - 2015-03-09 06:58 - 00000000 ___DC () C:\NVIDIA

2015-03-08 21:03 - 2015-03-09 06:59 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$

2015-03-08 21:01 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$

2015-03-08 20:58 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB941569$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$

2015-03-08 20:00 - 2015-03-15 19:19 - 00000000 ____D () C:\FRST

2015-03-08 16:59 - 2015-03-09 07:05 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$

2015-03-08 16:52 - 2015-03-09 07:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$

2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$

2015-03-08 16:47 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$

2015-03-08 16:46 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$

2015-03-08 16:41 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$

2015-03-08 16:40 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$

2015-03-08 16:14 - 2015-03-09 07:13 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$

2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\IETldCache
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-15 19:15 - 2013-10-08 13:38 - 00009362 _____ () C:\WINDOWS\system32\nvAppTimestamps

2015-03-15 19:11 - 2010-01-13 20:38 - 01795790 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-15 19:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-15 19:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-15 18:03 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-15 17:11 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-15 17:11 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-15 17:11 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-15 17:11 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl

2015-03-15 17:09 - 2010-01-13 20:31 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2015-03-15 17:09 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2015-03-15 17:08 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-15 17:08 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-15 13:28 - 2014-06-06 11:00 - 00196608 _____ () C:\WINDOWS\system32\config\CaptureL.evt

2015-03-15 13:28 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini

2015-03-15 13:28 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim

2015-03-15 13:28 - 2010-01-13 20:44 - 00032576 _____ () C:\WINDOWS\SchedLgU.Txt

2015-03-15 09:18 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme

2015-03-14 06:31 - 2014-03-13 15:56 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service

2015-03-13 15:53 - 2010-02-04 14:35 - 00082800 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\GDIPFONTCACHEV1.DAT

2015-03-13 15:52 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk

2015-03-13 15:03 - 2011-03-21 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443685$

2015-03-12 19:31 - 2010-01-15 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\vlc

2015-03-12 19:19 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn

2015-03-12 16:23 - 2006-02-28 13:00 - 00000227 _____ () C:\WINDOWS\system.ini

2015-03-12 16:15 - 2010-01-13 21:27 - 00000327 __RSH () C:\boot.ini

2015-03-12 16:05 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme

2015-03-10 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-10 07:52 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client

2015-03-09 14:07 - 2012-11-03 09:27 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit

2015-03-09 12:23 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2015-03-09 12:13 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration

2015-03-09 07:17 - 2010-01-13 20:28 - 00294864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-09 07:16 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService

2015-03-09 07:16 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService

2015-03-09 07:13 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$

2015-03-09 07:10 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer

2015-03-09 07:03 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon

2015-03-09 07:02 - 2013-01-19 19:52 - 00000000 ____D () C:\Programme\Opera

2015-03-09 07:02 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon

2015-03-09 06:58 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt

2015-03-09 06:24 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2015-03-08 20:58 - 2010-01-13 22:00 - 00031828 _____ () C:\WINDOWS\system32\TZLog.log

2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates

2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google

2015-02-21 11:24 - 2014-04-29 17:48 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
 

==================== Files in the root of some directories =======
 

2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe

2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe

2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe

2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini

2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 

Some content of TEMP:

====================

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\avgnt.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\Quarantine.exe

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Habe beim scan gesehen das da Dinge durchlaugfen an die mein PC gar nicht mehr angeschlossen ist seit jahren :D

Heeee ich seh grad: Google Chrom ist noch drauf...den hatte ich gelöscht und taucht in der Systemsteuerung Software auch nicht auf...wobei sich der Opera gar nicht löschen läßt aber das nur nebenbei ;-)

boah wie blöd...kann alles nochmal machen habe vergessen den Virenscanner etc. auszuschalten...:headbang: also ab eset online scanner alles nochmal...

schrauber

16.03.2015 11:30

Java udpaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437011.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437013.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437014.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437015.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437016.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437017.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437018.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437019.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437020.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437021.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437022.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437024.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437025.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437026.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437027.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437028.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437029.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437030.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437031.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437032.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437033.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437034.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437035.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437036.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438707.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438708.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438709.dll

HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Bestehen noch probleme mit dem System?

mysteryPC

16.03.2015 13:17

Ups Schrauber jetzt warst Du schneller...

soll ich jetzt einfach mit Deiner letzte Anweisung fortfahren (Java updaten etc. ...)?

Oder soll ich erst den Eset online Scanner nochmal ohne aktiven Antivirenschutz durchlaufen lassen etc.???

Bin grad verwirrt :crazy:

schrauber

16.03.2015 18:40

passt schon, einfach obiges von mir machen :)

mysteryPC

18.03.2015 08:49

Hallo Schrauber, habe mich an Deine Anweisung gehalten, aber ich weiß nicht ob alles richtig gelaufen ist...

anbei das was ich habe...

öhäm: wo/wie update ich Java

und: Bitte erklär mir was wir in dem letzten Schritt gemacht haben? Wofür war das gut?

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015

Ran by Slim at 2015-03-18 08:37:58 Run:1

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)

Boot Mode: Normal
 

==============================================
 

Content of fixlist:

*****************

:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437011.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437013.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437014.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437015.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437016.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437017.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437018.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437019.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437020.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437021.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437022.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437024.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437025.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437026.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437027.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437028.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437029.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437030.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437031.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437032.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437033.exe
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437034.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437035.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437036.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438707.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438708.dll
 

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438709.dll

HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f

U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath

U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

Emptytemp:
 

*****************
 

:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe => Error: No automatic fix found for this entry.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437011.exe => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437013.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437014.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437015.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437016.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437017.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437018.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437019.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437020.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437021.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437022.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437024.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437025.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437026.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437027.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437028.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437029.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437030.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437031.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437032.exe => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437033.exe => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437034.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437035.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437036.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438707.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438708.dll => Moved successfully.

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438709.dll => Moved successfully.

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteEngineAfterUpdate => value deleted successfully.

Winsock - Google Desktop Search Backup Before First Install => Service deleted successfully.

Winsock - Google Desktop Search Backup Before Last Install => Service deleted successfully.

EmptyTemp: => Removed 954.6 MB temporary data.
 
 

The system needed a reboot. 
 

==== End of Fixlog 08:38:59 ====

schrauber

18.03.2015 17:15

Java deinstallieren, dann die aktuelle Version installieren. Welchen letzten Schritt meinst Du genau?

mysteryPC

19.03.2015 07:00

Ich meinte den Schritt mit dem Text ins Fenster kopieren...was hab ich da gemacht? Wozu war das gut?

Java deinstallieren und neu drauf würde ich ja machen finde ich aber nicht in der Software unter Systemsteuerung deswegen frag ich...

schrauber

19.03.2015 13:04

Wir haben die Funde von ESET und paar Reste gefixt. Frisches FRST log bitte. Das mit Java kannste ignorieren :)

mysteryPC

19.03.2015 18:04

heee, bin grad gar nicht auf diese Seite gekommen, bekamm nur komische Zahlencodes etc. ...dann ist Avira angesprungen und meldete das sich ein Virus versucht hat. lasse jetzt Avira durchlaufen und dann nochmal Maylware Antimalewarebytes danach frisches FRST log, okay?!

Code:



Avira Free Antivirus

Erstellungsdatum der Reportdatei: Donnerstag, 19. März 2015  15:42
 
 

Das Programm läuft als uneingeschränkte Vollversion.

Online-Dienste stehen zur Verfügung.
 

Lizenznehmer   : Avira Antivirus Free

Seriennummer   : 0000149996-AVHOE-0000001

Plattform      : Microsoft Windows XP

Windowsversion : (Service Pack 3)  [5.1.2600]

Boot Modus     : Normal gebootet

Benutzername   : SYSTEM

Computername   : SLIM-36FB768E46
 

Versionsinformationen:

BUILD.DAT      : 15.0.8.656     91858 Bytes  17.03.2015 13:02:00

AVSCAN.EXE     : 15.0.8.652   1014064 Bytes  19.03.2015 14:17:17

AVSCANRC.DLL   : 15.0.8.652     63792 Bytes  19.03.2015 14:17:17

LUKE.DLL       : 15.0.8.652     60664 Bytes  19.03.2015 14:17:46

AVSCPLR.DLL    : 15.0.8.652     93488 Bytes  19.03.2015 14:17:17

REPAIR.DLL     : 15.0.8.652    365360 Bytes  19.03.2015 14:17:14

REPAIR.RDF     : 1.0.6.48      806858 Bytes  19.03.2015 14:17:59

AVREG.DLL      : 15.0.8.652    265464 Bytes  19.03.2015 14:17:13

AVLODE.DLL     : 15.0.8.656    645368 Bytes  19.03.2015 14:17:12

AVLODE.RDF     : 14.0.4.54      78895 Bytes  21.12.2014 14:55:10

XBV00017.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00018.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00019.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 09:23:34

XBV00174.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:19

XBV00175.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:19

XBV00176.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:19

XBV00177.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:19

XBV00178.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00179.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00180.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00181.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00182.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00183.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00184.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00185.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00186.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00187.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00188.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:20

XBV00189.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00190.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00191.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00192.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00193.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00194.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00195.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00196.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00197.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00198.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00199.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00200.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00201.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00202.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:21

XBV00203.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00204.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00205.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00206.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00207.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00208.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00209.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:22

XBV00210.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00211.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00212.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00213.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00214.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00215.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00216.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00217.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00218.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00219.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00220.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00221.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00222.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00223.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00224.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00225.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:23

XBV00226.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00227.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00228.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00229.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00230.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00231.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00232.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00233.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00234.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00235.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00236.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00237.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00238.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00239.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00240.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00241.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00242.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00243.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00244.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00245.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00246.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00247.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:24

XBV00248.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00249.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00250.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00251.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00252.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00253.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00254.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00255.VDF   : 8.11.213.176     2048 Bytes  05.03.2015 13:43:25

XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 09:23:34

XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 09:23:34

XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 09:23:34

XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 09:23:34

XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 09:23:34

XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 09:23:34

XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 09:23:34

XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 09:23:34

XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 09:23:34

XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 09:23:34

XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 09:23:34

XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 09:23:34

XBV00012.VDF   : 8.11.190.32  1876992 Bytes  03.12.2014 14:55:18

XBV00013.VDF   : 8.11.201.28  2973696 Bytes  14.01.2015 05:39:37

XBV00014.VDF   : 8.11.206.252  2695680 Bytes  04.02.2015 19:04:59

XBV00015.VDF   : 8.11.213.84  3175936 Bytes  03.03.2015 06:35:03

XBV00016.VDF   : 8.11.213.176   212480 Bytes  05.03.2015 13:43:05

XBV00042.VDF   : 8.11.213.202     3584 Bytes  05.03.2015 13:43:05

XBV00043.VDF   : 8.11.213.204     2048 Bytes  05.03.2015 13:43:06

XBV00044.VDF   : 8.11.213.230    40960 Bytes  05.03.2015 05:44:49

XBV00045.VDF   : 8.11.214.2     29184 Bytes  05.03.2015 05:44:49

XBV00046.VDF   : 8.11.214.28    25088 Bytes  05.03.2015 05:44:49

XBV00047.VDF   : 8.11.214.30    14848 Bytes  05.03.2015 05:44:49

XBV00048.VDF   : 8.11.214.32     3072 Bytes  05.03.2015 05:44:50

XBV00049.VDF   : 8.11.214.34     2048 Bytes  06.03.2015 05:44:50

XBV00050.VDF   : 8.11.214.38    39424 Bytes  06.03.2015 11:45:06

XBV00051.VDF   : 8.11.214.40     6656 Bytes  06.03.2015 11:45:06

XBV00052.VDF   : 8.11.214.42     4608 Bytes  06.03.2015 11:45:06

XBV00053.VDF   : 8.11.214.44     5120 Bytes  06.03.2015 11:45:06

XBV00054.VDF   : 8.11.214.46    23552 Bytes  06.03.2015 11:45:06

XBV00055.VDF   : 8.11.214.48     3072 Bytes  06.03.2015 05:17:40

XBV00056.VDF   : 8.11.214.50    25600 Bytes  06.03.2015 05:17:40

XBV00057.VDF   : 8.11.214.72     2048 Bytes  06.03.2015 05:17:40

XBV00058.VDF   : 8.11.214.92    48128 Bytes  06.03.2015 05:17:41

XBV00059.VDF   : 8.11.214.112    12800 Bytes  06.03.2015 05:17:41

XBV00060.VDF   : 8.11.214.114     2560 Bytes  06.03.2015 05:17:41

XBV00061.VDF   : 8.11.214.136    32256 Bytes  06.03.2015 05:17:41

XBV00062.VDF   : 8.11.214.138     2048 Bytes  06.03.2015 05:17:41

XBV00063.VDF   : 8.11.214.140     2048 Bytes  07.03.2015 05:17:41

XBV00064.VDF   : 8.11.214.144    34304 Bytes  07.03.2015 06:52:26

XBV00065.VDF   : 8.11.214.146     2048 Bytes  07.03.2015 06:52:26

XBV00066.VDF   : 8.11.214.168    33792 Bytes  07.03.2015 06:52:26

XBV00067.VDF   : 8.11.214.188    71168 Bytes  08.03.2015 12:52:25

XBV00068.VDF   : 8.11.214.190     2048 Bytes  08.03.2015 12:52:25

XBV00069.VDF   : 8.11.214.192     2048 Bytes  08.03.2015 12:52:25

XBV00070.VDF   : 8.11.214.212     2048 Bytes  08.03.2015 12:52:25

XBV00071.VDF   : 8.11.214.232    28672 Bytes  08.03.2015 18:59:47

XBV00072.VDF   : 8.11.214.252    69120 Bytes  09.03.2015 11:11:30

XBV00073.VDF   : 8.11.215.14     3584 Bytes  09.03.2015 11:11:30

XBV00074.VDF   : 8.11.215.32     7168 Bytes  09.03.2015 11:11:30

XBV00075.VDF   : 8.11.215.50    12800 Bytes  09.03.2015 05:42:31

XBV00076.VDF   : 8.11.215.52     5120 Bytes  09.03.2015 05:42:31

XBV00077.VDF   : 8.11.215.70    17920 Bytes  09.03.2015 05:42:31

XBV00078.VDF   : 8.11.215.90     2048 Bytes  09.03.2015 05:42:31

XBV00079.VDF   : 8.11.215.110     2048 Bytes  09.03.2015 05:42:32

XBV00080.VDF   : 8.11.215.132    29696 Bytes  09.03.2015 05:42:32

XBV00081.VDF   : 8.11.215.134    11264 Bytes  09.03.2015 05:42:32

XBV00082.VDF   : 8.11.215.136    11264 Bytes  09.03.2015 05:42:32

XBV00083.VDF   : 8.11.215.138    12288 Bytes  10.03.2015 13:44:36

XBV00084.VDF   : 8.11.215.140    35840 Bytes  10.03.2015 13:44:36

XBV00085.VDF   : 8.11.215.158     6144 Bytes  10.03.2015 13:44:36

XBV00086.VDF   : 8.11.215.174     5632 Bytes  10.03.2015 13:44:36

XBV00087.VDF   : 8.11.215.190     8704 Bytes  10.03.2015 13:44:36

XBV00088.VDF   : 8.11.215.206    19968 Bytes  10.03.2015 13:44:37

XBV00089.VDF   : 8.11.215.222    12800 Bytes  10.03.2015 13:44:37

XBV00090.VDF   : 8.11.215.226     2048 Bytes  10.03.2015 13:44:37

XBV00091.VDF   : 8.11.215.230    14336 Bytes  10.03.2015 06:04:15

XBV00092.VDF   : 8.11.215.234    26112 Bytes  10.03.2015 06:04:15

XBV00093.VDF   : 8.11.215.236    11776 Bytes  10.03.2015 06:04:15

XBV00094.VDF   : 8.11.215.240    22016 Bytes  11.03.2015 18:04:59

XBV00095.VDF   : 8.11.215.242     2048 Bytes  11.03.2015 18:04:59

XBV00096.VDF   : 8.11.215.244     2048 Bytes  11.03.2015 18:04:59

XBV00097.VDF   : 8.11.216.4      7680 Bytes  11.03.2015 18:04:59

XBV00098.VDF   : 8.11.216.20    12800 Bytes  11.03.2015 18:04:59

XBV00099.VDF   : 8.11.216.36    19968 Bytes  11.03.2015 18:04:59

XBV00100.VDF   : 8.11.216.52     2560 Bytes  11.03.2015 18:04:59

XBV00101.VDF   : 8.11.216.54    22016 Bytes  11.03.2015 18:05:00

XBV00102.VDF   : 8.11.216.56     8192 Bytes  11.03.2015 05:52:17

XBV00103.VDF   : 8.11.216.58     4608 Bytes  11.03.2015 05:52:17

XBV00104.VDF   : 8.11.216.60    16896 Bytes  11.03.2015 05:52:17

XBV00105.VDF   : 8.11.216.76    14336 Bytes  11.03.2015 05:52:17

XBV00106.VDF   : 8.11.216.90    30208 Bytes  11.03.2015 05:52:17

XBV00107.VDF   : 8.11.216.104     5632 Bytes  12.03.2015 05:52:17

XBV00108.VDF   : 8.11.216.118     6656 Bytes  12.03.2015 13:46:56

XBV00109.VDF   : 8.11.216.120    24576 Bytes  12.03.2015 13:46:57

XBV00110.VDF   : 8.11.216.122    16896 Bytes  12.03.2015 06:57:31

XBV00111.VDF   : 8.11.216.124     2048 Bytes  12.03.2015 06:57:31

XBV00112.VDF   : 8.11.216.138    16896 Bytes  12.03.2015 06:57:31

XBV00113.VDF   : 8.11.216.140     2048 Bytes  12.03.2015 06:57:31

XBV00114.VDF   : 8.11.216.154     3584 Bytes  12.03.2015 06:57:31

XBV00115.VDF   : 8.11.216.168     2048 Bytes  12.03.2015 06:57:31

XBV00116.VDF   : 8.11.216.182    70144 Bytes  12.03.2015 06:57:31

XBV00117.VDF   : 8.11.216.196     2048 Bytes  13.03.2015 06:57:31

XBV00118.VDF   : 8.11.216.200    46080 Bytes  13.03.2015 06:57:32

XBV00119.VDF   : 8.11.216.214    11776 Bytes  13.03.2015 13:29:17

XBV00120.VDF   : 8.11.216.228     4096 Bytes  13.03.2015 13:29:17

XBV00121.VDF   : 8.11.216.242     2560 Bytes  13.03.2015 13:29:17

XBV00122.VDF   : 8.11.216.254     2560 Bytes  13.03.2015 13:29:17

XBV00123.VDF   : 8.11.217.10     7680 Bytes  13.03.2015 05:40:08

XBV00124.VDF   : 8.11.217.14     2048 Bytes  13.03.2015 05:40:08

XBV00125.VDF   : 8.11.217.16    24576 Bytes  13.03.2015 05:40:08

XBV00126.VDF   : 8.11.217.22    17408 Bytes  13.03.2015 05:40:08

XBV00127.VDF   : 8.11.217.24     2048 Bytes  13.03.2015 05:40:08

XBV00128.VDF   : 8.11.217.26     2048 Bytes  13.03.2015 05:40:09

XBV00129.VDF   : 8.11.217.28    15872 Bytes  13.03.2015 05:40:09

XBV00130.VDF   : 8.11.217.42    84480 Bytes  14.03.2015 15:56:23

XBV00131.VDF   : 8.11.217.54     2048 Bytes  14.03.2015 15:56:23

XBV00132.VDF   : 8.11.217.66     2048 Bytes  14.03.2015 15:56:23

XBV00133.VDF   : 8.11.217.78    19456 Bytes  14.03.2015 15:56:23

XBV00134.VDF   : 8.11.217.90    71680 Bytes  15.03.2015 16:16:28

XBV00135.VDF   : 8.11.217.102     2048 Bytes  15.03.2015 16:16:28

XBV00136.VDF   : 8.11.217.124     6656 Bytes  15.03.2015 16:16:28

XBV00137.VDF   : 8.11.217.136    76800 Bytes  16.03.2015 11:29:46

XBV00138.VDF   : 8.11.217.146     3584 Bytes  16.03.2015 11:29:46

XBV00139.VDF   : 8.11.217.156     3584 Bytes  16.03.2015 11:29:46

XBV00140.VDF   : 8.11.217.166     4096 Bytes  16.03.2015 11:29:46

XBV00141.VDF   : 8.11.217.176    12288 Bytes  16.03.2015 11:29:46

XBV00142.VDF   : 8.11.217.186    13312 Bytes  16.03.2015 05:53:32

XBV00143.VDF   : 8.11.217.188    24064 Bytes  16.03.2015 05:53:33

XBV00144.VDF   : 8.11.217.194     7680 Bytes  16.03.2015 05:53:33

XBV00145.VDF   : 8.11.217.198    31232 Bytes  16.03.2015 05:53:33

XBV00146.VDF   : 8.11.217.208    13824 Bytes  16.03.2015 05:53:33

XBV00147.VDF   : 8.11.217.216     7680 Bytes  16.03.2015 05:53:33

XBV00148.VDF   : 8.11.217.224     2048 Bytes  17.03.2015 05:53:33

XBV00149.VDF   : 8.11.217.232    23552 Bytes  17.03.2015 05:53:33

XBV00150.VDF   : 8.11.217.240     7168 Bytes  17.03.2015 06:24:19

XBV00151.VDF   : 8.11.217.242     9216 Bytes  17.03.2015 06:24:19

XBV00152.VDF   : 8.11.217.244    13824 Bytes  17.03.2015 06:24:19

XBV00153.VDF   : 8.11.217.252     4608 Bytes  17.03.2015 06:24:19

XBV00154.VDF   : 8.11.218.4     10240 Bytes  17.03.2015 06:24:19

XBV00155.VDF   : 8.11.218.6     12800 Bytes  17.03.2015 06:24:19

XBV00156.VDF   : 8.11.218.16    14848 Bytes  17.03.2015 06:24:19

XBV00157.VDF   : 8.11.218.20     2048 Bytes  17.03.2015 06:24:19

XBV00158.VDF   : 8.11.218.28     4096 Bytes  17.03.2015 06:24:19

XBV00159.VDF   : 8.11.218.30    25600 Bytes  17.03.2015 06:24:19

XBV00160.VDF   : 8.11.218.32     2048 Bytes  17.03.2015 06:24:19

XBV00161.VDF   : 8.11.218.34    18432 Bytes  17.03.2015 06:24:20

XBV00162.VDF   : 8.11.218.38    26112 Bytes  18.03.2015 06:24:20

XBV00163.VDF   : 8.11.218.46     4096 Bytes  18.03.2015 05:50:15

XBV00164.VDF   : 8.11.218.52     3584 Bytes  18.03.2015 05:50:15

XBV00165.VDF   : 8.11.218.66     5120 Bytes  18.03.2015 05:50:15

XBV00166.VDF   : 8.11.218.78    24576 Bytes  18.03.2015 05:50:15

XBV00167.VDF   : 8.11.218.88    15360 Bytes  18.03.2015 05:50:15

XBV00168.VDF   : 8.11.218.98    17408 Bytes  18.03.2015 05:50:16

XBV00169.VDF   : 8.11.218.100    10240 Bytes  18.03.2015 05:50:16

XBV00170.VDF   : 8.11.218.102     7680 Bytes  18.03.2015 05:50:16

XBV00171.VDF   : 8.11.218.106    39936 Bytes  19.03.2015 14:17:53

XBV00172.VDF   : 8.11.218.116    37888 Bytes  19.03.2015 14:17:53

XBV00173.VDF   : 8.11.218.126    14336 Bytes  19.03.2015 14:17:53

LOCAL001.VDF   : 8.11.218.126 124887552 Bytes  19.03.2015 14:18:34

Engineversion  : 8.3.30.4  

AEVDF.DLL      : 8.3.1.6       133992 Bytes  20.08.2014 13:15:26

AESCRIPT.DLL   : 8.2.2.58      560248 Bytes  18.03.2015 06:24:19

AESCN.DLL      : 8.3.2.2       139456 Bytes  25.07.2014 05:14:55

AESBX.DLL      : 8.2.20.34    1615784 Bytes  05.03.2015 05:39:13

AERDL.DLL      : 8.2.1.20      731040 Bytes  12.02.2015 06:30:12

AEPACK.DLL     : 8.4.0.62      793456 Bytes  21.02.2015 16:26:41

AEOFFICE.DLL   : 8.3.1.14      354216 Bytes  10.03.2015 13:44:33

AEMOBILE.DLL   : 8.1.7.0       281456 Bytes  10.03.2015 13:44:36

AEHEUR.DLL     : 8.1.4.1606   8256368 Bytes  19.03.2015 14:17:04

AEHELP.DLL     : 8.3.2.0       281456 Bytes  19.03.2015 14:16:50

AEGEN.DLL      : 8.1.7.40      456608 Bytes  21.12.2014 14:54:50

AEEXP.DLL      : 8.4.2.70      255904 Bytes  06.02.2015 12:26:16

AEEMU.DLL      : 8.1.3.4       399264 Bytes  08.08.2014 06:14:10

AEDROID.DLL    : 8.4.3.116    1050536 Bytes  10.03.2015 13:44:35

AECORE.DLL     : 8.3.4.0       243624 Bytes  21.12.2014 14:54:49

AEBB.DLL       : 8.1.2.0        60448 Bytes  08.08.2014 06:14:08

AVWINLL.DLL    : 15.0.8.652     25904 Bytes  19.03.2015 14:16:49

AVPREF.DLL     : 15.0.8.652     53248 Bytes  19.03.2015 14:17:13

AVREP.DLL      : 15.0.8.652    221432 Bytes  19.03.2015 14:17:14

AVARKT.DLL     : 15.0.8.652    228088 Bytes  19.03.2015 14:17:04

AVEVTLOG.DLL   : 15.0.8.652    183600 Bytes  19.03.2015 14:17:09

SQLITE3.DLL    : 15.0.8.652    456440 Bytes  19.03.2015 14:17:53

AVSMTP.DLL     : 15.0.8.652     79360 Bytes  19.03.2015 14:17:18

NETNT.DLL      : 15.0.8.652     17352 Bytes  19.03.2015 14:17:47

RCIMAGE.DLL    : 15.0.8.652   4864816 Bytes  19.03.2015 14:16:49

RCTEXT.DLL     : 15.0.8.652     75056 Bytes  19.03.2015 14:16:49
 

Konfiguration für den aktuellen Suchlauf:

Job Name..............................: Vollständige Systemprüfung

Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp

Protokollierung.......................: standard

Primäre Aktion........................: Interaktiv

Sekundäre Aktion......................: Ignorieren

Durchsuche Masterbootsektoren.........: ein

Durchsuche Bootsektoren...............: ein

Bootsektoren..........................: C:, D:, 

Durchsuche aktive Programme...........: ein

Laufende Programme erweitert..........: ein

Durchsuche Registrierung..............: ein

Suche nach Rootkits...................: ein

Integritätsprüfung von Systemdateien..: aus

Prüfe alle Dateien....................: Alle Dateien

Durchsuche Archive....................: ein

Rekursionstiefe einschränken..........: 20

Archiv Smart Extensions...............: ein

Makrovirenheuristik...................: ein

Dateiheuristik........................: erweitert
 

Beginn des Suchlaufs: Donnerstag, 19. März 2015  15:42
 

Der Suchlauf über die Bootsektoren wird begonnen:

Bootsektor 'HDD0(C:, D:)'

    [INFO]      Es wurde kein Virus gefunden!
 

Der Suchlauf nach versteckten Objekten wird begonnen.
 

Der Suchlauf über gestartete Prozesse wird begonnen:

Durchsuche Prozess 'rsmsink.exe' - '29' Modul(e) wurden durchsucht

Durchsuche Prozess 'avscan.exe' - '93' Modul(e) wurden durchsucht

Durchsuche Prozess 'avcenter.exe' - '88' Modul(e) wurden durchsucht

Durchsuche Prozess 'wuauclt.exe' - '36' Modul(e) wurden durchsucht

Durchsuche Prozess 'msdtc.exe' - '40' Modul(e) wurden durchsucht

Durchsuche Prozess 'dllhost.exe' - '60' Modul(e) wurden durchsucht

Durchsuche Prozess 'dllhost.exe' - '45' Modul(e) wurden durchsucht

Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht

Durchsuche Prozess 'wuauclt.exe' - '42' Modul(e) wurden durchsucht

Durchsuche Prozess 'avgnt.exe' - '90' Modul(e) wurden durchsucht

Durchsuche Prozess 'avshadow.exe' - '26' Modul(e) wurden durchsucht

Durchsuche Prozess 'avguard.exe' - '117' Modul(e) wurden durchsucht

Durchsuche Prozess 'sched.exe' - '46' Modul(e) wurden durchsucht

Durchsuche Prozess 'WPFFontCache_v0400.exe' - '15' Modul(e) wurden durchsucht

Durchsuche Prozess 'alg.exe' - '33' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht

Durchsuche Prozess 'wdfmgr.exe' - '15' Modul(e) wurden durchsucht

Durchsuche Prozess 'ULCDRSvr.exe' - '6' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht

Durchsuche Prozess 'rndlresolversvc.exe' - '17' Modul(e) wurden durchsucht

Durchsuche Prozess 'daemonu.exe' - '40' Modul(e) wurden durchsucht

Durchsuche Prozess 'nvsvc32.exe' - '37' Modul(e) wurden durchsucht

Durchsuche Prozess 'NMSAccessU.exe' - '14' Modul(e) wurden durchsucht

Durchsuche Prozess 'mdm.exe' - '23' Modul(e) wurden durchsucht

Durchsuche Prozess 'CaptureLibService.exe' - '41' Modul(e) wurden durchsucht

Durchsuche Prozess 'FreemakeUtilsService.exe' - '61' Modul(e) wurden durchsucht

Durchsuche Prozess 'DevSvc.exe' - '48' Modul(e) wurden durchsucht

Durchsuche Prozess 'WinCinemaMgr.exe' - '22' Modul(e) wurden durchsucht

Durchsuche Prozess 'ctfmon.exe' - '25' Modul(e) wurden durchsucht

Durchsuche Prozess 'AmazonMP3DownloaderHelper.exe' - '32' Modul(e) wurden durchsucht

Durchsuche Prozess 'realsched.exe' - '27' Modul(e) wurden durchsucht

Durchsuche Prozess 'nvtmru.exe' - '24' Modul(e) wurden durchsucht

Durchsuche Prozess 'RunDLL32.exe' - '51' Modul(e) wurden durchsucht

Durchsuche Prozess 'KPDrv4XP.exe' - '30' Modul(e) wurden durchsucht

Durchsuche Prozess 'OfficeKB.EXE' - '42' Modul(e) wurden durchsucht

Durchsuche Prozess 'qttask.exe' - '19' Modul(e) wurden durchsucht

Durchsuche Prozess 'hpztsb05.exe' - '20' Modul(e) wurden durchsucht

Durchsuche Prozess 'RTHDCPL.EXE' - '37' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht

Durchsuche Prozess 'Explorer.EXE' - '86' Modul(e) wurden durchsucht

Durchsuche Prozess 'spoolsv.exe' - '53' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht

Durchsuche Prozess 'Ati2evxx.exe' - '26' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '171' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht

Durchsuche Prozess 'Ati2evxx.exe' - '26' Modul(e) wurden durchsucht

Durchsuche Prozess 'lsass.exe' - '58' Modul(e) wurden durchsucht

Durchsuche Prozess 'services.exe' - '27' Modul(e) wurden durchsucht

Durchsuche Prozess 'winlogon.exe' - '74' Modul(e) wurden durchsucht

Durchsuche Prozess 'csrss.exe' - '12' Modul(e) wurden durchsucht

Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
 

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:

Die Registry wurde durchsucht ( '2246' Dateien ).
 
 

Der Suchlauf über die ausgewählten Dateien wird begonnen:
 

Beginne mit der Suche in 'C:\' <Windows>

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437556.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437557.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437558.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437559.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437560.dll

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437563.dll

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

Beginne mit der Suche in 'D:\' <Daten_1>
 

Beginne mit der Desinfektion:

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437563.dll

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56fa51f9.qua' verschoben!

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437560.dll

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e6d7e5e.qua' verschoben!

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437559.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1c3224b6.qua' verschoben!

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437558.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7a056b7a.qua' verschoben!

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437557.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3f814644.qua' verschoben!

C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437556.exe

  [FUND]      Ist das Trojanische Pferd TR/Trash.Gen

  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '409a7425.qua' verschoben!
 
 

Ende des Suchlaufs: Donnerstag, 19. März 2015  17:10

Benötigte Zeit:  1:17:47 Stunde(n)
 

Der Suchlauf wurde vollständig durchgeführt.
 

   8737 Verzeichnisse wurden überprüft

 386078 Dateien wurden geprüft

      6 Viren bzw. unerwünschte Programme wurden gefunden

      0 Dateien wurden als verdächtig eingestuft

      0 Dateien wurden gelöscht

      0 Viren bzw. unerwünschte Programme wurden repariert

      6 Dateien wurden in die Quarantäne verschoben

      0 Dateien wurden umbenannt

      0 Dateien konnten nicht durchsucht werden

 386072 Dateien ohne Befall

   6316 Archive wurden durchsucht

      0 Warnungen

      6 Hinweise

 341996 Objekte wurden beim Rootkitscan durchsucht

      0 Versteckte Objekte wurden gefunden

Code:

17:56:34.0359 0x0abc  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

17:56:40.0578 0x0abc  ============================================================

17:56:40.0578 0x0abc  Current date / time: 2015/03/19 17:56:40.0578

17:56:40.0578 0x0abc  SystemInfo:

17:56:40.0578 0x0abc  

17:56:40.0578 0x0abc  OS Version: 5.1.2600 ServicePack: 3.0

17:56:40.0578 0x0abc  Product type: Workstation

17:56:40.0578 0x0abc  ComputerName: SLIM-36FB768E46

17:56:40.0578 0x0abc  UserName: Slim

17:56:40.0578 0x0abc  Windows directory: C:\WINDOWS

17:56:40.0578 0x0abc  System windows directory: C:\WINDOWS

17:56:40.0578 0x0abc  Processor architecture: Intel x86

17:56:40.0578 0x0abc  Number of processors: 2

17:56:40.0578 0x0abc  Page size: 0x1000

17:56:40.0578 0x0abc  Boot type: Normal boot

17:56:40.0578 0x0abc  ============================================================

17:56:43.0171 0x0abc  KLMD registered as C:\WINDOWS\system32\drivers\02645618.sys

17:56:43.0468 0x0abc  System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}

17:56:44.0437 0x0abc  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:56:44.0453 0x0abc  ============================================================

17:56:44.0453 0x0abc  \Device\Harddisk0\DR0:

17:56:44.0453 0x0abc  MBR partitions:

17:56:44.0453 0x0abc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927

17:56:44.0453 0x0abc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B

17:56:44.0453 0x0abc  ============================================================

17:56:44.0484 0x0abc  C: <-> \Device\Harddisk0\DR0\Partition1

17:56:44.0531 0x0abc  D: <-> \Device\Harddisk0\DR0\Partition2

17:56:44.0531 0x0abc  ============================================================

17:56:44.0531 0x0abc  Initialize success

17:56:44.0531 0x0abc  ============================================================

17:56:47.0625 0x0814  ============================================================

17:56:47.0625 0x0814  Scan started

17:56:47.0625 0x0814  Mode: Manual; 

17:56:47.0625 0x0814  ============================================================

17:56:47.0625 0x0814  KSN ping started

17:57:01.0093 0x0814  KSN ping finished: true

17:57:02.0453 0x0814  ================ Scan system memory ========================

17:57:02.0453 0x0814  System memory - ok

17:57:02.0453 0x0814  ================ Scan services =============================

17:57:02.0562 0x0814  Abiosdsk - ok

17:57:02.0562 0x0814  abp480n5 - ok

17:57:02.0609 0x0814  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:57:02.0609 0x0814  ACPI - ok

17:57:02.0687 0x0814  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

17:57:02.0687 0x0814  ACPIEC - ok

17:57:02.0781 0x0814  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:57:02.0781 0x0814  AdobeFlashPlayerUpdateSvc - ok

17:57:02.0796 0x0814  adpu160m - ok

17:57:02.0812 0x0814  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

17:57:02.0828 0x0814  aec - ok

17:57:02.0859 0x0814  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

17:57:02.0875 0x0814  AFD - ok

17:57:02.0875 0x0814  Aha154x - ok

17:57:02.0875 0x0814  aic78u2 - ok

17:57:02.0890 0x0814  aic78xx - ok

17:57:02.0921 0x0814  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

17:57:02.0921 0x0814  Alerter - ok

17:57:02.0953 0x0814  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

17:57:02.0953 0x0814  ALG - ok

17:57:02.0953 0x0814  AliIde - ok

17:57:03.0093 0x0814  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

17:57:03.0171 0x0814  Ambfilt - ok

17:57:03.0187 0x0814  amsint - ok

17:57:03.0328 0x0814  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

17:57:03.0343 0x0814  AntiVirSchedulerService - ok

17:57:03.0390 0x0814  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

17:57:03.0421 0x0814  AntiVirService - ok

17:57:03.0468 0x0814  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

17:57:03.0468 0x0814  AppMgmt - ok

17:57:03.0484 0x0814  asc - ok

17:57:03.0484 0x0814  asc3350p - ok

17:57:03.0500 0x0814  asc3550 - ok

17:57:03.0609 0x0814  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

17:57:03.0609 0x0814  aspnet_state - ok

17:57:03.0640 0x0814  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:57:03.0640 0x0814  AsyncMac - ok

17:57:03.0687 0x0814  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

17:57:03.0687 0x0814  atapi - ok

17:57:03.0687 0x0814  Atdisk - ok

17:57:03.0781 0x0814  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

17:57:03.0796 0x0814  Ati HotKey Poller - ok

17:57:03.0859 0x0814  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

17:57:03.0890 0x0814  ATI Smart - ok

17:57:04.0093 0x0814  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

17:57:04.0281 0x0814  ati2mtag - ok

17:57:04.0328 0x0814  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:57:04.0328 0x0814  Atmarpc - ok

17:57:04.0359 0x0814  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

17:57:04.0359 0x0814  AudioSrv - ok

17:57:04.0406 0x0814  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

17:57:04.0406 0x0814  audstub - ok

17:57:04.0437 0x0814  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

17:57:04.0453 0x0814  avgntflt - ok

17:57:04.0468 0x0814  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

17:57:04.0484 0x0814  avipbb - ok

17:57:04.0484 0x0814  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

17:57:04.0500 0x0814  avkmgr - ok

17:57:04.0515 0x0814  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

17:57:04.0515 0x0814  Beep - ok

17:57:04.0578 0x0814  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

17:57:04.0609 0x0814  BITS - ok

17:57:04.0640 0x0814  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

17:57:04.0640 0x0814  Browser - ok

17:57:04.0703 0x0814  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

17:57:04.0703 0x0814  Capture Device Service - ok

17:57:04.0843 0x0814  catchme - ok

17:57:04.0875 0x0814  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

17:57:04.0875 0x0814  cbidf2k - ok

17:57:04.0890 0x0814  cd20xrnt - ok

17:57:04.0906 0x0814  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

17:57:04.0906 0x0814  Cdaudio - ok

17:57:04.0921 0x0814  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

17:57:04.0921 0x0814  Cdfs - ok

17:57:04.0953 0x0814  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:57:04.0953 0x0814  Cdrom - ok

17:57:04.0968 0x0814  Changer - ok

17:57:05.0000 0x0814  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

17:57:05.0015 0x0814  CiSvc - ok

17:57:05.0031 0x0814  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

17:57:05.0031 0x0814  ClipSrv - ok

17:57:05.0078 0x0814  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:57:05.0093 0x0814  clr_optimization_v2.0.50727_32 - ok

17:57:05.0140 0x0814  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:57:05.0140 0x0814  clr_optimization_v4.0.30319_32 - ok

17:57:05.0140 0x0814  CmdIde - ok

17:57:05.0156 0x0814  COMSysApp - ok

17:57:05.0171 0x0814  Cpqarray - ok

17:57:05.0203 0x0814  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

17:57:05.0203 0x0814  CryptSvc - ok

17:57:05.0218 0x0814  dac2w2k - ok

17:57:05.0218 0x0814  dac960nt - ok

17:57:05.0281 0x0814  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

17:57:05.0312 0x0814  DcomLaunch - ok

17:57:05.0359 0x0814  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

17:57:05.0359 0x0814  Dhcp - ok

17:57:05.0406 0x0814  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

17:57:05.0406 0x0814  Disk - ok

17:57:05.0406 0x0814  dmadmin - ok

17:57:05.0500 0x0814  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

17:57:05.0562 0x0814  dmboot - ok

17:57:05.0593 0x0814  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

17:57:05.0593 0x0814  dmio - ok

17:57:05.0640 0x0814  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

17:57:05.0640 0x0814  dmload - ok

17:57:05.0671 0x0814  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

17:57:05.0671 0x0814  dmserver - ok

17:57:05.0687 0x0814  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

17:57:05.0687 0x0814  DMusic - ok

17:57:05.0734 0x0814  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

17:57:05.0734 0x0814  Dnscache - ok

17:57:05.0781 0x0814  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

17:57:05.0781 0x0814  Dot3svc - ok

17:57:05.0796 0x0814  dpti2o - ok

17:57:05.0828 0x0814  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

17:57:05.0828 0x0814  drmkaud - ok

17:57:05.0859 0x0814  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

17:57:05.0859 0x0814  EapHost - ok

17:57:05.0890 0x0814  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

17:57:05.0890 0x0814  ElbyCDIO - ok

17:57:05.0937 0x0814  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

17:57:05.0937 0x0814  ERSvc - ok

17:57:05.0968 0x0814  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

17:57:05.0968 0x0814  Eventlog - ok

17:57:06.0015 0x0814  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

17:57:06.0031 0x0814  EventSystem - ok

17:57:06.0046 0x0814  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

17:57:06.0062 0x0814  Fastfat - ok

17:57:06.0093 0x0814  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

17:57:06.0109 0x0814  FastUserSwitchingCompatibility - ok

17:57:06.0140 0x0814  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

17:57:06.0140 0x0814  Fdc - ok

17:57:06.0156 0x0814  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

17:57:06.0156 0x0814  Fips - ok

17:57:06.0171 0x0814  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

17:57:06.0171 0x0814  Flpydisk - ok

17:57:06.0218 0x0814  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

17:57:06.0218 0x0814  FltMgr - ok

17:57:06.0296 0x0814  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

17:57:06.0296 0x0814  FontCache3.0.0.0 - ok

17:57:06.0406 0x0814  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

17:57:06.0406 0x0814  Freemake Improver - ok

17:57:06.0468 0x0814  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

17:57:06.0468 0x0814  FreemakeVideoCapture - ok

17:57:06.0484 0x0814  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:57:06.0484 0x0814  Fs_Rec - ok

17:57:06.0500 0x0814  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:57:06.0515 0x0814  Ftdisk - ok

17:57:06.0562 0x0814  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

17:57:06.0562 0x0814  getPlusHelper - ok

17:57:06.0609 0x0814  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:57:06.0609 0x0814  Gpc - ok

17:57:06.0687 0x0814  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

17:57:06.0703 0x0814  gupdate - ok

17:57:06.0703 0x0814  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

17:57:06.0703 0x0814  gupdatem - ok

17:57:06.0765 0x0814  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

17:57:06.0765 0x0814  gusvc - ok

17:57:06.0828 0x0814  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:57:06.0828 0x0814  HDAudBus - ok

17:57:06.0906 0x0814  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

17:57:06.0906 0x0814  helpsvc - ok

17:57:06.0953 0x0814  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

17:57:06.0953 0x0814  HIDKbFlt - ok

17:57:06.0984 0x0814  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

17:57:06.0984 0x0814  HidServ - ok

17:57:07.0031 0x0814  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:57:07.0031 0x0814  HidUsb - ok

17:57:07.0062 0x0814  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

17:57:07.0078 0x0814  hkmsvc - ok

17:57:07.0078 0x0814  hpn - ok

17:57:07.0125 0x0814  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

17:57:07.0140 0x0814  HTTP - ok

17:57:07.0171 0x0814  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

17:57:07.0187 0x0814  HTTPFilter - ok

17:57:07.0187 0x0814  i2omgmt - ok

17:57:07.0187 0x0814  i2omp - ok

17:57:07.0234 0x0814  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:57:07.0234 0x0814  i8042prt - ok

