| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC reagiert ständig nicht mehr ...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.07.2012, 07:58
| #1 |
 |  PC reagiert ständig nicht mehr ... Hallo zusammen, mein Laptop reagiert ständig nich, bleibt also "Hängen". hier mal das LOG von Malwarebytes: Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.18.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Laptop :: LAPTOP_PR [Administrator] Schutz: Aktiviert 18.07.2012 08:35:58 mbam-log-2012-07-18 (08-35-58).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 211120 Laufzeit: 13 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\Laptop\Downloads\SoftonicDownloader_fuer_picasa(1).exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Laptop\Downloads\SoftonicDownloader_fuer_picasa.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) DEFOGGER LOG defogger_disable by jpshortstuff (23.02.10.1) Log created at 09:14 on 18/07/2012 (Laptop) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Geändert von rupa (18.07.2012 um 08:34 Uhr) |
|
18.07.2012, 08:41
| #2 |
  | PC reagiert ständig nicht mehr ... Hi,
__________________den Scan mit MAM (Antimalwarebytes) mit der Einstellung FULLSCAN wiederholen. OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster (Report anklicken), den Text abkopieren und hier posten... chris
__________________ |
|
18.07.2012, 08:45
| #3 |
| | PC reagiert ständig nicht mehr ... OTL logfile created on: 7/18/2012 9:16:54 AM - Run 1
__________________OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.84 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 59.03% Memory free 7.68 Gb Paging File | 5.90 Gb Available in Paging File | 76.82% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 127.00 Gb Total Space | 17.69 Gb Free Space | 13.93% Space Free | Partition Type: NTFS Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/18 09:15:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe PRC - [2012/07/06 05:50:57 | 003,548,736 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Program Files (x86)\Hardcopy\hardcopy.exe PRC - [2012/07/05 15:56:39 | 000,037,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe PRC - [2012/07/03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe PRC - [2012/05/03 18:37:50 | 020,221,792 | ---- | M] (Lavasoft Limited) -- C:\PROGRA~2\AD-AWA~1\AdAware.exe PRC - [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe PRC - [2012/04/24 20:18:16 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe PRC - [2011/12/08 11:06:08 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2011/11/11 18:18:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe PRC - [2011/02/16 23:26:16 | 000,308,592 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe PRC - [2011/02/01 23:25:44 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011/02/01 23:25:41 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/08/13 16:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe PRC - [2009/07/16 14:16:42 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe ========== Modules (No Company Name) ========== MOD - [2012/07/05 15:56:51 | 000,115,264 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDLL2_37_Win32.dll MOD - [2012/07/05 15:56:39 | 000,037,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe MOD - [2012/07/05 15:56:24 | 000,052,800 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hardcopy_05.dll MOD - [2012/07/04 10:14:24 | 002,941,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDllS.dll MOD - [2012/03/22 11:40:50 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll MOD - [2012/03/22 11:40:28 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2011/03/30 17:56:20 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV:64bit: - [2011/03/30 17:40:30 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV:64bit: - [2011/03/30 09:35:40 | 001,000,208 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe -- (ZcfgSvc7) Intel(R) SRV:64bit: - [2010/10/15 20:07:52 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2010/10/07 16:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService) SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/06/18 00:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService) SRV:64bit: - [2010/06/03 04:05:42 | 002,734,400 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\ATService.exe -- (ATService) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/07/12 10:20:31 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/06/17 10:25:55 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service) SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc) SRV - [2011/12/08 11:06:08 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2011/02/16 23:26:16 | 000,308,592 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe -- (Sierra Wireless QDL Service) SRV - [2011/02/01 23:25:44 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2011/02/01 23:25:41 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010/12/11 20:18:12 | 001,064,584 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/07/16 14:16:42 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:64bit: - [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/12/19 12:44:24 | 000,256,632 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw) DRV:64bit: - [2011/12/19 12:44:24 | 000,084,600 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis) DRV:64bit: - [2011/12/19 12:44:24 | 000,060,536 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips) DRV:64bit: - [2011/12/08 11:06:12 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2011/12/08 11:06:03 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) DRV:64bit: - [2011/12/08 11:05:46 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2011/12/08 11:05:25 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2011/11/29 06:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs) DRV:64bit: - [2011/11/01 01:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2011/10/26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE) DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP) DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL) DRV:64bit: - [2011/09/21 10:41:42 | 000,022,016 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscGabi.sys -- (FscGabi) DRV:64bit: - [2011/09/21 10:41:38 | 000,017,920 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscEfDmi.sys -- (FscEfDmi) DRV:64bit: - [2011/04/15 04:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011/02/04 01:58:00 | 000,424,448 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3kmbb00.sys -- (swg3kmbb00) DRV:64bit: - [2011/02/04 01:57:20 | 000,073,216 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swibusflt00.sys -- (swibusflt00) DRV:64bit: - [2011/02/04 01:57:20 | 000,073,216 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swibus00.sys -- (swibus00) DRV:64bit: - [2011/02/04 01:57:06 | 000,034,304 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3kflt00.sys -- (swg3kflt00) DRV:64bit: - [2011/02/04 01:56:58 | 000,256,384 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3kser00.sys -- (swg3kser00) DRV:64bit: - [2011/02/04 01:56:58 | 000,256,384 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3knmea00.sys -- (swg3knmea00) DRV:64bit: - [2010/12/20 18:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2010/12/10 06:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/12/10 06:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/12/08 06:30:08 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010/10/14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010/10/09 15:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:64bit: - [2010/10/04 08:26:14 | 000,131,112 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums) DRV:64bit: - [2010/09/28 04:30:22 | 000,015,208 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FJGSDisk.sys -- (FJGSDisk) DRV:64bit: - [2010/09/21 08:20:30 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL) DRV:64bit: - [2010/09/14 23:59:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010/09/14 23:59:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010/09/02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt) DRV:64bit: - [2010/09/02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet) DRV:64bit: - [2010/08/21 01:21:38 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010/08/06 02:17:00 | 000,085,736 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\oz776x64.sys -- (guardian2) DRV:64bit: - [2010/06/02 11:27:04 | 000,770,152 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:64bit: - [2010/03/02 08:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009/11/19 14:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009/06/24 07:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV) DRV:64bit: - [2009/06/10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/06/10 22:36:04 | 000,696,832 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fus2base.sys -- (FUS2BASE) DRV:64bit: - [2009/06/10 22:36:02 | 000,079,872 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmcowan.sys -- (AVMCOWAN) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2006/11/01 12:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3) DRV:64bit: - [2006/11/01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1) DRV:64bit: - [2005/08/18 19:22:30 | 000,131,584 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE) DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2006/04/20 08:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2005/08/18 19:22:30 | 000,131,584 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dne64x.sys -- (DNE) DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\vsdatant.sys -- (vsdatant) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186} IE:64bit: - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186} IE - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ts.fujitsu.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {D5F17733-DD7D-4C1E-A875-39236ADC9DEE} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searc} IE - HKCU\..\SearchScopes\{D5F17733-DD7D-4C1E-A875-39236ADC9DEE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/10 11:35:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 10:25:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/22 10:45:09 | 000,000,000 | ---D | M] [2012/01/27 08:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Extensions [2012/07/11 08:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions [2012/06/26 12:06:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012/01/27 12:00:08 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012/07/11 14:32:54 | 000,002,385 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\7q6ocu5b.default\searchplugins\youtube.xml [2012/02/05 19:27:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/07/10 11:35:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2012/06/26 08:59:44 | 000,339,843 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI [2012/06/13 08:03:18 | 000,009,485 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{BA2430E0-5B72-4CAC-BC9E-7D1AACA75D3D}.XPI [2012/06/13 08:03:18 | 000,010,443 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SHOWTHEIMAGE@BRUNWIN.NET.XPI [2012/06/13 08:03:18 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI [2012/01/27 09:59:07 | 000,008,362 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\TOGGLEPRIVATEBROWSING@SUPERNOVA00.BIZ.XPI [2012/06/17 10:25:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/02/03 14:50:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012/06/17 10:25:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/06/17 10:25:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/06/17 10:25:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/06/17 10:25:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/06/17 10:25:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/06/17 10:25:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: avast! WebRep = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - Startup: C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK = C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_64.CAB (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10BEEE1C-6AEA-47DD-8CDF-010DC88F9374}: NameServer = 192.168.0.254 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell - "" = AutoRun O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell - "" = AutoRun O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/18 09:15:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe [2012/07/18 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Malwarebytes [2012/07/18 08:32:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/07/18 08:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/07/18 08:32:02 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/07/18 08:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/07/18 08:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012/07/16 20:25:31 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2012/07/16 20:23:32 | 000,131,584 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\drivers\dne64x.sys [2012/07/16