17:57:07.0359 0x0814  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:57:07.0421 0x0814  idsvc - ok

17:57:07.0453 0x0814  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

17:57:07.0453 0x0814  Imapi - ok

17:57:07.0500 0x0814  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

17:57:07.0515 0x0814  ImapiService - ok

17:57:07.0515 0x0814  ini910u - ok

17:57:07.0828 0x0814  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

17:57:08.0078 0x0814  IntcAzAudAddService - ok

17:57:08.0109 0x0814  IntelIde - ok

17:57:08.0140 0x0814  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

17:57:08.0140 0x0814  Ip6Fw - ok

17:57:08.0171 0x0814  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:57:08.0171 0x0814  IpFilterDriver - ok

17:57:08.0187 0x0814  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:57:08.0187 0x0814  IpInIp - ok

17:57:08.0234 0x0814  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:57:08.0234 0x0814  IpNat - ok

17:57:08.0250 0x0814  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:57:08.0250 0x0814  IPSec - ok

17:57:08.0281 0x0814  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

17:57:08.0281 0x0814  IRENUM - ok

17:57:08.0296 0x0814  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:57:08.0296 0x0814  isapnp - ok

17:57:08.0343 0x0814  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

17:57:08.0343 0x0814  Iviaspi - ok

17:57:08.0359 0x0814  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

17:57:08.0359 0x0814  iviVD - ok

17:57:08.0390 0x0814  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:57:08.0390 0x0814  Kbdclass - ok

17:57:08.0421 0x0814  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

17:57:08.0437 0x0814  kbdhid - ok

17:57:08.0453 0x0814  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

17:57:08.0468 0x0814  kmixer - ok

17:57:08.0500 0x0814  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

17:57:08.0500 0x0814  KSecDD - ok

17:57:08.0546 0x0814  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

17:57:08.0562 0x0814  lanmanserver - ok

17:57:08.0593 0x0814  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

17:57:08.0609 0x0814  lanmanworkstation - ok

17:57:08.0609 0x0814  lbrtfdc - ok

17:57:08.0656 0x0814  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

17:57:08.0656 0x0814  LmHosts - ok

17:57:08.0687 0x0814  [ FFB32E70D735146F5630DC7A96B6E1A8, DE1A8CF40FB077FA9AB04D4C292DBD8E42643A822CA5C4B90EC992802EF6765E ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

17:57:08.0687 0x0814  mbamchameleon - ok

17:57:08.0734 0x0814  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

17:57:08.0734 0x0814  MBAMSwissArmy - ok

17:57:08.0843 0x0814  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

17:57:08.0875 0x0814  MDM - ok

17:57:08.0921 0x0814  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

17:57:08.0921 0x0814  Messenger - ok

17:57:08.0953 0x0814  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

17:57:08.0953 0x0814  mnmdd - ok

17:57:08.0984 0x0814  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

17:57:08.0984 0x0814  mnmsrvc - ok

17:57:09.0031 0x0814  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

17:57:09.0031 0x0814  Modem - ok

17:57:09.0140 0x0814  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

17:57:09.0234 0x0814  Monfilt - ok

17:57:09.0250 0x0814  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:57:09.0250 0x0814  Mouclass - ok

17:57:09.0265 0x0814  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

17:57:09.0265 0x0814  MountMgr - ok

17:57:09.0328 0x0814  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

17:57:09.0343 0x0814  MozillaMaintenance - ok

17:57:09.0343 0x0814  mraid35x - ok

17:57:09.0359 0x0814  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:57:09.0359 0x0814  MRxDAV - ok

17:57:09.0421 0x0814  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:57:09.0453 0x0814  MRxSmb - ok

17:57:09.0484 0x0814  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

17:57:09.0484 0x0814  MSDTC - ok

17:57:09.0515 0x0814  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

17:57:09.0515 0x0814  Msfs - ok

17:57:09.0515 0x0814  MSIServer - ok

17:57:09.0546 0x0814  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:57:09.0546 0x0814  MSKSSRV - ok

17:57:09.0562 0x0814  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:57:09.0562 0x0814  MSPCLOCK - ok

17:57:09.0578 0x0814  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

17:57:09.0578 0x0814  MSPQM - ok

17:57:09.0609 0x0814  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:57:09.0609 0x0814  mssmbios - ok

17:57:09.0656 0x0814  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

17:57:09.0671 0x0814  Mup - ok

17:57:09.0703 0x0814  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

17:57:09.0718 0x0814  napagent - ok

17:57:09.0765 0x0814  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

17:57:09.0765 0x0814  NDIS - ok

17:57:09.0796 0x0814  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:57:09.0812 0x0814  NdisTapi - ok

17:57:09.0812 0x0814  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:57:09.0812 0x0814  Ndisuio - ok

17:57:09.0859 0x0814  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:57:09.0859 0x0814  NdisWan - ok

17:57:09.0906 0x0814  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

17:57:09.0906 0x0814  NDProxy - ok

17:57:09.0953 0x0814  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

17:57:09.0953 0x0814  NetBIOS - ok

17:57:09.0968 0x0814  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

17:57:09.0984 0x0814  NetBT - ok

17:57:10.0015 0x0814  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

17:57:10.0031 0x0814  NetDDE - ok

17:57:10.0031 0x0814  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

17:57:10.0031 0x0814  NetDDEdsdm - ok

17:57:10.0062 0x0814  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

17:57:10.0062 0x0814  Netlogon - ok

17:57:10.0078 0x0814  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

17:57:10.0093 0x0814  Netman - ok

17:57:10.0140 0x0814  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

17:57:10.0140 0x0814  NetTcpPortSharing - ok

17:57:10.0171 0x0814  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

17:57:10.0171 0x0814  Nla - ok

17:57:10.0250 0x0814  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

17:57:10.0250 0x0814  NMSAccess - ok

17:57:10.0296 0x0814  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

17:57:10.0312 0x0814  npf - ok

17:57:10.0343 0x0814  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

17:57:10.0343 0x0814  Npfs - ok

17:57:10.0390 0x0814  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

17:57:10.0421 0x0814  Ntfs - ok

17:57:10.0437 0x0814  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

17:57:10.0437 0x0814  NtLmSsp - ok

17:57:10.0500 0x0814  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

17:57:10.0531 0x0814  NtmsSvc - ok

17:57:10.0546 0x0814  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

17:57:10.0546 0x0814  Null - ok

17:57:11.0171 0x0814  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

17:57:11.0718 0x0814  nv - ok

17:57:11.0796 0x0814  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

17:57:11.0796 0x0814  NVHDA - ok

17:57:11.0843 0x0814  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

17:57:11.0859 0x0814  NVSvc - ok

17:57:12.0031 0x0814  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

17:57:12.0140 0x0814  nvUpdatusService - ok

17:57:12.0171 0x0814  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:57:12.0187 0x0814  NwlnkFlt - ok

17:57:12.0203 0x0814  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:57:12.0203 0x0814  NwlnkFwd - ok

17:57:12.0250 0x0814  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

17:57:12.0250 0x0814  Parport - ok

17:57:12.0265 0x0814  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

17:57:12.0265 0x0814  PartMgr - ok

17:57:12.0296 0x0814  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

17:57:12.0296 0x0814  ParVdm - ok

17:57:12.0312 0x0814  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

17:57:12.0312 0x0814  PCI - ok

17:57:12.0328 0x0814  PCIDump - ok

17:57:12.0359 0x0814  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

17:57:12.0359 0x0814  PCIIde - ok

17:57:12.0375 0x0814  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

17:57:12.0375 0x0814  Pcmcia - ok

17:57:12.0390 0x0814  PDCOMP - ok

17:57:12.0390 0x0814  PDFRAME - ok

17:57:12.0390 0x0814  PDRELI - ok

17:57:12.0406 0x0814  PDRFRAME - ok

17:57:12.0406 0x0814  perc2 - ok

17:57:12.0421 0x0814  perc2hib - ok

17:57:12.0453 0x0814  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

17:57:12.0453 0x0814  PlugPlay - ok

17:57:12.0468 0x0814  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

17:57:12.0468 0x0814  PolicyAgent - ok

17:57:12.0484 0x0814  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:57:12.0484 0x0814  PptpMiniport - ok

17:57:12.0500 0x0814  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

17:57:12.0500 0x0814  Processor - ok

17:57:12.0515 0x0814  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

17:57:12.0515 0x0814  ProtectedStorage - ok

17:57:12.0531 0x0814  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

17:57:12.0531 0x0814  PSched - ok

17:57:12.0562 0x0814  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:57:12.0562 0x0814  Ptilink - ok

17:57:12.0578 0x0814  ql1080 - ok

17:57:12.0578 0x0814  Ql10wnt - ok

17:57:12.0593 0x0814  ql12160 - ok

17:57:12.0593 0x0814  ql1240 - ok

17:57:12.0593 0x0814  ql1280 - ok

17:57:12.0609 0x0814  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:57:12.0625 0x0814  RasAcd - ok

17:57:12.0656 0x0814  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

17:57:12.0656 0x0814  RasAuto - ok

17:57:12.0671 0x0814  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:57:12.0687 0x0814  Rasl2tp - ok

17:57:12.0734 0x0814  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

17:57:12.0734 0x0814  RasMan - ok

17:57:12.0796 0x0814  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:57:12.0796 0x0814  RasPppoe - ok

17:57:12.0828 0x0814  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

17:57:12.0828 0x0814  Raspti - ok

17:57:12.0875 0x0814  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:57:12.0875 0x0814  Rdbss - ok

17:57:12.0890 0x0814  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:57:12.0890 0x0814  RDPCDD - ok

17:57:12.0937 0x0814  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

17:57:12.0953 0x0814  rdpdr - ok

17:57:12.0968 0x0814  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

17:57:12.0984 0x0814  RDPWD - ok

17:57:13.0015 0x0814  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

17:57:13.0015 0x0814  RDSessMgr - ok

17:57:13.0093 0x0814  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

17:57:13.0093 0x0814  RealNetworks Downloader Resolver Service - ok

17:57:13.0140 0x0814  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

17:57:13.0140 0x0814  redbook - ok

17:57:13.0187 0x0814  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

17:57:13.0187 0x0814  RemoteAccess - ok

17:57:13.0234 0x0814  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

17:57:13.0234 0x0814  RemoteRegistry - ok

17:57:13.0250 0x0814  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

17:57:13.0265 0x0814  RpcLocator - ok

17:57:13.0296 0x0814  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\System32\rpcss.dll

17:57:13.0312 0x0814  RpcSs - ok

17:57:13.0343 0x0814  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

17:57:13.0359 0x0814  RSVP - ok

17:57:13.0375 0x0814  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

17:57:13.0390 0x0814  RTLE8023xp - ok

17:57:13.0406 0x0814  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

17:57:13.0406 0x0814  SamSs - ok

17:57:13.0453 0x0814  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

17:57:13.0453 0x0814  SCardSvr - ok

17:57:13.0500 0x0814  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

17:57:13.0500 0x0814  Schedule - ok

17:57:13.0531 0x0814  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:57:13.0531 0x0814  Secdrv - ok

17:57:13.0562 0x0814  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

17:57:13.0578 0x0814  seclogon - ok

17:57:13.0625 0x0814  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

17:57:13.0625 0x0814  SENS - ok

17:57:13.0640 0x0814  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

17:57:13.0640 0x0814  serenum - ok

17:57:13.0671 0x0814  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

17:57:13.0671 0x0814  Serial - ok

17:57:13.0718 0x0814  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

17:57:13.0718 0x0814  Sfloppy - ok

17:57:13.0781 0x0814  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

17:57:13.0812 0x0814  SharedAccess - ok

17:57:13.0843 0x0814  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

17:57:13.0843 0x0814  ShellHWDetection - ok

17:57:13.0859 0x0814  Simbad - ok

17:57:13.0859 0x0814  Sparrow - ok

17:57:13.0890 0x0814  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

17:57:13.0890 0x0814  splitter - ok

17:57:13.0937 0x0814  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

17:57:13.0937 0x0814  Spooler - ok

17:57:13.0953 0x0814  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

17:57:13.0953 0x0814  sr - ok

17:57:14.0015 0x0814  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

17:57:14.0015 0x0814  srservice - ok

17:57:14.0093 0x0814  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

17:57:14.0109 0x0814  Srv - ok

17:57:14.0156 0x0814  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

17:57:14.0156 0x0814  SSDPSRV - ok

17:57:14.0187 0x0814  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

17:57:14.0187 0x0814  ssmdrv - ok

17:57:14.0234 0x0814  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

17:57:14.0234 0x0814  ss_bbus - ok

17:57:14.0281 0x0814  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

17:57:14.0281 0x0814  ss_bmdfl - ok

17:57:14.0328 0x0814  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

17:57:14.0328 0x0814  ss_bmdm - ok

17:57:14.0375 0x0814  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

17:57:14.0375 0x0814  ss_bserd - ok

17:57:14.0421 0x0814  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

17:57:14.0421 0x0814  StarOpen - ok

17:57:14.0468 0x0814  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

17:57:14.0500 0x0814  stisvc - ok

17:57:14.0531 0x0814  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

17:57:14.0531 0x0814  swenum - ok

17:57:14.0562 0x0814  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

17:57:14.0562 0x0814  swmidi - ok

17:57:14.0562 0x0814  SwPrv - ok

17:57:14.0578 0x0814  symc810 - ok

17:57:14.0578 0x0814  symc8xx - ok

17:57:14.0593 0x0814  sym_hi - ok

17:57:14.0593 0x0814  sym_u3 - ok

17:57:14.0609 0x0814  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

17:57:14.0609 0x0814  sysaudio - ok

17:57:14.0656 0x0814  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

17:57:14.0656 0x0814  SysmonLog - ok

17:57:14.0703 0x0814  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

17:57:14.0718 0x0814  TapiSrv - ok

17:57:14.0781 0x0814  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:57:14.0828 0x0814  Tcpip - ok

17:57:14.0859 0x0814  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

17:57:14.0859 0x0814  TDPIPE - ok

17:57:14.0890 0x0814  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

17:57:14.0890 0x0814  TDTCP - ok

17:57:14.0921 0x0814  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

17:57:14.0921 0x0814  TermDD - ok

17:57:14.0968 0x0814  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

17:57:14.0984 0x0814  TermService - ok

17:57:15.0031 0x0814  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

17:57:15.0031 0x0814  Themes - ok

17:57:15.0062 0x0814  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

17:57:15.0062 0x0814  TlntSvr - ok

17:57:15.0078 0x0814  TosIde - ok

17:57:15.0093 0x0814  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

17:57:15.0109 0x0814  TrkWks - ok

17:57:15.0125 0x0814  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

17:57:15.0125 0x0814  Udfs - ok

17:57:15.0203 0x0814  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

17:57:15.0203 0x0814  UleadBurningHelper - ok

17:57:15.0218 0x0814  ultra - ok

17:57:15.0250 0x0814  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

17:57:15.0250 0x0814  UMWdf - ok

17:57:15.0312 0x0814  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

17:57:15.0343 0x0814  Update - ok

17:57:15.0390 0x0814  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

17:57:15.0390 0x0814  upnphost - ok

17:57:15.0406 0x0814  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

17:57:15.0421 0x0814  UPS - ok

17:57:15.0437 0x0814  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

17:57:15.0453 0x0814  usbaudio - ok

17:57:15.0484 0x0814  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:57:15.0484 0x0814  usbccgp - ok

17:57:15.0500 0x0814  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:57:15.0500 0x0814  usbehci - ok

17:57:15.0546 0x0814  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:57:15.0546 0x0814  usbhub - ok

17:57:15.0562 0x0814  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

17:57:15.0562 0x0814  usbohci - ok

17:57:15.0578 0x0814  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

17:57:15.0578 0x0814  usbprint - ok

17:57:15.0609 0x0814  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:57:15.0625 0x0814  usbscan - ok

17:57:15.0656 0x0814  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:57:15.0656 0x0814  USBSTOR - ok

17:57:15.0703 0x0814  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

17:57:15.0703 0x0814  VgaSave - ok

17:57:15.0718 0x0814  ViaIde - ok

17:57:15.0734 0x0814  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

17:57:15.0734 0x0814  VolSnap - ok

17:57:15.0781 0x0814  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

17:57:15.0812 0x0814  VSS - ok

17:57:15.0859 0x0814  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

17:57:15.0859 0x0814  W32Time - ok

17:57:15.0906 0x0814  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:57:15.0906 0x0814  Wanarp - ok

17:57:15.0921 0x0814  WDICA - ok

17:57:15.0953 0x0814  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

17:57:15.0953 0x0814  wdmaud - ok

17:57:16.0000 0x0814  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

17:57:16.0000 0x0814  WebClient - ok

17:57:16.0093 0x0814  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

17:57:16.0093 0x0814  winmgmt - ok

17:57:16.0140 0x0814  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

17:57:16.0140 0x0814  WmdmPmSN - ok

17:57:16.0203 0x0814  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

17:57:16.0234 0x0814  Wmi - ok

17:57:16.0281 0x0814  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

17:57:16.0281 0x0814  WmiApSrv - ok

17:57:16.0312 0x0814  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

17:57:16.0328 0x0814  WpdUsb - ok

17:57:16.0453 0x0814  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:57:16.0484 0x0814  WPFFontCache_v0400 - ok

17:57:16.0531 0x0814  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

17:57:16.0531 0x0814  WS2IFSL - ok

17:57:16.0578 0x0814  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

17:57:16.0578 0x0814  wscsvc - ok

17:57:16.0593 0x0814  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

17:57:16.0593 0x0814  wuauserv - ok

17:57:16.0671 0x0814  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

17:57:16.0718 0x0814  WZCSVC - ok

17:57:16.0765 0x0814  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

17:57:16.0765 0x0814  xmlprov - ok

17:57:16.0765 0x0814  ================ Scan global ===============================

17:57:16.0796 0x0814  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

17:57:16.0859 0x0814  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

17:57:16.0921 0x0814  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

17:57:16.0953 0x0814  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

17:57:16.0953 0x0814  [ Global ] - ok

17:57:16.0953 0x0814  ================ Scan MBR ==================================

17:57:16.0984 0x0814  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

17:57:17.0140 0x0814  \Device\Harddisk0\DR0 - ok

17:57:17.0140 0x0814  ================ Scan VBR ==================================

17:57:17.0156 0x0814  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

17:57:17.0156 0x0814  \Device\Harddisk0\DR0\Partition1 - ok

17:57:17.0156 0x0814  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

17:57:17.0156 0x0814  \Device\Harddisk0\DR0\Partition2 - ok

17:57:17.0156 0x0814  ================ Scan generic autorun ======================

17:57:17.0250 0x0814  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

17:57:17.0250 0x0814  StartCCC - ok

17:57:18.0203 0x0814  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

17:57:19.0109 0x0814  RTHDCPL - ok

17:57:19.0234 0x0814  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

17:57:19.0234 0x0814  Adobe Reader Speed Launcher - ok

17:57:19.0359 0x0814  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

17:57:19.0406 0x0814  Adobe ARM - ok

17:57:19.0484 0x0814  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

17:57:19.0500 0x0814  HPDJ Taskbar Utility - ok

17:57:19.0593 0x0814  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

17:57:19.0625 0x0814  UVS11 Preload - ok

17:57:19.0718 0x0814  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

17:57:19.0734 0x0814  QuickTime Task - ok

17:57:19.0796 0x0814  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

17:57:19.0812 0x0814  OfficeKB - ok

17:57:19.0812 0x0814  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

17:57:19.0828 0x0814  KPDrv4XP - ok

17:57:19.0828 0x0814  NvCplDaemon - ok

17:57:19.0828 0x0814  NvMediaCenter - ok

17:57:20.0015 0x0814  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

17:57:20.0140 0x0814  nwiz - ok

17:57:20.0250 0x0814  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

17:57:20.0312 0x0814  Nvtmru - ok

17:57:20.0406 0x0814  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

17:57:20.0453 0x0814  avgnt - ok

17:57:20.0578 0x0814  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

17:57:20.0640 0x0814  TkBellExe - ok

17:57:20.0671 0x0814  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

17:57:20.0671 0x0814  CTFMON.EXE - ok

17:57:20.0843 0x0814  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

17:57:20.0875 0x0814  AmazonMP3DownloaderHelper - ok

17:57:20.0906 0x0814  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

17:57:20.0906 0x0814  ctfmon.exe - ok

17:57:20.0921 0x0814  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

17:57:20.0921 0x0814  CTFMON.EXE - ok

17:57:20.0921 0x0814  Waiting for KSN requests completion. In queue: 203

17:57:21.0921 0x0814  Waiting for KSN requests completion. In queue: 203

17:57:22.0921 0x0814  Waiting for KSN requests completion. In queue: 203

17:57:23.0921 0x0814  Waiting for KSN requests completion. In queue: 203

17:57:24.0968 0x0814  AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated

17:57:24.0984 0x0814  Win FW state via NFM: enabled

17:57:27.0375 0x0814  ============================================================

17:57:27.0375 0x0814  Scan finished

17:57:27.0375 0x0814  ============================================================

17:57:27.0375 0x044c  Detected object count: 0

17:57:27.0375 0x044c  Actual detected object count: 0

17:58:21.0140 0x08c8  ============================================================

17:58:21.0140 0x08c8  Scan started

17:58:21.0140 0x08c8  Mode: Manual; 

17:58:21.0140 0x08c8  ============================================================

17:58:21.0140 0x08c8  KSN ping started

17:58:34.0484 0x08c8  KSN ping finished: true

17:58:35.0453 0x08c8  ================ Scan system memory ========================

17:58:35.0453 0x08c8  System memory - ok

17:58:35.0453 0x08c8  ================ Scan services =============================

17:58:35.0531 0x08c8  Abiosdsk - ok

17:58:35.0546 0x08c8  abp480n5 - ok

17:58:35.0593 0x08c8  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:58:35.0593 0x08c8  ACPI - ok

17:58:35.0640 0x08c8  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

17:58:35.0640 0x08c8  ACPIEC - ok

17:58:35.0718 0x08c8  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:58:35.0718 0x08c8  AdobeFlashPlayerUpdateSvc - ok

17:58:35.0734 0x08c8  adpu160m - ok

17:58:35.0750 0x08c8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

17:58:35.0765 0x08c8  aec - ok

17:58:35.0796 0x08c8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

17:58:35.0812 0x08c8  AFD - ok

17:58:35.0812 0x08c8  Aha154x - ok

17:58:35.0812 0x08c8  aic78u2 - ok

17:58:35.0828 0x08c8  aic78xx - ok

17:58:35.0859 0x08c8  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

17:58:35.0859 0x08c8  Alerter - ok

17:58:35.0890 0x08c8  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

17:58:35.0890 0x08c8  ALG - ok

17:58:35.0890 0x08c8  AliIde - ok

17:58:36.0031 0x08c8  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

17:58:36.0078 0x08c8  Ambfilt - ok

17:58:36.0078 0x08c8  amsint - ok

17:58:36.0218 0x08c8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

17:58:36.0234 0x08c8  AntiVirSchedulerService - ok

17:58:36.0281 0x08c8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

17:58:36.0296 0x08c8  AntiVirService - ok

17:58:36.0343 0x08c8  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

17:58:36.0343 0x08c8  AppMgmt - ok

17:58:36.0359 0x08c8  asc - ok

17:58:36.0359 0x08c8  asc3350p - ok

17:58:36.0359 0x08c8  asc3550 - ok

17:58:36.0500 0x08c8  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

17:58:36.0500 0x08c8  aspnet_state - ok

17:58:36.0531 0x08c8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:58:36.0531 0x08c8  AsyncMac - ok

17:58:36.0562 0x08c8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

17:58:36.0562 0x08c8  atapi - ok

17:58:36.0578 0x08c8  Atdisk - ok

17:58:36.0656 0x08c8  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

17:58:36.0671 0x08c8  Ati HotKey Poller - ok

17:58:36.0718 0x08c8  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

17:58:36.0734 0x08c8  ATI Smart - ok

17:58:36.0953 0x08c8  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

17:58:37.0046 0x08c8  ati2mtag - ok

17:58:37.0093 0x08c8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:58:37.0093 0x08c8  Atmarpc - ok

17:58:37.0125 0x08c8  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

17:58:37.0125 0x08c8  AudioSrv - ok

17:58:37.0156 0x08c8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

17:58:37.0156 0x08c8  audstub - ok

17:58:37.0203 0x08c8  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

17:58:37.0203 0x08c8  avgntflt - ok

17:58:37.0218 0x08c8  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

17:58:37.0218 0x08c8  avipbb - ok

17:58:37.0234 0x08c8  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

17:58:37.0234 0x08c8  avkmgr - ok

17:58:37.0265 0x08c8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

17:58:37.0265 0x08c8  Beep - ok

17:58:37.0328 0x08c8  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

17:58:37.0343 0x08c8  BITS - ok

17:58:37.0375 0x08c8  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

17:58:37.0375 0x08c8  Browser - ok

17:58:37.0421 0x08c8  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

17:58:37.0437 0x08c8  Capture Device Service - ok

17:58:37.0562 0x08c8  catchme - ok

17:58:37.0609 0x08c8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

17:58:37.0609 0x08c8  cbidf2k - ok

17:58:37.0625 0x08c8  cd20xrnt - ok

17:58:37.0640 0x08c8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

17:58:37.0640 0x08c8  Cdaudio - ok

17:58:37.0687 0x08c8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

17:58:37.0687 0x08c8  Cdfs - ok

17:58:37.0718 0x08c8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:58:37.0718 0x08c8  Cdrom - ok

17:58:37.0734 0x08c8  Changer - ok

17:58:37.0765 0x08c8  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

17:58:37.0765 0x08c8  CiSvc - ok

17:58:37.0781 0x08c8  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

17:58:37.0781 0x08c8  ClipSrv - ok

17:58:37.0843 0x08c8  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:58:37.0843 0x08c8  clr_optimization_v2.0.50727_32 - ok

17:58:37.0890 0x08c8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:58:37.0890 0x08c8  clr_optimization_v4.0.30319_32 - ok

17:58:37.0906 0x08c8  CmdIde - ok

17:58:37.0906 0x08c8  COMSysApp - ok

17:58:37.0921 0x08c8  Cpqarray - ok

17:58:37.0968 0x08c8  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

17:58:37.0968 0x08c8  CryptSvc - ok

17:58:37.0968 0x08c8  dac2w2k - ok

17:58:37.0968 0x08c8  dac960nt - ok

17:58:38.0046 0x08c8  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

17:58:38.0062 0x08c8  DcomLaunch - ok

17:58:38.0109 0x08c8  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

17:58:38.0109 0x08c8  Dhcp - ok

17:58:38.0156 0x08c8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

17:58:38.0156 0x08c8  Disk - ok

17:58:38.0156 0x08c8  dmadmin - ok

17:58:38.0265 0x08c8  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

17:58:38.0281 0x08c8  dmboot - ok

17:58:38.0312 0x08c8  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

17:58:38.0312 0x08c8  dmio - ok

17:58:38.0359 0x08c8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

17:58:38.0359 0x08c8  dmload - ok

17:58:38.0390 0x08c8  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

17:58:38.0390 0x08c8  dmserver - ok

17:58:38.0406 0x08c8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

17:58:38.0406 0x08c8  DMusic - ok

17:58:38.0453 0x08c8  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

17:58:38.0453 0x08c8  Dnscache - ok

17:58:38.0484 0x08c8  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

17:58:38.0484 0x08c8  Dot3svc - ok

17:58:38.0500 0x08c8  dpti2o - ok

17:58:38.0531 0x08c8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

17:58:38.0531 0x08c8  drmkaud - ok

17:58:38.0562 0x08c8  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

17:58:38.0578 0x08c8  EapHost - ok

17:58:38.0593 0x08c8  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

17:58:38.0609 0x08c8  ElbyCDIO - ok

17:58:38.0640 0x08c8  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

17:58:38.0640 0x08c8  ERSvc - ok

17:58:38.0687 0x08c8  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

17:58:38.0687 0x08c8  Eventlog - ok

17:58:38.0734 0x08c8  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

17:58:38.0750 0x08c8  EventSystem - ok

17:58:38.0765 0x08c8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

17:58:38.0765 0x08c8  Fastfat - ok

17:58:38.0812 0x08c8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

17:58:38.0828 0x08c8  FastUserSwitchingCompatibility - ok

17:58:38.0859 0x08c8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

17:58:38.0859 0x08c8  Fdc - ok

17:58:38.0875 0x08c8  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

17:58:38.0875 0x08c8  Fips - ok

17:58:38.0890 0x08c8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

17:58:38.0890 0x08c8  Flpydisk - ok

17:58:38.0937 0x08c8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

17:58:38.0937 0x08c8  FltMgr - ok

17:58:39.0000 0x08c8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

17:58:39.0015 0x08c8  FontCache3.0.0.0 - ok

17:58:39.0125 0x08c8  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

17:58:39.0125 0x08c8  Freemake Improver - ok

17:58:39.0187 0x08c8  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

17:58:39.0187 0x08c8  FreemakeVideoCapture - ok

17:58:39.0203 0x08c8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:58:39.0203 0x08c8  Fs_Rec - ok

17:58:39.0218 0x08c8  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:58:39.0218 0x08c8  Ftdisk - ok

17:58:39.0281 0x08c8  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

17:58:39.0281 0x08c8  getPlusHelper - ok

17:58:39.0312 0x08c8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:58:39.0312 0x08c8  Gpc - ok

17:58:39.0390 0x08c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

17:58:39.0390 0x08c8  gupdate - ok

17:58:39.0390 0x08c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

17:58:39.0390 0x08c8  gupdatem - ok

17:58:39.0437 0x08c8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

17:58:39.0453 0x08c8  gusvc - ok

17:58:39.0500 0x08c8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:58:39.0500 0x08c8  HDAudBus - ok

17:58:39.0562 0x08c8  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

17:58:39.0578 0x08c8  helpsvc - ok

17:58:39.0609 0x08c8  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

17:58:39.0609 0x08c8  HIDKbFlt - ok

17:58:39.0640 0x08c8  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

17:58:39.0640 0x08c8  HidServ - ok

17:58:39.0687 0x08c8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:58:39.0687 0x08c8  HidUsb - ok

17:58:39.0718 0x08c8  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

17:58:39.0734 0x08c8  hkmsvc - ok

17:58:39.0734 0x08c8  hpn - ok

17:58:39.0781 0x08c8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

17:58:39.0781 0x08c8  HTTP - ok

17:58:39.0828 0x08c8  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

17:58:39.0828 0x08c8  HTTPFilter - ok

17:58:39.0828 0x08c8  i2omgmt - ok

17:58:39.0843 0x08c8  i2omp - ok

17:58:39.0875 0x08c8  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:58:39.0890 0x08c8  i8042prt - ok

17:58:40.0000 0x08c8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:58:40.0031 0x08c8  idsvc - ok

17:58:40.0062 0x08c8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

17:58:40.0062 0x08c8  Imapi - ok

17:58:40.0109 0x08c8  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

17:58:40.0109 0x08c8  ImapiService - ok

17:58:40.0125 0x08c8  ini910u - ok

17:58:40.0437 0x08c8  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

17:58:40.0562 0x08c8  IntcAzAudAddService - ok

17:58:40.0578 0x08c8  IntelIde - ok

17:58:40.0609 0x08c8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

17:58:40.0609 0x08c8  Ip6Fw - ok

17:58:40.0640 0x08c8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:58:40.0640 0x08c8  IpFilterDriver - ok

17:58:40.0656 0x08c8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:58:40.0656 0x08c8  IpInIp - ok

17:58:40.0703 0x08c8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:58:40.0703 0x08c8  IpNat - ok

17:58:40.0718 0x08c8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:58:40.0718 0x08c8  IPSec - ok

17:58:40.0734 0x08c8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

17:58:40.0750 0x08c8  IRENUM - ok

17:58:40.0765 0x08c8  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:58:40.0765 0x08c8  isapnp - ok

17:58:40.0812 0x08c8  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

17:58:40.0812 0x08c8  Iviaspi - ok

17:58:40.0828 0x08c8  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

17:58:40.0843 0x08c8  iviVD - ok

17:58:40.0859 0x08c8  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:58:40.0859 0x08c8  Kbdclass - ok

17:58:40.0906 0x08c8  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

17:58:40.0906 0x08c8  kbdhid - ok

17:58:40.0921 0x08c8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

17:58:40.0921 0x08c8  kmixer - ok

17:58:40.0968 0x08c8  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

17:58:40.0968 0x08c8  KSecDD - ok

17:58:41.0015 0x08c8  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

17:58:41.0015 0x08c8  lanmanserver - ok

17:58:41.0062 0x08c8  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

17:58:41.0078 0x08c8  lanmanworkstation - ok

17:58:41.0078 0x08c8  lbrtfdc - ok

17:58:41.0125 0x08c8  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

17:58:41.0125 0x08c8  LmHosts - ok

17:58:41.0156 0x08c8  [ FFB32E70D735146F5630DC7A96B6E1A8, DE1A8CF40FB077FA9AB04D4C292DBD8E42643A822CA5C4B90EC992802EF6765E ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

17:58:41.0156 0x08c8  mbamchameleon - ok

17:58:41.0187 0x08c8  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

17:58:41.0203 0x08c8  MBAMSwissArmy - ok

17:58:41.0296 0x08c8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

17:58:41.0312 0x08c8  MDM - ok

17:58:41.0343 0x08c8  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

17:58:41.0343 0x08c8  Messenger - ok

17:58:41.0375 0x08c8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

17:58:41.0375 0x08c8  mnmdd - ok

17:58:41.0406 0x08c8  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

17:58:41.0406 0x08c8  mnmsrvc - ok

17:58:41.0437 0x08c8  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

17:58:41.0437 0x08c8  Modem - ok

17:58:41.0593 0x08c8  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

17:58:41.0640 0x08c8  Monfilt - ok

17:58:41.0671 0x08c8  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:58:41.0671 0x08c8  Mouclass - ok

17:58:41.0718 0x08c8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

17:58:41.0718 0x08c8  MountMgr - ok

17:58:41.0796 0x08c8  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

17:58:41.0812 0x08c8  MozillaMaintenance - ok

17:58:41.0812 0x08c8  mraid35x - ok

17:58:41.0843 0x08c8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:58:41.0843 0x08c8  MRxDAV - ok

17:58:41.0937 0x08c8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:58:41.0937 0x08c8  MRxSmb - ok

17:58:41.0984 0x08c8  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

17:58:41.0984 0x08c8  MSDTC - ok

17:58:42.0031 0x08c8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

17:58:42.0031 0x08c8  Msfs - ok

17:58:42.0031 0x08c8  MSIServer - ok

17:58:42.0062 0x08c8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:58:42.0062 0x08c8  MSKSSRV - ok

17:58:42.0078 0x08c8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:58:42.0093 0x08c8  MSPCLOCK - ok

17:58:42.0093 0x08c8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

17:58:42.0093 0x08c8  MSPQM - ok

17:58:42.0140 0x08c8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

mysteryPC

19.03.2015 18:04

Code:

17:58:42.0140 0x08c8  mssmbios - ok

17:58:42.0171 0x08c8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

17:58:42.0171 0x08c8  Mup - ok

17:58:42.0218 0x08c8  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

17:58:42.0234 0x08c8  napagent - ok

17:58:42.0265 0x08c8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

17:58:42.0265 0x08c8  NDIS - ok

17:58:42.0296 0x08c8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:58:42.0296 0x08c8  NdisTapi - ok

17:58:42.0312 0x08c8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:58:42.0312 0x08c8  Ndisuio - ok

17:58:42.0328 0x08c8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:58:42.0328 0x08c8  NdisWan - ok

17:58:42.0375 0x08c8  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

17:58:42.0375 0x08c8  NDProxy - ok

17:58:42.0421 0x08c8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

17:58:42.0421 0x08c8  NetBIOS - ok

17:58:42.0437 0x08c8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

17:58:42.0437 0x08c8  NetBT - ok

17:58:42.0484 0x08c8  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

17:58:42.0484 0x08c8  NetDDE - ok

17:58:42.0500 0x08c8  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

17:58:42.0500 0x08c8  NetDDEdsdm - ok

17:58:42.0531 0x08c8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

17:58:42.0531 0x08c8  Netlogon - ok

17:58:42.0546 0x08c8  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

17:58:42.0562 0x08c8  Netman - ok

17:58:42.0625 0x08c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

17:58:42.0625 0x08c8  NetTcpPortSharing - ok

17:58:42.0671 0x08c8  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

17:58:42.0671 0x08c8  Nla - ok

17:58:42.0750 0x08c8  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

17:58:42.0750 0x08c8  NMSAccess - ok

17:58:42.0796 0x08c8  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

17:58:42.0796 0x08c8  npf - ok

17:58:42.0843 0x08c8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

17:58:42.0843 0x08c8  Npfs - ok

17:58:42.0890 0x08c8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

17:58:42.0906 0x08c8  Ntfs - ok

17:58:42.0921 0x08c8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

17:58:42.0921 0x08c8  NtLmSsp - ok

17:58:42.0984 0x08c8  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

17:58:43.0000 0x08c8  NtmsSvc - ok

17:58:43.0015 0x08c8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

17:58:43.0015 0x08c8  Null - ok

17:58:43.0656 0x08c8  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

17:58:43.0937 0x08c8  nv - ok

17:58:44.0000 0x08c8  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

17:58:44.0000 0x08c8  NVHDA - ok

17:58:44.0062 0x08c8  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

17:58:44.0062 0x08c8  NVSvc - ok

17:58:44.0250 0x08c8  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

17:58:44.0296 0x08c8  nvUpdatusService - ok

17:58:44.0328 0x08c8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:58:44.0328 0x08c8  NwlnkFlt - ok

17:58:44.0343 0x08c8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:58:44.0359 0x08c8  NwlnkFwd - ok

17:58:44.0390 0x08c8  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

17:58:44.0390 0x08c8  Parport - ok

17:58:44.0406 0x08c8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

17:58:44.0406 0x08c8  PartMgr - ok

17:58:44.0453 0x08c8  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

17:58:44.0453 0x08c8  ParVdm - ok

17:58:44.0453 0x08c8  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

17:58:44.0468 0x08c8  PCI - ok

17:58:44.0468 0x08c8  PCIDump - ok

17:58:44.0500 0x08c8  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

17:58:44.0500 0x08c8  PCIIde - ok

17:58:44.0515 0x08c8  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

17:58:44.0531 0x08c8  Pcmcia - ok

17:58:44.0531 0x08c8  PDCOMP - ok

17:58:44.0531 0x08c8  PDFRAME - ok

17:58:44.0546 0x08c8  PDRELI - ok

17:58:44.0546 0x08c8  PDRFRAME - ok

17:58:44.0562 0x08c8  perc2 - ok

17:58:44.0562 0x08c8  perc2hib - ok

17:58:44.0593 0x08c8  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

17:58:44.0609 0x08c8  PlugPlay - ok

17:58:44.0625 0x08c8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

17:58:44.0625 0x08c8  PolicyAgent - ok

17:58:44.0640 0x08c8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:58:44.0640 0x08c8  PptpMiniport - ok

17:58:44.0656 0x08c8  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

17:58:44.0656 0x08c8  Processor - ok

17:58:44.0656 0x08c8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

17:58:44.0656 0x08c8  ProtectedStorage - ok

17:58:44.0671 0x08c8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

17:58:44.0671 0x08c8  PSched - ok

17:58:44.0718 0x08c8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:58:44.0718 0x08c8  Ptilink - ok

17:58:44.0718 0x08c8  ql1080 - ok

17:58:44.0734 0x08c8  Ql10wnt - ok

17:58:44.0734 0x08c8  ql12160 - ok

17:58:44.0734 0x08c8  ql1240 - ok

17:58:44.0750 0x08c8  ql1280 - ok

17:58:44.0765 0x08c8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:58:44.0765 0x08c8  RasAcd - ok

17:58:44.0796 0x08c8  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

17:58:44.0796 0x08c8  RasAuto - ok

17:58:44.0828 0x08c8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:58:44.0828 0x08c8  Rasl2tp - ok

17:58:44.0875 0x08c8  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

17:58:44.0875 0x08c8  RasMan - ok

17:58:44.0890 0x08c8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:58:44.0890 0x08c8  RasPppoe - ok

17:58:44.0906 0x08c8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

17:58:44.0906 0x08c8  Raspti - ok

17:58:44.0953 0x08c8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:58:44.0953 0x08c8  Rdbss - ok

17:58:44.0968 0x08c8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:58:44.0968 0x08c8  RDPCDD - ok

17:58:44.0984 0x08c8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

17:58:44.0984 0x08c8  rdpdr - ok

17:58:45.0031 0x08c8  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

17:58:45.0046 0x08c8  RDPWD - ok

17:58:45.0093 0x08c8  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

17:58:45.0093 0x08c8  RDSessMgr - ok

17:58:45.0156 0x08c8  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

17:58:45.0156 0x08c8  RealNetworks Downloader Resolver Service - ok

17:58:45.0171 0x08c8  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

17:58:45.0171 0x08c8  redbook - ok

17:58:45.0203 0x08c8  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

17:58:45.0203 0x08c8  RemoteAccess - ok

17:58:45.0250 0x08c8  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

17:58:45.0250 0x08c8  RemoteRegistry - ok

17:58:45.0265 0x08c8  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

17:58:45.0281 0x08c8  RpcLocator - ok

17:58:45.0312 0x08c8  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\System32\rpcss.dll

17:58:45.0328 0x08c8  RpcSs - ok

17:58:45.0359 0x08c8  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

17:58:45.0359 0x08c8  RSVP - ok

17:58:45.0390 0x08c8  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

17:58:45.0406 0x08c8  RTLE8023xp - ok

17:58:45.0421 0x08c8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

17:58:45.0421 0x08c8  SamSs - ok

17:58:45.0453 0x08c8  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

17:58:45.0468 0x08c8  SCardSvr - ok

17:58:45.0515 0x08c8  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

17:58:45.0515 0x08c8  Schedule - ok

17:58:45.0546 0x08c8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:58:45.0546 0x08c8  Secdrv - ok

17:58:45.0578 0x08c8  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

17:58:45.0593 0x08c8  seclogon - ok

17:58:45.0609 0x08c8  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

17:58:45.0609 0x08c8  SENS - ok

17:58:45.0625 0x08c8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

17:58:45.0625 0x08c8  serenum - ok

17:58:45.0640 0x08c8  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

17:58:45.0640 0x08c8  Serial - ok

17:58:45.0671 0x08c8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

17:58:45.0671 0x08c8  Sfloppy - ok

17:58:45.0734 0x08c8  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

17:58:45.0750 0x08c8  SharedAccess - ok

17:58:45.0765 0x08c8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

17:58:45.0765 0x08c8  ShellHWDetection - ok

17:58:45.0781 0x08c8  Simbad - ok

17:58:45.0781 0x08c8  Sparrow - ok

17:58:45.0828 0x08c8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

17:58:45.0828 0x08c8  splitter - ok

17:58:45.0875 0x08c8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

17:58:45.0875 0x08c8  Spooler - ok

17:58:45.0890 0x08c8  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

17:58:45.0890 0x08c8  sr - ok

17:58:45.0937 0x08c8  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

17:58:45.0937 0x08c8  srservice - ok

17:58:46.0000 0x08c8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

17:58:46.0015 0x08c8  Srv - ok

17:58:46.0046 0x08c8  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

17:58:46.0046 0x08c8  SSDPSRV - ok

17:58:46.0078 0x08c8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

17:58:46.0078 0x08c8  ssmdrv - ok

17:58:46.0125 0x08c8  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

17:58:46.0125 0x08c8  ss_bbus - ok

17:58:46.0156 0x08c8  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

17:58:46.0156 0x08c8  ss_bmdfl - ok

17:58:46.0203 0x08c8  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

17:58:46.0218 0x08c8  ss_bmdm - ok

17:58:46.0250 0x08c8  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

17:58:46.0250 0x08c8  ss_bserd - ok

17:58:46.0281 0x08c8  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

17:58:46.0296 0x08c8  StarOpen - ok

17:58:46.0343 0x08c8  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

17:58:46.0359 0x08c8  stisvc - ok

17:58:46.0390 0x08c8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

17:58:46.0390 0x08c8  swenum - ok

17:58:46.0406 0x08c8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

17:58:46.0406 0x08c8  swmidi - ok

17:58:46.0406 0x08c8  SwPrv - ok

17:58:46.0421 0x08c8  symc810 - ok

17:58:46.0421 0x08c8  symc8xx - ok

17:58:46.0437 0x08c8  sym_hi - ok

17:58:46.0437 0x08c8  sym_u3 - ok

17:58:46.0453 0x08c8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

17:58:46.0453 0x08c8  sysaudio - ok

17:58:46.0500 0x08c8  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

17:58:46.0500 0x08c8  SysmonLog - ok

17:58:46.0562 0x08c8  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

17:58:46.0562 0x08c8  TapiSrv - ok

17:58:46.0625 0x08c8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:58:46.0640 0x08c8  Tcpip - ok

17:58:46.0671 0x08c8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

17:58:46.0671 0x08c8  TDPIPE - ok

17:58:46.0687 0x08c8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

17:58:46.0687 0x08c8  TDTCP - ok

17:58:46.0718 0x08c8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

17:58:46.0718 0x08c8  TermDD - ok

17:58:46.0765 0x08c8  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

17:58:46.0765 0x08c8  TermService - ok

17:58:46.0796 0x08c8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

17:58:46.0796 0x08c8  Themes - ok

17:58:46.0843 0x08c8  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

17:58:46.0843 0x08c8  TlntSvr - ok

17:58:46.0859 0x08c8  TosIde - ok

17:58:46.0875 0x08c8  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

17:58:46.0890 0x08c8  TrkWks - ok

17:58:46.0906 0x08c8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

17:58:46.0906 0x08c8  Udfs - ok

17:58:46.0984 0x08c8  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

17:58:46.0984 0x08c8  UleadBurningHelper - ok

17:58:47.0000 0x08c8  ultra - ok

17:58:47.0031 0x08c8  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

17:58:47.0031 0x08c8  UMWdf - ok

17:58:47.0093 0x08c8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

17:58:47.0109 0x08c8  Update - ok

17:58:47.0156 0x08c8  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

17:58:47.0156 0x08c8  upnphost - ok

17:58:47.0187 0x08c8  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

17:58:47.0187 0x08c8  UPS - ok

17:58:47.0218 0x08c8  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

17:58:47.0218 0x08c8  usbaudio - ok

17:58:47.0250 0x08c8  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:58:47.0265 0x08c8  usbccgp - ok

17:58:47.0281 0x08c8  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:58:47.0281 0x08c8  usbehci - ok

17:58:47.0312 0x08c8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:58:47.0312 0x08c8  usbhub - ok

17:58:47.0328 0x08c8  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

17:58:47.0328 0x08c8  usbohci - ok

17:58:47.0359 0x08c8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

17:58:47.0359 0x08c8  usbprint - ok

17:58:47.0375 0x08c8  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:58:47.0390 0x08c8  usbscan - ok

17:58:47.0421 0x08c8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:58:47.0421 0x08c8  USBSTOR - ok

17:58:47.0437 0x08c8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

17:58:47.0437 0x08c8  VgaSave - ok

17:58:47.0453 0x08c8  ViaIde - ok

17:58:47.0453 0x08c8  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

17:58:47.0468 0x08c8  VolSnap - ok

17:58:47.0515 0x08c8  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

17:58:47.0531 0x08c8  VSS - ok

17:58:47.0546 0x08c8  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

17:58:47.0546 0x08c8  W32Time - ok

17:58:47.0578 0x08c8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:58:47.0578 0x08c8  Wanarp - ok

17:58:47.0578 0x08c8  WDICA - ok

17:58:47.0625 0x08c8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

17:58:47.0625 0x08c8  wdmaud - ok

17:58:47.0656 0x08c8  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

17:58:47.0671 0x08c8  WebClient - ok

17:58:47.0750 0x08c8  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

17:58:47.0750 0x08c8  winmgmt - ok

17:58:47.0812 0x08c8  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

17:58:47.0812 0x08c8  WmdmPmSN - ok

17:58:47.0859 0x08c8  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

17:58:47.0875 0x08c8  Wmi - ok

17:58:47.0937 0x08c8  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

17:58:47.0937 0x08c8  WmiApSrv - ok

17:58:47.0984 0x08c8  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

17:58:47.0984 0x08c8  WpdUsb - ok

17:58:48.0109 0x08c8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:58:48.0125 0x08c8  WPFFontCache_v0400 - ok

17:58:48.0171 0x08c8  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

17:58:48.0171 0x08c8  WS2IFSL - ok

17:58:48.0218 0x08c8  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

17:58:48.0218 0x08c8  wscsvc - ok

17:58:48.0265 0x08c8  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

17:58:48.0265 0x08c8  wuauserv - ok

17:58:48.0437 0x08c8  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

17:58:48.0453 0x08c8  WZCSVC - ok

17:58:48.0484 0x08c8  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

17:58:48.0484 0x08c8  xmlprov - ok

17:58:48.0484 0x08c8  ================ Scan global ===============================

17:58:48.0531 0x08c8  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

17:58:48.0609 0x08c8  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

17:58:48.0656 0x08c8  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

17:58:48.0687 0x08c8  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

17:58:48.0687 0x08c8  [ Global ] - ok

17:58:48.0687 0x08c8  ================ Scan MBR ==================================

17:58:48.0703 0x08c8  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

17:58:48.0875 0x08c8  \Device\Harddisk0\DR0 - ok

17:58:48.0875 0x08c8  ================ Scan VBR ==================================

17:58:48.0875 0x08c8  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

17:58:48.0875 0x08c8  \Device\Harddisk0\DR0\Partition1 - ok

17:58:48.0875 0x08c8  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

17:58:48.0875 0x08c8  \Device\Harddisk0\DR0\Partition2 - ok

17:58:48.0890 0x08c8  ================ Scan generic autorun ======================

17:58:48.0968 0x08c8  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

17:58:48.0984 0x08c8  StartCCC - ok

17:58:49.0937 0x08c8  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

17:58:50.0375 0x08c8  RTHDCPL - ok

17:58:50.0484 0x08c8  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

17:58:50.0484 0x08c8  Adobe Reader Speed Launcher - ok

17:58:50.0609 0x08c8  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

17:58:50.0640 0x08c8  Adobe ARM - ok

17:58:50.0718 0x08c8  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

17:58:50.0718 0x08c8  HPDJ Taskbar Utility - ok

17:58:50.0828 0x08c8  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

17:58:50.0843 0x08c8  UVS11 Preload - ok

17:58:50.0906 0x08c8  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

17:58:50.0921 0x08c8  QuickTime Task - ok

17:58:50.0968 0x08c8  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

17:58:50.0968 0x08c8  OfficeKB - ok

17:58:50.0984 0x08c8  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

17:58:50.0984 0x08c8  KPDrv4XP - ok

17:58:50.0984 0x08c8  NvCplDaemon - ok

17:58:51.0000 0x08c8  NvMediaCenter - ok

17:58:51.0187 0x08c8  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

17:58:51.0250 0x08c8  nwiz - ok

17:58:51.0359 0x08c8  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

17:58:51.0375 0x08c8  Nvtmru - ok

17:58:51.0500 0x08c8  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

17:58:51.0515 0x08c8  avgnt - ok

17:58:51.0625 0x08c8  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

17:58:51.0640 0x08c8  TkBellExe - ok

17:58:51.0671 0x08c8  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

17:58:51.0671 0x08c8  CTFMON.EXE - ok

17:58:51.0843 0x08c8  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

17:58:51.0843 0x08c8  AmazonMP3DownloaderHelper - ok

17:58:51.0875 0x08c8  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

17:58:51.0875 0x08c8  ctfmon.exe - ok

17:58:51.0875 0x08c8  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

17:58:51.0875 0x08c8  CTFMON.EXE - ok

17:58:51.0890 0x08c8  AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated

17:58:51.0890 0x08c8  Win FW state via NFM: enabled

17:58:54.0250 0x08c8  ============================================================

17:58:54.0250 0x08c8  Scan finished

17:58:54.0250 0x08c8  ============================================================

17:58:54.0250 0x0d60  Detected object count: 0

17:58:54.0250 0x0d60  Actual detected object count: 0

18:00:09.0421 0x0fe8  ============================================================

18:00:09.0421 0x0fe8  Scan started

18:00:09.0421 0x0fe8  Mode: Manual; SigCheck; TDLFS; 

18:00:09.0421 0x0fe8  ============================================================

18:00:09.0421 0x0fe8  KSN ping started

18:00:22.0765 0x0fe8  KSN ping finished: true

18:00:23.0656 0x0fe8  ================ Scan system memory ========================

18:00:23.0656 0x0fe8  System memory - ok

18:00:23.0656 0x0fe8  ================ Scan services =============================

18:00:23.0750 0x0fe8  Abiosdsk - ok

18:00:23.0765 0x0fe8  abp480n5 - ok

18:00:23.0796 0x0fe8  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:00:24.0609 0x0fe8  ACPI - ok

18:00:24.0640 0x0fe8  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

18:00:24.0765 0x0fe8  ACPIEC - ok

18:00:24.0859 0x0fe8  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:00:24.0875 0x0fe8  AdobeFlashPlayerUpdateSvc - ok

18:00:24.0890 0x0fe8  adpu160m - ok

18:00:24.0906 0x0fe8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

18:00:25.0031 0x0fe8  aec - ok

18:00:25.0078 0x0fe8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

18:00:25.0125 0x0fe8  AFD - ok

18:00:25.0140 0x0fe8  Aha154x - ok

18:00:25.0140 0x0fe8  aic78u2 - ok

18:00:25.0156 0x0fe8  aic78xx - ok

18:00:25.0171 0x0fe8  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

18:00:25.0312 0x0fe8  Alerter - ok

18:00:25.0343 0x0fe8  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe

18:00:25.0406 0x0fe8  ALG - ok

18:00:25.0406 0x0fe8  AliIde - ok

18:00:25.0546 0x0fe8  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys

18:00:25.0703 0x0fe8  Ambfilt - ok

18:00:25.0718 0x0fe8  amsint - ok

18:00:25.0843 0x0fe8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe

18:00:25.0875 0x0fe8  AntiVirSchedulerService - ok

18:00:25.0921 0x0fe8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe

18:00:25.0953 0x0fe8  AntiVirService - ok

18:00:26.0000 0x0fe8  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

18:00:26.0078 0x0fe8  AppMgmt - ok

18:00:26.0078 0x0fe8  asc - ok

18:00:26.0078 0x0fe8  asc3350p - ok

18:00:26.0093 0x0fe8  asc3550 - ok

18:00:26.0203 0x0fe8  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:00:26.0218 0x0fe8  aspnet_state - ok

18:00:26.0250 0x0fe8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:00:26.0375 0x0fe8  AsyncMac - ok

18:00:26.0406 0x0fe8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

18:00:26.0531 0x0fe8  atapi - ok

18:00:26.0546 0x0fe8  Atdisk - ok

18:00:26.0625 0x0fe8  [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

18:00:26.0734 0x0fe8  Ati HotKey Poller - ok

18:00:26.0796 0x0fe8  [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

18:00:26.0859 0x0fe8  ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )

18:00:26.0859 0x0fe8  Detect skipped due to KSN trusted

18:00:26.0859 0x0fe8  ATI Smart - ok

18:00:27.0093 0x0fe8  [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

18:00:27.0328 0x0fe8  ati2mtag - ok

18:00:27.0375 0x0fe8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:00:27.0515 0x0fe8  Atmarpc - ok

18:00:27.0546 0x0fe8  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

18:00:27.0687 0x0fe8  AudioSrv - ok

18:00:27.0718 0x0fe8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

18:00:27.0843 0x0fe8  audstub - ok

18:00:27.0890 0x0fe8  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys

18:00:27.0921 0x0fe8  avgntflt - ok

18:00:27.0937 0x0fe8  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys

18:00:27.0953 0x0fe8  avipbb - ok

18:00:27.0968 0x0fe8  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys

18:00:27.0984 0x0fe8  avkmgr - ok

18:00:28.0015 0x0fe8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

18:00:28.0140 0x0fe8  Beep - ok

18:00:28.0218 0x0fe8  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll

18:00:28.0390 0x0fe8  BITS - ok

18:00:28.0437 0x0fe8  [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser         C:\WINDOWS\System32\browser.dll

18:00:28.0562 0x0fe8  Browser - ok

18:00:28.0625 0x0fe8  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

18:00:28.0640 0x0fe8  Capture Device Service - ok

18:00:28.0781 0x0fe8  catchme - ok

18:00:28.0812 0x0fe8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

18:00:28.0953 0x0fe8  cbidf2k - ok

18:00:28.0953 0x0fe8  cd20xrnt - ok

18:00:28.0968 0x0fe8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

18:00:29.0093 0x0fe8  Cdaudio - ok

18:00:29.0109 0x0fe8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

18:00:29.0234 0x0fe8  Cdfs - ok

18:00:29.0265 0x0fe8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:00:29.0406 0x0fe8  Cdrom - ok

18:00:29.0406 0x0fe8  Changer - ok

18:00:29.0453 0x0fe8  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

18:00:29.0578 0x0fe8  CiSvc - ok

18:00:29.0609 0x0fe8  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

18:00:29.0734 0x0fe8  ClipSrv - ok

18:00:29.0796 0x0fe8  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:00:29.0796 0x0fe8  clr_optimization_v2.0.50727_32 - ok

18:00:29.0843 0x0fe8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:00:29.0859 0x0fe8  clr_optimization_v4.0.30319_32 - ok

18:00:29.0875 0x0fe8  CmdIde - ok

18:00:29.0875 0x0fe8  COMSysApp - ok

18:00:29.0890 0x0fe8  Cpqarray - ok

18:00:29.0921 0x0fe8  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

18:00:30.0062 0x0fe8  CryptSvc - ok

18:00:30.0062 0x0fe8  dac2w2k - ok

18:00:30.0062 0x0fe8  dac960nt - ok

18:00:30.0140 0x0fe8  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

18:00:30.0218 0x0fe8  DcomLaunch - ok

18:00:30.0265 0x0fe8  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

18:00:30.0406 0x0fe8  Dhcp - ok

18:00:30.0437 0x0fe8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

18:00:30.0562 0x0fe8  Disk - ok

18:00:30.0578 0x0fe8  dmadmin - ok

18:00:30.0671 0x0fe8  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

18:00:30.0828 0x0fe8  dmboot - ok

18:00:30.0859 0x0fe8  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

18:00:31.0156 0x0fe8  dmio - ok

18:00:31.0187 0x0fe8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

18:00:31.0312 0x0fe8  dmload - ok

18:00:31.0343 0x0fe8  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll

18:00:31.0453 0x0fe8  dmserver - ok

18:00:31.0468 0x0fe8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

18:00:31.0593 0x0fe8  DMusic - ok

18:00:31.0640 0x0fe8  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

18:00:31.0671 0x0fe8  Dnscache - ok

18:00:31.0734 0x0fe8  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

18:00:31.0859 0x0fe8  Dot3svc - ok

18:00:31.0875 0x0fe8  dpti2o - ok

18:00:31.0890 0x0fe8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

18:00:32.0000 0x0fe8  drmkaud - ok

18:00:32.0046 0x0fe8  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll

18:00:32.0187 0x0fe8  EapHost - ok

18:00:32.0218 0x0fe8  [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

18:00:32.0234 0x0fe8  ElbyCDIO - ok

18:00:32.0265 0x0fe8  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

18:00:32.0421 0x0fe8  ERSvc - ok

18:00:32.0453 0x0fe8  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe

18:00:32.0484 0x0fe8  Eventlog - ok

18:00:32.0531 0x0fe8  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll

18:00:32.0578 0x0fe8  EventSystem - ok

18:00:32.0593 0x0fe8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

18:00:32.0718 0x0fe8  Fastfat - ok

18:00:32.0765 0x0fe8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:00:32.0812 0x0fe8  FastUserSwitchingCompatibility - ok

18:00:32.0843 0x0fe8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

18:00:32.0968 0x0fe8  Fdc - ok

18:00:32.0984 0x0fe8  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

18:00:33.0109 0x0fe8  Fips - ok

18:00:33.0125 0x0fe8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

18:00:33.0234 0x0fe8  Flpydisk - ok

18:00:33.0281 0x0fe8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

18:00:33.0406 0x0fe8  FltMgr - ok

18:00:33.0468 0x0fe8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:00:33.0484 0x0fe8  FontCache3.0.0.0 - ok

18:00:33.0593 0x0fe8  [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

18:00:33.0593 0x0fe8  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

18:00:33.0593 0x0fe8  Detect skipped due to KSN trusted

18:00:33.0593 0x0fe8  Freemake Improver - ok

18:00:33.0671 0x0fe8  [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

18:00:33.0687 0x0fe8  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

18:00:33.0687 0x0fe8  Detect skipped due to KSN trusted

18:00:33.0687 0x0fe8  FreemakeVideoCapture - ok

18:00:33.0703 0x0fe8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:00:33.0828 0x0fe8  Fs_Rec - ok

18:00:33.0843 0x0fe8  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:00:33.0968 0x0fe8  Ftdisk - ok

18:00:34.0015 0x0fe8  [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper   C:\Programme\NOS\bin\getPlus_Helper.dll

18:00:34.0031 0x0fe8  getPlusHelper - ok

18:00:34.0062 0x0fe8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:00:34.0187 0x0fe8  Gpc - ok

18:00:34.0250 0x0fe8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

18:00:34.0265 0x0fe8  gupdate - ok

18:00:34.0265 0x0fe8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

18:00:34.0281 0x0fe8  gupdatem - ok

18:00:34.0312 0x0fe8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

18:00:34.0328 0x0fe8  gusvc - ok

18:00:34.0375 0x0fe8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:00:34.0500 0x0fe8  HDAudBus - ok

18:00:34.0562 0x0fe8  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:00:34.0687 0x0fe8  helpsvc - ok

18:00:34.0734 0x0fe8  [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt        C:\WINDOWS\system32\drivers\HIDKbFlt.sys

18:00:34.0734 0x0fe8  HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )

18:00:34.0734 0x0fe8  Detect skipped due to KSN trusted

18:00:34.0734 0x0fe8  HIDKbFlt - ok

18:00:34.0781 0x0fe8  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll

18:00:34.0890 0x0fe8  HidServ - ok

18:00:34.0921 0x0fe8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:00:35.0046 0x0fe8  HidUsb - ok

18:00:35.0093 0x0fe8  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

18:00:35.0218 0x0fe8  hkmsvc - ok

18:00:35.0218 0x0fe8  hpn - ok

18:00:35.0265 0x0fe8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

18:00:35.0312 0x0fe8  HTTP - ok

18:00:35.0343 0x0fe8  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

18:00:35.0468 0x0fe8  HTTPFilter - ok

18:00:35.0484 0x0fe8  i2omgmt - ok

18:00:35.0484 0x0fe8  i2omp - ok

18:00:35.0515 0x0fe8  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:00:35.0640 0x0fe8  i8042prt - ok

18:00:35.0765 0x0fe8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:00:35.0812 0x0fe8  idsvc - ok

18:00:35.0843 0x0fe8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

18:00:35.0953 0x0fe8  Imapi - ok

18:00:36.0000 0x0fe8  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe

18:00:36.0125 0x0fe8  ImapiService - ok

18:00:36.0140 0x0fe8  ini910u - ok

18:00:36.0468 0x0fe8  [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

18:00:36.0796 0x0fe8  IntcAzAudAddService - ok

18:00:36.0828 0x0fe8  IntelIde - ok

18:00:36.0859 0x0fe8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

18:00:36.0984 0x0fe8  Ip6Fw - ok

18:00:37.0015 0x0fe8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:00:37.0156 0x0fe8  IpFilterDriver - ok

18:00:37.0171 0x0fe8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:00:37.0296 0x0fe8  IpInIp - ok

18:00:37.0343 0x0fe8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:00:37.0468 0x0fe8  IpNat - ok

18:00:37.0484 0x0fe8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:00:37.0625 0x0fe8  IPSec - ok

18:00:37.0640 0x0fe8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

18:00:37.0718 0x0fe8  IRENUM - ok

18:00:37.0734 0x0fe8  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:00:37.0843 0x0fe8  isapnp - ok

18:00:37.0890 0x0fe8  [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

18:00:37.0906 0x0fe8  Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )

18:00:37.0906 0x0fe8  Detect skipped due to KSN trusted

18:00:37.0906 0x0fe8  Iviaspi - ok

18:00:37.0921 0x0fe8  [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD           C:\WINDOWS\system32\DRIVERS\iviVD.sys

18:00:37.0984 0x0fe8  iviVD - ok

18:00:38.0015 0x0fe8  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:00:38.0140 0x0fe8  Kbdclass - ok

18:00:38.0171 0x0fe8  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:00:38.0296 0x0fe8  kbdhid - ok

18:00:38.0328 0x0fe8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

18:00:38.0453 0x0fe8  kmixer - ok

18:00:38.0500 0x0fe8  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

18:00:38.0546 0x0fe8  KSecDD - ok

18:00:38.0593 0x0fe8  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

18:00:38.0625 0x0fe8  lanmanserver - ok

18:00:38.0671 0x0fe8  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:00:38.0703 0x0fe8  lanmanworkstation - ok

18:00:38.0703 0x0fe8  lbrtfdc - ok

18:00:38.0750 0x0fe8  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

18:00:38.0875 0x0fe8  LmHosts - ok

18:00:38.0906 0x0fe8  [ FFB32E70D735146F5630DC7A96B6E1A8, DE1A8CF40FB077FA9AB04D4C292DBD8E42643A822CA5C4B90EC992802EF6765E ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

18:00:38.0921 0x0fe8  mbamchameleon - ok

18:00:38.0953 0x0fe8  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

18:00:38.0968 0x0fe8  MBAMSwissArmy - ok

18:00:39.0062 0x0fe8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

18:00:39.0093 0x0fe8  MDM - ok

18:00:39.0109 0x0fe8  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

18:00:39.0250 0x0fe8  Messenger - ok

18:00:39.0281 0x0fe8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

18:00:39.0390 0x0fe8  mnmdd - ok

18:00:39.0421 0x0fe8  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

18:00:39.0546 0x0fe8  mnmsrvc - ok

18:00:39.0593 0x0fe8  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

18:00:39.0718 0x0fe8  Modem - ok

18:00:39.0828 0x0fe8  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys

18:00:39.0921 0x0fe8  Monfilt - ok

18:00:39.0953 0x0fe8  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:00:40.0062 0x0fe8  Mouclass - ok

18:00:40.0078 0x0fe8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

18:00:40.0203 0x0fe8  MountMgr - ok

18:00:40.0265 0x0fe8  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

18:00:40.0281 0x0fe8  MozillaMaintenance - ok

18:00:40.0281 0x0fe8  mraid35x - ok

18:00:40.0296 0x0fe8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:00:40.0437 0x0fe8  MRxDAV - ok

18:00:40.0500 0x0fe8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:00:40.0578 0x0fe8  MRxSmb - ok

18:00:40.0609 0x0fe8  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe

18:00:40.0718 0x0fe8  MSDTC - ok

18:00:40.0734 0x0fe8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

18:00:40.0859 0x0fe8  Msfs - ok

18:00:40.0859 0x0fe8  MSIServer - ok

18:00:40.0906 0x0fe8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:00:41.0015 0x0fe8  MSKSSRV - ok

18:00:41.0031 0x0fe8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:00:41.0140 0x0fe8  MSPCLOCK - ok

18:00:41.0140 0x0fe8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

18:00:41.0250 0x0fe8  MSPQM - ok

18:00:41.0281 0x0fe8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:00:41.0390 0x0fe8  mssmbios - ok

18:00:41.0437 0x0fe8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

18:00:41.0484 0x0fe8  Mup - ok

18:00:41.0531 0x0fe8  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll

18:00:41.0656 0x0fe8  napagent - ok

18:00:41.0718 0x0fe8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

18:00:41.0843 0x0fe8  NDIS - ok

18:00:41.0875 0x0fe8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:00:41.0921 0x0fe8  NdisTapi - ok

18:00:41.0937 0x0fe8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:00:42.0031 0x0fe8  Ndisuio - ok

18:00:42.0046 0x0fe8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:00:42.0171 0x0fe8  NdisWan - ok

18:00:42.0203 0x0fe8  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

18:00:42.0281 0x0fe8  NDProxy - ok

18:00:42.0312 0x0fe8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

18:00:42.0437 0x0fe8  NetBIOS - ok

18:00:42.0453 0x0fe8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

18:00:42.0578 0x0fe8  NetBT - ok

18:00:42.0609 0x0fe8  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe

18:00:42.0734 0x0fe8  NetDDE - ok

18:00:42.0750 0x0fe8  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

18:00:42.0859 0x0fe8  NetDDEdsdm - ok

18:00:42.0906 0x0fe8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe

18:00:43.0015 0x0fe8  Netlogon - ok

18:00:43.0031 0x0fe8  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll

18:00:43.0156 0x0fe8  Netman - ok

18:00:43.0203 0x0fe8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:00:43.0218 0x0fe8  NetTcpPortSharing - ok

18:00:43.0250 0x0fe8  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll

18:00:43.0296 0x0fe8  Nla - ok

18:00:43.0359 0x0fe8  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

18:00:43.0375 0x0fe8  NMSAccess - ok

18:00:43.0421 0x0fe8  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\WINDOWS\system32\drivers\npf.sys

18:00:43.0421 0x0fe8  npf - ok

18:00:43.0468 0x0fe8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

18:00:43.0593 0x0fe8  Npfs - ok

18:00:43.0640 0x0fe8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

18:00:43.0812 0x0fe8  Ntfs - ok

18:00:43.0843 0x0fe8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

18:00:43.0968 0x0fe8  NtLmSsp - ok

18:00:44.0046 0x0fe8  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

18:00:44.0187 0x0fe8  NtmsSvc - ok

18:00:44.0218 0x0fe8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

18:00:44.0328 0x0fe8  Null - ok

18:00:44.0937 0x0fe8  [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:00:45.0515 0x0fe8  nv - ok

18:00:45.0578 0x0fe8  [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys

18:00:45.0593 0x0fe8  NVHDA - ok

18:00:45.0640 0x0fe8  [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

18:00:45.0656 0x0fe8  NVSvc - ok

18:00:45.0843 0x0fe8  [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:00:45.0953 0x0fe8  nvUpdatusService - ok

18:00:45.0984 0x0fe8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:00:46.0109 0x0fe8  NwlnkFlt - ok

18:00:46.0125 0x0fe8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:00:46.0234 0x0fe8  NwlnkFwd - ok

18:00:46.0281 0x0fe8  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

18:00:46.0390 0x0fe8  Parport - ok

18:00:46.0406 0x0fe8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

18:00:46.0515 0x0fe8  PartMgr - ok

18:00:46.0562 0x0fe8  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

18:00:46.0671 0x0fe8  ParVdm - ok

18:00:46.0703 0x0fe8  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

18:00:46.0843 0x0fe8  PCI - ok

18:00:46.0843 0x0fe8  PCIDump - ok

18:00:46.0875 0x0fe8  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

18:00:47.0000 0x0fe8  PCIIde - ok

18:00:47.0031 0x0fe8  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

18:00:47.0140 0x0fe8  Pcmcia - ok

18:00:47.0156 0x0fe8  PDCOMP - ok

18:00:47.0156 0x0fe8  PDFRAME - ok

18:00:47.0156 0x0fe8  PDRELI - ok

18:00:47.0171 0x0fe8  PDRFRAME - ok

18:00:47.0171 0x0fe8  perc2 - ok

18:00:47.0187 0x0fe8  perc2hib - ok

18:00:47.0218 0x0fe8  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe

18:00:47.0234 0x0fe8  PlugPlay - ok

18:00:47.0265 0x0fe8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

18:00:47.0359 0x0fe8  PolicyAgent - ok

18:00:47.0375 0x0fe8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:00:47.0484 0x0fe8  PptpMiniport - ok

18:00:47.0500 0x0fe8  [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

18:00:47.0609 0x0fe8  Processor - ok

18:00:47.0609 0x0fe8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:00:47.0718 0x0fe8  ProtectedStorage - ok

18:00:47.0734 0x0fe8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

18:00:47.0859 0x0fe8  PSched - ok

18:00:47.0890 0x0fe8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:00:48.0000 0x0fe8  Ptilink - ok

18:00:48.0000 0x0fe8  ql1080 - ok

18:00:48.0015 0x0fe8  Ql10wnt - ok

18:00:48.0015 0x0fe8  ql12160 - ok

18:00:48.0031 0x0fe8  ql1240 - ok

18:00:48.0031 0x0fe8  ql1280 - ok

18:00:48.0046 0x0fe8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:00:48.0156 0x0fe8  RasAcd - ok

18:00:48.0187 0x0fe8  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

18:00:48.0312 0x0fe8  RasAuto - ok

18:00:48.0328 0x0fe8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:00:48.0453 0x0fe8  Rasl2tp - ok

18:00:48.0500 0x0fe8  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll

18:00:48.0609 0x0fe8  RasMan - ok

18:00:48.0640 0x0fe8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:00:48.0750 0x0fe8  RasPppoe - ok

18:00:48.0765 0x0fe8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

18:00:49.0078 0x0fe8  Raspti - ok

18:00:49.0140 0x0fe8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:00:49.0265 0x0fe8  Rdbss - ok

18:00:49.0281 0x0fe8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:00:49.0390 0x0fe8  RDPCDD - ok

18:00:49.0421 0x0fe8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:00:49.0531 0x0fe8  rdpdr - ok

18:00:49.0578 0x0fe8  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

18:00:49.0640 0x0fe8  RDPWD - ok

18:00:49.0671 0x0fe8  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

18:00:49.0796 0x0fe8  RDSessMgr - ok

18:00:49.0921 0x0fe8  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

18:00:49.0937 0x0fe8  RealNetworks Downloader Resolver Service - ok

18:00:49.0968 0x0fe8  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

18:00:50.0109 0x0fe8  redbook - ok

18:00:50.0171 0x0fe8  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

18:00:50.0296 0x0fe8  RemoteAccess - ok

18:00:50.0343 0x0fe8  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

18:00:50.0453 0x0fe8  RemoteRegistry - ok

18:00:50.0484 0x0fe8  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe

18:00:50.0593 0x0fe8  RpcLocator - ok

18:00:50.0640 0x0fe8  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\System32\rpcss.dll

18:00:50.0671 0x0fe8  RpcSs - ok

18:00:50.0718 0x0fe8  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe

18:00:50.0843 0x0fe8  RSVP - ok

18:00:50.0890 0x0fe8  [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

18:00:50.0937 0x0fe8  RTLE8023xp - ok

18:00:50.0953 0x0fe8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe

18:00:51.0062 0x0fe8  SamSs - ok

18:00:51.0109 0x0fe8  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

18:00:51.0234 0x0fe8  SCardSvr - ok

18:00:51.0281 0x0fe8  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll

18:00:51.0390 0x0fe8  Schedule - ok

18:00:51.0421 0x0fe8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:00:51.0484 0x0fe8  Secdrv - ok

18:00:51.0515 0x0fe8  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll

18:00:51.0625 0x0fe8  seclogon - ok

18:00:51.0656 0x0fe8  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll

18:00:51.0765 0x0fe8  SENS - ok

18:00:51.0796 0x0fe8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

18:00:51.0906 0x0fe8  serenum - ok

18:00:51.0921 0x0fe8  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

18:00:52.0046 0x0fe8  Serial - ok

18:00:52.0078 0x0fe8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

18:00:52.0203 0x0fe8  Sfloppy - ok

18:00:52.0250 0x0fe8  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

18:00:52.0406 0x0fe8  SharedAccess - ok

18:00:52.0437 0x0fe8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:00:52.0453 0x0fe8  ShellHWDetection - ok

18:00:52.0453 0x0fe8  Simbad - ok

18:00:52.0468 0x0fe8  Sparrow - ok

18:00:52.0500 0x0fe8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

18:00:52.0609 0x0fe8  splitter - ok

18:00:52.0656 0x0fe8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

18:00:52.0687 0x0fe8  Spooler - ok

18:00:52.0718 0x0fe8  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

18:00:52.0781 0x0fe8  sr - ok

18:00:52.0828 0x0fe8  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll

18:00:52.0906 0x0fe8  srservice - ok

18:00:52.0968 0x0fe8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

18:00:53.0046 0x0fe8  Srv - ok

18:00:53.0093 0x0fe8  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

18:00:53.0171 0x0fe8  SSDPSRV - ok

18:00:53.0187 0x0fe8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

18:00:53.0203 0x0fe8  ssmdrv - ok

18:00:53.0234 0x0fe8  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

18:00:53.0250 0x0fe8  ss_bbus - ok

18:00:53.0296 0x0fe8  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

18:00:53.0296 0x0fe8  ss_bmdfl - ok

18:00:53.0343 0x0fe8  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

18:00:53.0359 0x0fe8  ss_bmdm - ok

18:00:53.0406 0x0fe8  [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd        C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

18:00:53.0406 0x0fe8  ss_bserd - ok

18:00:53.0468 0x0fe8  [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

18:00:53.0484 0x0fe8  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

18:00:53.0484 0x0fe8  Detect skipped due to KSN trusted

18:00:53.0484 0x0fe8  StarOpen - ok

18:00:53.0546 0x0fe8  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

18:00:53.0703 0x0fe8  stisvc - ok

18:00:53.0750 0x0fe8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

18:00:53.0859 0x0fe8  swenum - ok

18:00:53.0875 0x0fe8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

18:00:54.0000 0x0fe8  swmidi - ok

18:00:54.0000 0x0fe8  SwPrv - ok

18:00:54.0015 0x0fe8  symc810 - ok

18:00:54.0015 0x0fe8  symc8xx - ok

18:00:54.0015 0x0fe8  sym_hi - ok

18:00:54.0031 0x0fe8  sym_u3 - ok

18:00:54.0046 0x0fe8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

18:00:54.0171 0x0fe8  sysaudio - ok

18:00:54.0203 0x0fe8  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

18:00:54.0328 0x0fe8  SysmonLog - ok

18:00:54.0375 0x0fe8  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

18:00:54.0500 0x0fe8  TapiSrv - ok

18:00:54.0562 0x0fe8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:00:54.0625 0x0fe8  Tcpip - ok

18:00:54.0656 0x0fe8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

18:00:54.0750 0x0fe8  TDPIPE - ok

18:00:54.0781 0x0fe8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

18:00:54.0890 0x0fe8  TDTCP - ok

18:00:54.0906 0x0fe8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

18:00:55.0000 0x0fe8  TermDD - ok

18:00:55.0062 0x0fe8  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll

18:00:55.0359 0x0fe8  TermService - ok

18:00:55.0390 0x0fe8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll

18:00:55.0406 0x0fe8  Themes - ok

18:00:55.0437 0x0fe8  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

18:00:55.0515 0x0fe8  TlntSvr - ok

18:00:55.0515 0x0fe8  TosIde - ok

18:00:55.0562 0x0fe8  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

18:00:55.0687 0x0fe8  TrkWks - ok

18:00:55.0703 0x0fe8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

18:00:55.0812 0x0fe8  Udfs - ok

18:00:55.0890 0x0fe8  [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

18:00:55.0906 0x0fe8  UleadBurningHelper - ok

18:00:55.0906 0x0fe8  ultra - ok

18:00:55.0953 0x0fe8  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

18:00:55.0984 0x0fe8  UMWdf - ok

18:00:56.0046 0x0fe8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

18:00:56.0187 0x0fe8  Update - ok

18:00:56.0234 0x0fe8  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll

18:00:56.0296 0x0fe8  upnphost - ok

18:00:56.0328 0x0fe8  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe

18:00:56.0453 0x0fe8  UPS - ok

18:00:56.0484 0x0fe8  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

18:00:56.0609 0x0fe8  usbaudio - ok

18:00:56.0640 0x0fe8  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:00:56.0750 0x0fe8  usbccgp - ok

18:00:56.0781 0x0fe8  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:00:56.0890 0x0fe8  usbehci - ok

18:00:56.0937 0x0fe8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:00:57.0046 0x0fe8  usbhub - ok

18:00:57.0062 0x0fe8  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:00:57.0171 0x0fe8  usbohci - ok

18:00:57.0187 0x0fe8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:00:57.0312 0x0fe8  usbprint - ok

18:00:57.0343 0x0fe8  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:00:57.0468 0x0fe8  usbscan - ok

18:00:57.0500 0x0fe8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:00:57.0609 0x0fe8  USBSTOR - ok

18:00:57.0656 0x0fe8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

18:00:57.0765 0x0fe8  VgaSave - ok

18:00:57.0765 0x0fe8  ViaIde - ok

18:00:57.0796 0x0fe8  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

18:00:57.0890 0x0fe8  VolSnap - ok

18:00:57.0953 0x0fe8  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe

18:00:58.0031 0x0fe8  VSS - ok

18:00:58.0062 0x0fe8  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll

18:00:58.0171 0x0fe8  W32Time - ok

18:00:58.0218 0x0fe8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:00:58.0328 0x0fe8  Wanarp - ok

18:00:58.0328 0x0fe8  WDICA - ok

18:00:58.0375 0x0fe8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

18:00:58.0484 0x0fe8  wdmaud - ok

18:00:58.0515 0x0fe8  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll

18:00:58.0625 0x0fe8  WebClient - ok

18:00:58.0718 0x0fe8  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

18:00:58.0828 0x0fe8  winmgmt - ok

18:00:58.0890 0x0fe8  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

18:00:58.0921 0x0fe8  WmdmPmSN - ok

18:00:58.0984 0x0fe8  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll

18:00:59.0031 0x0fe8  Wmi - ok

18:00:59.0078 0x0fe8  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:00:59.0203 0x0fe8  WmiApSrv - ok

18:00:59.0250 0x0fe8  [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys

18:00:59.0265 0x0fe8  WpdUsb - ok

18:00:59.0390 0x0fe8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:00:59.0437 0x0fe8  WPFFontCache_v0400 - ok

18:00:59.0468 0x0fe8  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:00:59.0593 0x0fe8  WS2IFSL - ok

18:00:59.0625 0x0fe8  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

18:00:59.0750 0x0fe8  wscsvc - ok

18:00:59.0765 0x0fe8  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

18:00:59.0875 0x0fe8  wuauserv - ok

18:00:59.0953 0x0fe8  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

18:01:00.0109 0x0fe8  WZCSVC - ok

18:01:00.0140 0x0fe8  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

18:01:00.0265 0x0fe8  xmlprov - ok

18:01:00.0265 0x0fe8  ================ Scan global ===============================

18:01:00.0281 0x0fe8  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll

18:01:00.0343 0x0fe8  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

18:01:00.0375 0x0fe8  [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll

18:01:00.0390 0x0fe8  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe

18:01:00.0406 0x0fe8  [ Global ] - ok

18:01:00.0406 0x0fe8  ================ Scan MBR ==================================

18:01:00.0421 0x0fe8  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

18:01:00.0640 0x0fe8  \Device\Harddisk0\DR0 - ok

18:01:00.0640 0x0fe8  ================ Scan VBR ==================================

18:01:00.0640 0x0fe8  [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1

18:01:00.0640 0x0fe8  \Device\Harddisk0\DR0\Partition1 - ok

18:01:00.0640 0x0fe8  [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2

18:01:00.0640 0x0fe8  \Device\Harddisk0\DR0\Partition2 - ok

18:01:00.0640 0x0fe8  ================ Scan generic autorun ======================

18:01:00.0750 0x0fe8  [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

18:01:00.0750 0x0fe8  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

18:01:00.0750 0x0fe8  Detect skipped due to KSN trusted

18:01:00.0750 0x0fe8  StartCCC - ok

18:01:01.0718 0x0fe8  [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE

18:01:02.0796 0x0fe8  RTHDCPL - ok

18:01:02.0937 0x0fe8  [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe

18:01:02.0937 0x0fe8  Adobe Reader Speed Launcher - ok

18:01:03.0062 0x0fe8  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

18:01:03.0125 0x0fe8  Adobe ARM - ok

18:01:03.0187 0x0fe8  [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

18:01:03.0281 0x0fe8  HPDJ Taskbar Utility - ok

18:01:03.0390 0x0fe8  [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

18:01:03.0406 0x0fe8  UVS11 Preload - ok

18:01:03.0500 0x0fe8  [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe

18:01:03.0515 0x0fe8  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

18:01:03.0515 0x0fe8  Detect skipped due to KSN trusted

18:01:03.0515 0x0fe8  QuickTime Task - ok

18:01:03.0578 0x0fe8  [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE

18:01:03.0578 0x0fe8  OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )

18:01:03.0656 0x0fe8  OfficeKB ( UnsignedFile.Multi.Generic ) - warning

18:01:06.0031 0x0fe8  [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe

18:01:06.0031 0x0fe8  KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )

18:01:06.0031 0x0fe8  KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning

18:01:08.0359 0x0fe8  NvCplDaemon - ok

18:01:08.0359 0x0fe8  NvMediaCenter - ok

18:01:08.0531 0x0fe8  [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe

18:01:08.0656 0x0fe8  nwiz - ok

18:01:08.0750 0x0fe8  [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

18:01:08.0812 0x0fe8  Nvtmru - ok

18:01:08.0906 0x0fe8  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe

18:01:08.0937 0x0fe8  avgnt - ok

18:01:09.0062 0x0fe8  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe

18:01:09.0078 0x0fe8  TkBellExe - ok

18:01:09.0109 0x0fe8  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

18:01:09.0234 0x0fe8  CTFMON.EXE - ok

18:01:09.0390 0x0fe8  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

18:01:09.0421 0x0fe8  AmazonMP3DownloaderHelper - ok

18:01:09.0437 0x0fe8  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe

18:01:09.0546 0x0fe8  ctfmon.exe - ok

18:01:09.0546 0x0fe8  [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE

18:01:09.0656 0x0fe8  CTFMON.EXE - ok

18:01:09.0671 0x0fe8  AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated

18:01:09.0671 0x0fe8  Win FW state via NFM: enabled

18:01:12.0031 0x0fe8  ============================================================

18:01:12.0031 0x0fe8  Scan finished

18:01:12.0031 0x0fe8  ============================================================

18:01:12.0031 0x0d00  Detected object count: 2

18:01:12.0031 0x0d00  Actual detected object count: 2

18:01:44.0078 0x0d00  OfficeKB ( UnsignedFile.Multi.Generic ) - skipped by user

18:01:44.0078 0x0d00  OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:01:44.0078 0x0d00  KPDrv4XP ( UnsignedFile.Multi.Generic ) - skipped by user

18:01:44.0078 0x0d00  KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Skip

mysteryPC

19.03.2015 21:16

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015

Ran by Slim (administrator) on SLIM-36FB768E46 on 19-03-2015 18:05:49

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Loaded Profiles: Slim & UpdatusUser &  (Available profiles: Slim & UpdatusUser)

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

(Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE

(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe

() C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

(Freemake) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

() C:\Programme\CDBurnerXP\NMSAccessU.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe

(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe

(RealNetworks, Inc.) C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP)

HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation)

HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)

HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.)

HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] ()

HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)

HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk

ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.

URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12]

FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06]

FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06]
 

Chrome: 

=======

CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11]

CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]

R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)

R2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]

R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]

S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google)

R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-03-13] (Mozilla Foundation)

R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()

R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)

R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)

R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed]

R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]

R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-19] (Malwarebytes Corporation)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)

R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation)

R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)

S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)

S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)

S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)

S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]

S3 catchme; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\catchme.sys [X]

S4 IntelIde; No ImagePath

U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-19 18:05 - 2015-03-19 18:06 - 00022520 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\FRST.txt

2015-03-19 16:07 - 2015-03-19 16:11 - 00008295 _____ () C:\WINDOWS\KB2930275.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00008107 _____ () C:\WINDOWS\KB2859537.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00007782 _____ () C:\WINDOWS\KB2876217.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00007778 _____ () C:\WINDOWS\KB2864063.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00007777 _____ () C:\WINDOWS\KB2862152.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00007775 _____ () C:\WINDOWS\KB2850869.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00007774 _____ () C:\WINDOWS\KB2876331.log

2015-03-19 16:07 - 2015-03-19 16:11 - 00007682 _____ () C:\WINDOWS\KB2780091.log

2015-03-19 16:06 - 2015-03-19 16:11 - 00007775 _____ () C:\WINDOWS\KB2893294.log

2015-03-19 16:06 - 2015-03-19 16:11 - 00007682 _____ () C:\WINDOWS\KB2757638.log

2015-03-19 16:06 - 2015-03-19 16:11 - 00007677 _____ () C:\WINDOWS\KB2820917.log

2015-03-19 16:06 - 2015-03-19 16:10 - 00007683 _____ () C:\WINDOWS\KB2719985.log

2015-03-19 16:06 - 2015-03-19 16:10 - 00007676 _____ () C:\WINDOWS\KB2749655.log

2015-03-19 16:00 - 2015-03-19 16:10 - 00007677 _____ () C:\WINDOWS\KB2653956.log

2015-03-19 15:52 - 2015-03-19 16:10 - 00007777 _____ () C:\WINDOWS\KB2892075.log

2015-03-19 15:51 - 2015-03-19 16:10 - 00007679 _____ () C:\WINDOWS\KB2619339.log

2015-03-19 15:50 - 2015-03-19 16:10 - 00008537 _____ () C:\WINDOWS\KB2813345.log

2015-03-19 15:50 - 2015-03-19 16:10 - 00007779 _____ () C:\WINDOWS\KB2705219-v2.log

2015-03-19 15:50 - 2015-03-19 16:10 - 00007676 _____ () C:\WINDOWS\KB2727528.log

2015-03-19 15:49 - 2015-03-19 16:09 - 00009284 _____ () C:\WINDOWS\KB2676562.log

2015-03-19 15:43 - 2015-03-19 16:09 - 00007766 _____ () C:\WINDOWS\KB2620712.log

2015-03-19 15:41 - 2015-03-19 15:41 - 00006051 _____ () C:\WINDOWS\KB2802968.log

2015-03-19 15:41 - 2015-03-19 15:41 - 00006048 _____ () C:\WINDOWS\KB2868626.log

2015-03-19 15:40 - 2015-03-19 15:40 - 00006053 _____ () C:\WINDOWS\KB2916036.log

2015-03-19 15:40 - 2015-03-19 15:40 - 00006052 _____ () C:\WINDOWS\KB2922229.log

2015-03-19 15:40 - 2015-03-19 15:40 - 00006052 _____ () C:\WINDOWS\KB2898715.log

2015-03-19 15:40 - 2015-03-19 15:40 - 00006051 _____ () C:\WINDOWS\KB2847311.log

2015-03-19 15:40 - 2015-03-19 15:40 - 00006047 _____ () C:\WINDOWS\KB2929961.log

2015-03-19 15:39 - 2015-03-19 15:39 - 00006003 _____ () C:\WINDOWS\KB2691442.log

2015-03-19 15:39 - 2015-03-19 15:39 - 00005848 _____ () C:\WINDOWS\KB2712808.log

2015-03-19 15:38 - 2015-03-19 15:39 - 00005751 _____ () C:\WINDOWS\KB2585542.log

2015-03-19 15:38 - 2015-03-19 15:38 - 00005655 _____ () C:\WINDOWS\KB2631813.log

2015-03-19 15:38 - 2015-03-19 15:38 - 00005548 _____ () C:\WINDOWS\KB2655992.log

2015-03-19 15:38 - 2015-03-19 15:38 - 00005452 _____ () C:\WINDOWS\KB2598479.log

2015-03-19 15:37 - 2015-03-19 16:00 - 00007057 _____ () C:\WINDOWS\KB2584146.log

2015-03-19 15:29 - 2015-03-19 15:37 - 00000000 ____D () C:\WINDOWS\LastGood

2015-03-19 15:29 - 2015-03-19 15:29 - 00000349 _____ () C:\WINDOWS\setupapi.log

2015-03-15 19:16 - 2015-03-15 19:16 - 00852604 _____ () C:\SecurityCheck.exe

2015-03-14 17:40 - 2015-03-14 17:40 - 00039466 _____ () C:\Addition.txt

2015-03-14 17:39 - 2015-03-14 17:40 - 00035743 _____ () C:\FRST.txt

2015-03-14 17:39 - 2015-03-14 17:39 - 01135104 _____ (Farbar) C:\Dokumente und Einstellungen\Slim\Desktop\FRST.exe

2015-03-14 17:35 - 2015-03-14 17:35 - 00000727 _____ () C:\JRT.txt

2015-03-14 17:31 - 2015-03-14 17:31 - 01388333 _____ (Thisisu) C:\Dokumente und Einstellungen\Slim\Desktop\JRT.exe

2015-03-13 16:00 - 2015-03-13 16:00 - 00000000 ____D () C:\Programme\Mozilla Firefox

2015-03-13 15:29 - 2015-03-14 17:21 - 00000000 ____D () C:\AdwCleaner

2015-03-13 15:01 - 2015-03-13 15:01 - 00001222 _____ () C:\mbam.txt. für schrauber.txt

2015-03-13 14:34 - 2015-03-13 14:34 - 00000756 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-13 14:34 - 2015-03-13 14:34 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware

2015-03-13 14:34 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-03-12 16:44 - 2015-03-12 16:44 - 00000422 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Verknüpfung mit ComboFix.lnk

2015-03-12 16:25 - 2015-03-19 18:06 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00022597 _____ () C:\ComboFix.txt

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp

2015-03-12 16:15 - 2015-03-12 16:15 - 00000000 _RSHD () C:\cmdcons

2015-03-12 16:15 - 2010-01-13 20:32 - 00000211 _____ () C:\Boot.bak

2015-03-12 16:15 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr

2015-03-12 16:06 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe

2015-03-12 16:06 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe

2015-03-12 16:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe

2015-03-12 16:05 - 2015-03-12 16:25 - 00000000 ____D () C:\Qoobox

2015-03-12 16:05 - 2015-03-12 16:05 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Verwaltung

2015-03-12 16:04 - 2015-03-12 16:24 - 00000000 ____D () C:\WINDOWS\erdnt

2015-03-12 16:04 - 2015-03-12 16:03 - 05613296 ____R (Swearware) C:\ComboFix.exe

2015-03-11 19:08 - 2015-03-11 19:08 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-03-11 07:39 - 2015-03-11 07:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Slim\Desktop\tdsskiller.exe

2015-03-09 14:24 - 2015-03-13 14:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

2015-03-09 14:23 - 2015-03-19 17:14 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-03-09 14:23 - 2015-03-13 08:48 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)

2015-03-09 14:20 - 2015-03-10 11:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Desktop\mbar

2015-03-09 14:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-03-09 13:57 - 2015-03-09 13:57 - 00000896 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Revo Uninstaller.lnk

2015-03-09 13:57 - 2015-03-09 13:57 - 00000000 ____D () C:\Programme\VS Revo Group

2015-03-09 07:59 - 2015-03-09 07:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Ulead VideoStudio

2015-03-09 07:24 - 2015-03-09 07:24 - 00000060 _____ () C:\WINDOWS\setupact.log

2015-03-09 07:24 - 2015-03-09 07:24 - 00000000 _____ () C:\WINDOWS\setuperr.log

2015-03-09 06:58 - 2015-03-09 06:58 - 00000000 ___DC () C:\NVIDIA

2015-03-08 21:03 - 2015-03-09 06:59 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$

2015-03-08 21:01 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$

2015-03-08 20:58 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB941569$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$

2015-03-08 20:00 - 2015-03-19 18:05 - 00000000 ____D () C:\FRST

2015-03-08 16:59 - 2015-03-09 07:05 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$

2015-03-08 16:52 - 2015-03-09 07:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$

2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$

2015-03-08 16:47 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$

2015-03-08 16:46 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$

2015-03-08 16:41 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$

2015-03-08 16:40 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$

2015-03-08 16:14 - 2015-03-09 07:13 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$

2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\IETldCache
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-19 18:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-19 18:03 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-19 18:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-19 17:57 - 2013-10-08 13:38 - 00009362 _____ () C:\WINDOWS\system32\nvAppTimestamps

2015-03-19 16:54 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2015-03-19 16:06 - 2010-01-13 20:38 - 01692845 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-19 15:41 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$

2015-03-19 15:30 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf

2015-03-19 15:30 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService

2015-03-19 15:29 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration

2015-03-19 15:11 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-19 15:11 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-19 15:11 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-19 15:11 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl

2015-03-19 15:09 - 2010-01-13 20:31 - 00000157 _____ () C:\WINDOWS\wiadebug.log

2015-03-19 15:09 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2015-03-19 15:08 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-19 15:08 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-19 07:35 - 2014-06-06 11:00 - 00196608 _____ () C:\WINDOWS\system32\config\CaptureL.evt

2015-03-19 07:35 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini

2015-03-19 07:35 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim

2015-03-19 07:35 - 2010-01-13 20:44 - 00032470 _____ () C:\WINDOWS\SchedLgU.Txt

2015-03-18 08:41 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf

2015-03-18 08:40 - 2010-01-13 20:45 - 00000000 __SHD () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Verlauf

2015-03-18 08:38 - 2013-10-08 13:33 - 00000000 ___HD () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\Verlauf

2015-03-18 08:38 - 2010-01-13 20:28 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf

2015-03-16 06:21 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme

2015-03-14 06:31 - 2014-03-13 15:56 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service

2015-03-13 15:53 - 2010-02-04 14:35 - 00082800 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\GDIPFONTCACHEV1.DAT

2015-03-13 15:52 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk

2015-03-13 15:03 - 2011-03-21 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443685$

2015-03-12 19:31 - 2010-01-15 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\vlc

2015-03-12 19:19 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn

2015-03-12 16:23 - 2006-02-28 13:00 - 00000227 _____ () C:\WINDOWS\system.ini

2015-03-12 16:15 - 2010-01-13 21:27 - 00000327 __RSH () C:\boot.ini

2015-03-12 16:05 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme

2015-03-10 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-10 07:52 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client

2015-03-09 14:07 - 2012-11-03 09:27 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit

2015-03-09 07:17 - 2010-01-13 20:28 - 00294864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-09 07:16 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService

2015-03-09 07:10 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer

2015-03-09 07:03 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon

2015-03-09 07:02 - 2013-01-19 19:52 - 00000000 ____D () C:\Programme\Opera

2015-03-09 07:02 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon

2015-03-09 06:58 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt

2015-03-09 06:24 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2015-03-08 20:58 - 2010-01-13 22:00 - 00031828 _____ () C:\WINDOWS\system32\TZLog.log

2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates

2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google

2015-02-21 11:24 - 2014-04-29 17:48 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
 

==================== Files in the root of some directories =======
 

2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe

2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe

2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe

2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini

2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 

Some content of TEMP:

====================

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015

Ran by Slim at 2015-03-19 18:06:23

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)

Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden

Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version:  - )

ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )

ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )

ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )

ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)

ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden

ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)

CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)

Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)

Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)

Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)

hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version:  - )

hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version:  - )

InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)

InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Media & Office Keyboard (HKLM\...\OfficeKB) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)

Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version:  - Nero AG)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)

NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

Opera Stable 27.0.1689.76 (HKLM\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)

QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)

Skins (Version: 2009.0225.1546.28221 - ATI) Hidden

SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)

Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)

upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)

Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden

VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )

Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)

WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).
 

==================== Restore Points  =========================
 

09-03-2015 06:58:11 Wiederherstellungsvorgang

09-03-2015 14:06:59 Revo Uninstaller's restore point - softonic-de3 Toolbar

11-03-2015 08:37:17 Systemprüfpunkt

12-03-2015 16:03:04 vor combifox

13-03-2015 09:35:16 Software Distribution Service 3.0

15-03-2015 10:03:19 Systemprüfpunkt

16-03-2015 12:15:53 Systemprüfpunkt

18-03-2015 09:08:24 Systemprüfpunkt

19-03-2015 16:16:13 Systemprüfpunkt
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-02-28 13:00 - 2015-03-12 16:23 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2009-02-27 16:41 - 2009-02-27 16:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU

2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe

2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (Kein)

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (Kein)

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)

HKU\S-1-5-21-796845957-926492609-839522115-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (Kein)

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)

ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)

Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)

Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)

Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim

SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)

UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/15/2015 11:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 03:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 03:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 03:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/13/2015 09:34:40 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/11/2015 09:25:18 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/10/2015 06:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x0014cb6f.

Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.
 

Error: (03/09/2015 03:10:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung mbar.exe, Version 1.9.1.1004, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/09/2015 01:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/09/2015 01:52:11 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
 

System errors:

=============

Error: (03/19/2015 03:11:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/19/2015 06:44:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/18/2015 10:14:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/18/2015 08:43:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/18/2015 07:18:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/17/2015 06:48:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/16/2015 05:25:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/16/2015 00:03:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/16/2015 06:24:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/15/2015 05:11:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 
 

Microsoft Office Sessions:

=========================

Error: (03/15/2015 11:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 03:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 03:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 03:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/13/2015 09:34:40 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/11/2015 09:25:18 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/10/2015 06:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.191540014cb6f
 

Error: (03/09/2015 03:10:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: mbar.exe1.9.1.1004hungapp0.0.0.000000000
 

Error: (03/09/2015 01:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/09/2015 01:52:11 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+

Percentage of memory in use: 44%

Total physical RAM: 1535.29 MB

Available physical RAM: 853.4 MB

Total Pagefile: 3431.74 MB

Available Pagefile: 2649 MB

Total Virtual: 2047.88 MB

Available Virtual: 1949.99 MB
 

==================== Drives ================================
 

Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:20.06 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:14.68 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)

Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Malwarebytes Anti-Malware hatte nix gefunden

Malewarebytes AntiRootkit will nicht laufen: Scan failed steht da

oooh man und warum speichert mozilla jetzt in der eingabeleiste nicht mehr meine Internetseite? muß ich die jetzt jedesmal neu eingeben??? Sonst bin ich auf den Pfeil der nach unten zeigt und dann war der Verlauf da...????

schrauber

20.03.2015 06:44

Avira meldet nur Zeugs in der Systemwiederherstellung.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Aber nochmal:
der Rechner darf eigentlich gar nicht mehr online sein.

mysteryPC

21.03.2015 06:33

ok und was mache ich damit er wieder online sein darf?

Und wie?

andere Frage: sind wir soweit durch? Oder brauchst Du noch was?

Lösche ich das alles was ich bei der Arbeit mit Dir draufgemacht habe? Oder soll ich das ein oder andere drauflassen?

(Revo Uninstaller find ich gut der bleibt drauf ;-) )

ich weiß sind jetzt viele Fragen...:-)

PS: ach ja den Link den Du mir bezügl. Mozillainfo gegeben hast (support) den habe ich auch gefunden schon...bin aber kläglich gescheitert :-(

Der Mozilla hat mich vereiert...habe gmacht wie Du gesagt hast, war auch alles ok, als ich das zweite mal rein bin, hat er gerechnet wie blöd und ich hatte im niegelagelneuen Mozilla tauchten wieder Daten auf, die ich auch froh war weg zu haben....grummel....

Beim hochstarten kommt immer noch die Meldung das ein Programm fehlt. Das habe ich seitdem ich denn CCleaner hab drüberlaufen lassen damals....(was ich niiiieee wieder tun werde - zumindest ohne Anleitung)...

schrauber

21.03.2015 16:32

Zitat:

ok und was mache ich damit er wieder online sein darf?

auf WIndows 7 umstellen.

Kannste mir nen Screenshot von der Meldung zeigen?

mysteryPC

22.03.2015 10:56

Ich weiß nicht wie das hier im Forum geht mit dem screenshot einfügen bzw. wie ich die Datei verkleiner (hab ich noch nie gemacht und probier schon den ganzen morgen rum) aber direkt nach dem hochfahren erscheint ein blaues fenster und da steht drin:

Could not load file assembly 'sorttbls.nlp' one of it's dependencies. das System konnte die angegebene Datei nicht finden.

und darunter der Button: Okay

schrauber

22.03.2015 17:45

Kannste den Screenshot bei irgend einem Filehoster hochladen?

mysteryPC

22.03.2015 17:53

ich weiß wie man einen screenshot via email versendet :) ...(also von meinem email Postfach ausgehend) würde das helfen?

mysteryPC

22.03.2015 18:15

Liste der Anhänge anzeigen (Anzahl: 1)

tataaa :-))))

schrauber

23.03.2015 09:24

Merkwürdig. FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.

Achtung:
Mach den FRST Scan erst wenn das Fenster da ist, und lass das Fenster stehen, nicht weg klicken.

mysteryPC

24.03.2015 15:44

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015

Ran by Slim at 2015-03-24 15:35:35

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)

Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden

Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version:  - )

ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )

ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )

ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )

ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)

ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden

ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)

CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)

Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)

Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)

Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)

hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version:  - )

hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version:  - )

InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)

InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Media & Office Keyboard (HKLM\...\OfficeKB) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 36.0.4 (x86 de) (HKLM\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)

Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version:  - Nero AG)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)

NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)

Skins (Version: 2009.0225.1546.28221 - ATI) Hidden

SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)

Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)

upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)

Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden

VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )

Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)

WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).
 

==================== Restore Points  =========================
 

09-03-2015 06:58:11 Wiederherstellungsvorgang

09-03-2015 14:06:59 Revo Uninstaller's restore point - softonic-de3 Toolbar

11-03-2015 08:37:17 Systemprüfpunkt

12-03-2015 16:03:04 vor combifox

13-03-2015 09:35:16 Software Distribution Service 3.0

15-03-2015 10:03:19 Systemprüfpunkt

16-03-2015 12:15:53 Systemprüfpunkt

18-03-2015 09:08:24 Systemprüfpunkt

19-03-2015 16:16:13 Systemprüfpunkt

19-03-2015 18:13:20 Software Distribution Service 3.0

19-03-2015 19:50:02 Software Distribution Service 3.0

19-03-2015 20:20:34 Wiederherstellungsvorgang

19-03-2015 22:12:25 Revo Uninstaller's restore point - Opera Stable 27.0.1689.76

20-03-2015 07:25:23 Revo Uninstaller's restore point - Mozilla Firefox 36.0.1 (x86 de)
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-02-28 13:00 - 2015-03-12 16:23 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe

2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)

ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)

Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)

Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)

Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim

SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)

UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/22/2015 10:32:50 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/22/2015 09:35:09 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/20/2015 08:11:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/19/2015 07:21:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:16 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
 
 

System errors:

=============

Error: (03/24/2015 03:29:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/24/2015 06:23:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/23/2015 06:39:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/23/2015 06:53:12 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/22/2015 05:32:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/22/2015 09:42:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/22/2015 08:20:22 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/20/2015 06:59:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/20/2015 02:04:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/19/2015 03:11:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 
 

Microsoft Office Sessions:

=========================

Error: (03/22/2015 10:32:50 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/22/2015 09:35:09 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/20/2015 08:11:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/19/2015 07:21:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06 

System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06 

System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
 

Error: (03/19/2015 07:21:16 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06 

PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+

Percentage of memory in use: 53%

Total physical RAM: 1535.29 MB

Available physical RAM: 719.71 MB

Total Pagefile: 3431.74 MB

Available Pagefile: 2543.4 MB

Total Virtual: 2047.88 MB

Available Virtual: 1933.41 MB
 

==================== Drives ================================
 

Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:16 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:14.68 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)

Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Code:

==================== End Of Log ======================A======

Der FRST hat gesagt das alles im AdditionLog steht...

schrauber

24.03.2015 19:34

FRST.txt ist leer, bitte nochmal FRST scannen, aber das Fenster offen lassen.

mysteryPC

25.03.2015 10:40

Hey Schrauber das Fenster war offen hab es erst geschlossen nach dem FRST Scan. Aber ich versuch es nochmal...hat mich ja auch gewundert mit dem leeren Fenster...

schrauber

25.03.2015 19:29

ok :)

mysteryPC

26.03.2015 06:44

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015

Ran by Slim (administrator) on SLIM-36FB768E46 on 26-03-2015 06:38:33

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 8 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe

(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE

(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

(Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE

(Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE

(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe

(RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe

() C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe

(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe

(Freemake) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe

(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

() C:\Programme\CDBurnerXP\NMSAccessU.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe

(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP)

HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation)

HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)

HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.)

HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] ()

HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)

HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk

ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)

FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12]

FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06]

FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06]
 

Chrome: 

=======

CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default

CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11]

CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]

R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)

R2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]

R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]

S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)

S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google)

R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-03-23] (Mozilla Foundation)

R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()

R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)

R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)

R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed]

R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]

R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-21] (Malwarebytes Corporation)

S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)

R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation)

R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)

S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)

S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)

S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)

S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]

S3 catchme; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\catchme.sys [X]

S4 IntelIde; No ImagePath

U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-26 06:38 - 2015-03-26 06:38 - 00019973 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\FRST.txt

2015-03-23 06:59 - 2015-03-23 06:59 - 00000000 ____D () C:\Programme\Mozilla Firefox

2015-03-20 07:34 - 2015-03-24 15:26 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service

2015-03-20 07:34 - 2015-03-20 07:34 - 00000709 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk

2015-03-20 07:34 - 2015-03-20 07:34 - 00000703 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

2015-03-19 19:50 - 2015-03-19 19:51 - 00020009 _____ () C:\WINDOWS\iis6.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00018549 _____ () C:\WINDOWS\FaxSetup.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00008868 _____ () C:\WINDOWS\ocgen.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00008464 _____ () C:\WINDOWS\tsoc.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00008427 _____ () C:\WINDOWS\KB2914368.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00006123 _____ () C:\WINDOWS\comsetup.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00005648 _____ () C:\WINDOWS\msmqinst.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00003705 _____ () C:\WINDOWS\ntdtcsetup.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00003249 _____ () C:\WINDOWS\netfxocm.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00001374 _____ () C:\WINDOWS\imsins.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00001374 _____ () C:\WINDOWS\imsins.BAK

2015-03-19 19:50 - 2015-03-19 19:51 - 00001275 _____ () C:\WINDOWS\MedCtrOC.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00001026 _____ () C:\WINDOWS\ocmsn.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00000933 _____ () C:\WINDOWS\tabletoc.log

2015-03-19 19:50 - 2015-03-19 19:51 - 00000927 _____ () C:\WINDOWS\msgsocm.log

2015-03-19 16:07 - 2015-03-19 20:19 - 00018871 _____ () C:\WINDOWS\KB2780091.log

2015-03-19 16:07 - 2015-03-19 20:18 - 00020193 _____ () C:\WINDOWS\KB2930275.log

2015-03-19 16:07 - 2015-03-19 20:18 - 00019176 _____ () C:\WINDOWS\KB2876217.log

2015-03-19 16:07 - 2015-03-19 20:18 - 00019165 _____ () C:\WINDOWS\KB2864063.log

2015-03-19 16:07 - 2015-03-19 20:18 - 00019162 _____ () C:\WINDOWS\KB2862152.log

2015-03-19 16:07 - 2015-03-19 20:17 - 00020137 _____ () C:\WINDOWS\KB2859537.log

2015-03-19 16:07 - 2015-03-19 20:17 - 00019158 _____ () C:\WINDOWS\KB2876331.log

2015-03-19 16:07 - 2015-03-19 20:17 - 00019158 _____ () C:\WINDOWS\KB2850869.log

2015-03-19 16:06 - 2015-03-19 20:18 - 00018878 _____ () C:\WINDOWS\KB2719985.log

2015-03-19 16:06 - 2015-03-19 20:17 - 00018860 _____ () C:\WINDOWS\KB2820917.log

2015-03-19 16:06 - 2015-03-19 20:16 - 00018877 _____ () C:\WINDOWS\KB2757638.log

2015-03-19 16:06 - 2015-03-19 20:16 - 00018857 _____ () C:\WINDOWS\KB2749655.log

2015-03-19 16:06 - 2015-03-19 20:16 - 00013026 _____ () C:\WINDOWS\KB2893294.log

2015-03-19 16:00 - 2015-03-19 20:16 - 00018858 _____ () C:\WINDOWS\KB2653956.log

2015-03-19 15:52 - 2015-03-19 20:16 - 00019159 _____ () C:\WINDOWS\KB2892075.log

2015-03-19 15:51 - 2015-03-19 20:16 - 00018862 _____ () C:\WINDOWS\KB2619339.log

2015-03-19 15:50 - 2015-03-19 20:16 - 00020575 _____ () C:\WINDOWS\KB2813345.log

2015-03-19 15:50 - 2015-03-19 20:16 - 00019135 _____ () C:\WINDOWS\KB2705219-v2.log

2015-03-19 15:50 - 2015-03-19 20:16 - 00018855 _____ () C:\WINDOWS\KB2727528.log

2015-03-19 15:49 - 2015-03-19 20:15 - 00022431 _____ () C:\WINDOWS\KB2676562.log

2015-03-19 15:43 - 2015-03-19 19:51 - 00024886 _____ () C:\WINDOWS\KB2620712.log

2015-03-19 15:41 - 2015-03-19 20:20 - 00017436 _____ () C:\WINDOWS\KB2868626.log

2015-03-19 15:41 - 2015-03-19 20:19 - 00017241 _____ () C:\WINDOWS\KB2802968.log

2015-03-19 15:40 - 2015-03-19 20:20 - 00017440 _____ () C:\WINDOWS\KB2922229.log

2015-03-19 15:40 - 2015-03-19 20:20 - 00017436 _____ () C:\WINDOWS\KB2916036.log

2015-03-19 15:40 - 2015-03-19 20:19 - 00017440 _____ () C:\WINDOWS\KB2898715.log

2015-03-19 15:40 - 2015-03-19 20:19 - 00017435 _____ () C:\WINDOWS\KB2847311.log

2015-03-19 15:40 - 2015-03-19 20:19 - 00017431 _____ () C:\WINDOWS\KB2929961.log

2015-03-19 15:39 - 2015-03-19 20:20 - 00011000 _____ () C:\WINDOWS\KB2712808.log

2015-03-19 15:39 - 2015-03-19 20:19 - 00017199 _____ () C:\WINDOWS\KB2691442.log

2015-03-19 15:38 - 2015-03-19 20:20 - 00016939 _____ () C:\WINDOWS\KB2585542.log

2015-03-19 15:38 - 2015-03-19 20:19 - 00016843 _____ () C:\WINDOWS\KB2631813.log

2015-03-19 15:38 - 2015-03-19 20:19 - 00016730 _____ () C:\WINDOWS\KB2655992.log

2015-03-19 15:38 - 2015-03-19 20:19 - 00016635 _____ () C:\WINDOWS\KB2598479.log

2015-03-19 15:37 - 2015-03-19 19:50 - 00024132 _____ () C:\WINDOWS\KB2584146.log

2015-03-19 15:29 - 2015-03-19 15:29 - 00000349 _____ () C:\WINDOWS\setupapi.log

2015-03-15 19:16 - 2015-03-15 19:16 - 00852604 _____ () C:\SecurityCheck.exe

2015-03-14 17:40 - 2015-03-14 17:40 - 00039466 _____ () C:\Addition.txt

2015-03-14 17:39 - 2015-03-14 17:40 - 00035743 _____ () C:\FRST.txt

2015-03-14 17:39 - 2015-03-14 17:39 - 01135104 _____ (Farbar) C:\Dokumente und Einstellungen\Slim\Desktop\FRST.exe

2015-03-14 17:35 - 2015-03-14 17:35 - 00000727 _____ () C:\JRT.txt

2015-03-14 17:31 - 2015-03-14 17:31 - 01388333 _____ (Thisisu) C:\Dokumente und Einstellungen\Slim\Desktop\JRT.exe

2015-03-13 15:29 - 2015-03-14 17:21 - 00000000 ____D () C:\AdwCleaner

2015-03-13 15:01 - 2015-03-13 15:01 - 00001222 _____ () C:\mbam.txt. für schrauber.txt

2015-03-13 14:34 - 2015-03-13 14:34 - 00000756 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-13 14:34 - 2015-03-13 14:34 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware

2015-03-13 14:34 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-03-12 16:44 - 2015-03-12 16:44 - 00000422 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Verknüpfung mit ComboFix.lnk

2015-03-12 16:25 - 2015-03-26 06:38 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00022597 _____ () C:\ComboFix.txt

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp

2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp

2015-03-12 16:15 - 2015-03-12 16:15 - 00000000 _RSHD () C:\cmdcons

2015-03-12 16:15 - 2010-01-13 20:32 - 00000211 _____ () C:\Boot.bak

2015-03-12 16:15 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr

2015-03-12 16:06 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe

2015-03-12 16:06 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe

2015-03-12 16:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe

2015-03-12 16:06 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe

2015-03-12 16:05 - 2015-03-12 16:25 - 00000000 ____D () C:\Qoobox

2015-03-12 16:05 - 2015-03-12 16:05 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Verwaltung

2015-03-12 16:04 - 2015-03-12 16:24 - 00000000 ____D () C:\WINDOWS\erdnt

2015-03-12 16:04 - 2015-03-12 16:03 - 05613296 ____R (Swearware) C:\ComboFix.exe

2015-03-11 19:08 - 2015-03-11 19:08 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-03-11 07:39 - 2015-03-11 07:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Slim\Desktop\tdsskiller.exe

2015-03-09 14:24 - 2015-03-13 14:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

2015-03-09 14:23 - 2015-03-13 14:35 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-03-09 14:23 - 2015-03-13 08:48 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)

2015-03-09 14:20 - 2015-03-10 11:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Desktop\mbar

2015-03-09 14:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-03-09 13:57 - 2015-03-09 13:57 - 00000896 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Revo Uninstaller.lnk

2015-03-09 13:57 - 2015-03-09 13:57 - 00000000 ____D () C:\Programme\VS Revo Group

2015-03-09 07:59 - 2015-03-09 07:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Ulead VideoStudio

2015-03-09 07:24 - 2015-03-09 07:24 - 00000060 _____ () C:\WINDOWS\setupact.log

2015-03-09 07:24 - 2015-03-09 07:24 - 00000000 _____ () C:\WINDOWS\setuperr.log

2015-03-09 06:58 - 2015-03-09 06:58 - 00000000 ___DC () C:\NVIDIA

2015-03-08 21:03 - 2015-03-09 06:59 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$

2015-03-08 21:01 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$

2015-03-08 20:58 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$

2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB941569$

2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$

2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$

2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$

2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$

2015-03-08 20:28 - 2015-03-19 20:24 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$

2015-03-08 20:28 - 2015-03-19 20:24 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$

2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$

2015-03-08 20:00 - 2015-03-26 06:38 - 00000000 ____D () C:\FRST

2015-03-08 16:59 - 2015-03-09 07:05 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$

2015-03-08 16:52 - 2015-03-09 07:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$

2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$

2015-03-08 16:47 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$

2015-03-08 16:46 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$

2015-03-08 16:41 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$

2015-03-08 16:40 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$

2015-03-08 16:14 - 2015-03-19 20:24 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$

2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\IETldCache
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-26 06:37 - 2013-10-08 13:38 - 00009362 _____ () C:\WINDOWS\system32\nvAppTimestamps

2015-03-26 06:34 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-26 06:34 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-26 06:34 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-26 06:34 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl

2015-03-26 06:33 - 2010-01-13 20:38 - 01729271 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-26 06:32 - 2010-01-13 20:31 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2015-03-26 06:32 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2015-03-26 06:31 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-26 06:31 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-26 06:31 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-25 10:41 - 2014-06-06 11:00 - 00196608 _____ () C:\WINDOWS\system32\config\CaptureL.evt

2015-03-25 10:41 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini

2015-03-25 10:41 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim

2015-03-25 10:41 - 2010-01-13 20:44 - 00032438 _____ () C:\WINDOWS\SchedLgU.Txt

2015-03-25 07:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-25 07:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-24 06:27 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme

2015-03-23 18:58 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk

2015-03-22 11:03 - 2010-01-13 21:17 - 00000000 ____D () C:\WINDOWS\Help

2015-03-20 07:34 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme

2015-03-19 22:26 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

2015-03-19 22:17 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration

2015-03-19 20:28 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService

2015-03-19 20:28 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService

2015-03-19 20:21 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt

2015-03-19 20:09 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2015-03-19 15:41 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$

2015-03-19 15:30 - 2010-01-13 20:43 - 00000000 ___HD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf

2015-03-18 08:41 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf

2015-03-18 08:40 - 2010-01-13 20:45 - 00000000 __SHD () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Verlauf

2015-03-18 08:38 - 2013-10-08 13:33 - 00000000 ___HD () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\Verlauf

2015-03-18 08:38 - 2010-01-13 20:28 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf

2015-03-13 15:53 - 2010-02-04 14:35 - 00082800 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\GDIPFONTCACHEV1.DAT

2015-03-13 15:03 - 2011-03-21 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443685$

2015-03-12 19:31 - 2010-01-15 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\vlc

2015-03-12 19:19 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn

2015-03-12 16:23 - 2006-02-28 13:00 - 00000227 _____ () C:\WINDOWS\system.ini

2015-03-12 16:15 - 2010-01-13 21:27 - 00000327 __RSH () C:\boot.ini

2015-03-12 16:05 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme

2015-03-10 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-10 07:52 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client

2015-03-09 14:07 - 2012-11-03 09:27 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit

2015-03-09 07:17 - 2010-01-13 20:28 - 00294864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-09 07:10 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software

2015-03-09 07:02 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon

2015-03-09 07:02 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon

2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon

2015-03-08 20:58 - 2010-01-13 22:00 - 00031828 _____ () C:\WINDOWS\system32\TZLog.log

2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates

2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job

2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google
 

==================== Files in the root of some directories =======
 

2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe

2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe

2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe

2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini

2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 

Some content of TEMP:

====================

C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015

Ran by Slim at 2015-03-26 06:39:36

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)

Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden

Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version:  - )

ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )

ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )

ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )

ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)

ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden

ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)

CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)

Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)

Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)

Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)

hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version:  - )

hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version:  - )

InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)

InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Media & Office Keyboard (HKLM\...\OfficeKB) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 36.0.4 (x86 de) (HKLM\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)

Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version:  - Nero AG)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)

NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)

Skins (Version: 2009.0225.1546.28221 - ATI) Hidden

SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)

Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)

upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)

Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden

VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )

Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)

WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).
 

==================== Restore Points  =========================
 

09-03-2015 06:58:11 Wiederherstellungsvorgang

09-03-2015 14:06:59 Revo Uninstaller's restore point - softonic-de3 Toolbar

11-03-2015 08:37:17 Systemprüfpunkt

12-03-2015 16:03:04 vor combifox

13-03-2015 09:35:16 Software Distribution Service 3.0

15-03-2015 10:03:19 Systemprüfpunkt

16-03-2015 12:15:53 Systemprüfpunkt

18-03-2015 09:08:24 Systemprüfpunkt

19-03-2015 16:16:13 Systemprüfpunkt

19-03-2015 18:13:20 Software Distribution Service 3.0

19-03-2015 19:50:02 Software Distribution Service 3.0

19-03-2015 20:20:34 Wiederherstellungsvorgang

19-03-2015 22:12:25 Revo Uninstaller's restore point - Opera Stable 27.0.1689.76

20-03-2015 07:25:23 Revo Uninstaller's restore point - Mozilla Firefox 36.0.1 (x86 de)
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-02-28 13:00 - 2015-03-12 16:23 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe

2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)

ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)

Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)

Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)

Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim

SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)

UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/22/2015 10:32:50 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/22/2015 09:35:09 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/20/2015 08:11:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 

Error: (03/19/2015 07:21:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
 

Error: (03/19/2015 07:21:16 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06
 
 

System errors:

=============

Error: (03/26/2015 06:34:14 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/25/2015 10:36:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/24/2015 05:22:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/24/2015 03:29:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/24/2015 06:23:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/23/2015 06:39:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/23/2015 06:53:12 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/22/2015 05:32:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/22/2015 09:42:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (03/22/2015 08:20:22 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 
 

Microsoft Office Sessions:

=========================

Error: (03/22/2015 10:32:50 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/22/2015 09:35:09 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/20/2015 08:11:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 

Error: (03/19/2015 07:21:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06 

System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06 

System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
 

Error: (03/19/2015 07:21:17 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06 

System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
 

Error: (03/19/2015 07:21:16 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131f06 

PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+

Percentage of memory in use: 37%

Total physical RAM: 1535.29 MB

Available physical RAM: 965.44 MB

Total Pagefile: 3431.74 MB

Available Pagefile: 2856.39 MB

Total Virtual: 2047.88 MB

Available Virtual: 1936.56 MB
 

==================== Drives ================================
 

Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:16.2 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:14.68 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)

Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

schrauber

26.03.2015 17:09

Gewusst wie: Durchführen eines sauberen Neustarts in Windows

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.

mysteryPC

26.03.2015 19:39

schluck ... einzeln Dienste aktivieren? :wtf: :confused:

da steht ist für fortgeschrittene PC-Benutzer..äähhh ich glaub ich bin noch im Kindergarten allenfalls PC-Vorschule?:pfeiff:
Sorry aber ich hab grad nen mittleren Panikanfall...

schrauber

27.03.2015 10:35

Wenn Du nach dem Bild vorgehst und erstmal die Microsoft Dienste versteckst kann nix schief gehen. Dann alle andern deaktivieren und rebooten.

mysteryPC

29.03.2015 14:41

Hey Schrauber ich habe mal ne frage bevor ich das jetzt tue:
Wenn ich meinen PC eh umstellen muß, würde sich dann dieser Schritt nicht erübrigen? (Nur mal so frag) Oder sollte ich das mit dem reboot dennoch machen vorher?

schrauber

30.03.2015 05:03

Wenn Du komplett formatierst und dann ein neues BS installierst hat sich der Schritt erübrigt :)

mysteryPC

30.03.2015 14:46

Hi Schrauber, oookay...was ist ein BS (=Betriebssystem?) ?

Und: wie mache ich das mit dem umstellen einfach windows 7 runterladen und fertig, oder wie? Kann ich sowas alleine oder sollte ich mir vor ort Hilfe holen oder kannst Du mir dabei helfen? Muß ich danach irgendwelche Treiber nochmal einzeln runterladen?

Ich kann halt nicht abschätzen was da auf mich zukommt deswegen die vielfragerei ;-)

Also eigentlich möchte ich alles so haben wie es jetzt ist nur halt sicher :D

schrauber

30.03.2015 17:40

https://www.microsoft.com/de-de/down...s.aspx?id=3132

erstmal das Laden und laufen lassen :)

mysteryPC

31.03.2015 06:25

Ok mach ich...ich deute das als: Ja Du Hilfst mir :-) :-) :-)

schrauber

31.03.2015 16:48

jop :)

mysteryPC

13.04.2015 16:14

Hallo schrauber sorry das ich mich bisher nicht weiter gemeldet habe, aber ich war verhindert...nun gehts weiter...
Habe den Link angeklickt und kann nix Laden oder laufen lassen wenn ich da klicke bekomme ich folgendes:

Windows hat die folgenden Informationen zu diesem Dateityp. Diese Seite unterstützt Sie bei der Suche nach Software zum Öffnen dieser Datei.

Dateityp: Hotfix installer package

Dateierweiterung: .msu

Beschreibung: An installer file format intended for use in an installer library. Auf den folgenden Websites finden Sie umfassende Listen von Dateierweiterungen. Möglicherweise finden Sie hier Informationen zu diesem Dateityp:
Im Web suchen

Haben Sie Fragen? Beachten Sie die FAQ (Häufig gestellte Fragen).

schrauber

14.04.2015 06:36

Sorry, falscher Link :)

https://www.microsoft.com/de-de/down...ils.aspx?id=20

mysteryPC

14.04.2015 14:31

wenn ich das Programm starten will bekomme ich die Meldung:
Windows 7 Upgrade Advisor hat ein Problem festgestellt und muß beendet werden.

schrauber

15.04.2015 05:56

Oh Mann :)

Öffne bitte FRST, setz nen Haken bei Addition und scanne, poste bitte nur die Addition.txt.

mysteryPC

15.04.2015 09:20

Zitat:

Zitat von schrauber (Beitrag 1455564)

Oh Mann

Ja das habe ich auch gedacht ;-)

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-04-2015

Ran by Slim at 2015-04-15 10:18:05

Running from C:\Dokumente und Einstellungen\Slim\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Antivirus (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)

Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)

Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden

Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)

Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)

Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version:  - )

ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )

ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )

ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )

ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )

Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)

ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden

ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden

CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)

CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)

Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)

Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)

Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)

Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)

hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version:  - )

hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version:  - )

InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)

InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Media & Office Keyboard (HKLM\...\OfficeKB) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 37.0.1 (x86 de) (HKLM\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)

Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version:  - Nero AG)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)

NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )

Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)

Skins (Version: 2009.0225.1546.28221 - ATI) Hidden

SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)

Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)

upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)

Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden

VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )

Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)

WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).
 

==================== Restore Points  =========================
 

09-03-2015 07:58:11 Wiederherstellungsvorgang

09-03-2015 15:06:59 Revo Uninstaller's restore point - softonic-de3 Toolbar

11-03-2015 09:37:17 Systemprüfpunkt

12-03-2015 17:03:04 vor combifox

13-03-2015 10:35:16 Software Distribution Service 3.0

15-03-2015 11:03:19 Systemprüfpunkt

16-03-2015 13:15:53 Systemprüfpunkt

18-03-2015 10:08:24 Systemprüfpunkt

19-03-2015 17:16:13 Systemprüfpunkt

19-03-2015 19:13:20 Software Distribution Service 3.0

19-03-2015 20:50:02 Software Distribution Service 3.0

19-03-2015 21:20:34 Wiederherstellungsvorgang

19-03-2015 23:12:25 Revo Uninstaller's restore point - Opera Stable 27.0.1689.76

20-03-2015 08:25:23 Revo Uninstaller's restore point - Mozilla Firefox 36.0.1 (x86 de)

27-03-2015 09:45:10 Systemprüfpunkt

28-03-2015 19:52:29 Systemprüfpunkt

30-03-2015 11:36:25 Systemprüfpunkt

31-03-2015 14:53:47 Systemprüfpunkt

03-04-2015 20:16:49 Systemprüfpunkt

05-04-2015 09:24:05 Systemprüfpunkt

06-04-2015 09:44:54 Systemprüfpunkt

07-04-2015 13:56:30 Systemprüfpunkt

09-04-2015 18:37:15 Systemprüfpunkt

12-04-2015 10:18:47 Systemprüfpunkt

13-04-2015 12:21:03 Systemprüfpunkt

14-04-2015 15:16:17 Windows 7 Upgrade Advisor wird installiert
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-02-28 14:00 - 2015-03-12 17:23 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2009-02-27 17:41 - 2009-02-27 17:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU

2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

2006-02-28 14:00 - 2008-04-14 08:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2010-08-18 12:07 - 2010-03-04 23:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe

2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)

ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)

Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)

Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)

Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim

SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)

UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard (1024) Versuch, Datei "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.
 
 

System errors:

=============

Error: (04/15/2015 10:10:58 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/15/2015 06:22:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/14/2015 03:05:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/14/2015 06:15:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/13/2015 06:25:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/13/2015 06:06:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/13/2015 04:42:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/13/2015 01:52:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/13/2015 11:23:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 

Error: (04/13/2015 06:42:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
 
 

Microsoft Office Sessions:

=========================

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 

Error: (04/15/2015 10:08:35 AM) (Source: ESENT) (EventID: 489) (User: )

Description: avguard1024C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\EVENTDB\gavi3.db-1023 (0xfffffc01)3 (0x00000003)Das System kann den angegebenen Pfad nicht finden.
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+

Percentage of memory in use: 42%

Total physical RAM: 1535.29 MB

Available physical RAM: 890.1 MB

Total Pagefile: 3431.74 MB

Available Pagefile: 2789.43 MB

Total Virtual: 2047.88 MB

Available Virtual: 1933.22 MB
 

==================== Drives ================================
 

Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:15.5 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:14.68 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)

Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

schrauber

15.04.2015 16:05

Keine Ahnung warum das Tool nicht läuft, aber:

Zitat:

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 42%
Total physical RAM: 1535.29 MB
Available physical RAM: 890.1 MB
Total Pagefile: 3431.74 MB
Available Pagefile: 2789.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.22 MB

Das wird eher nix mit Win7.

mysteryPC

15.04.2015 18:59

warum? klär mich auf bitte...

schrauber

16.04.2015 10:37

Weil die Hardware zu wenig Power hat. Es mag evtl die Mindestvorraussetzungen erfüllen, aber Spass wirste damit keinen haben.

Schon mal Linux angeschaut?

mysteryPC

16.04.2015 16:14

nein...

schrauber

16.04.2015 21:33

Hier im Linux Bereich gibt es viele User, die da drauf schwören und auch gerne ma dabei helfen.

Einfach mit ner LiveCD anfangen und mal antesten :)

Alle Zeitangaben in WEZ +1. Es ist jetzt 08:30 Uhr.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131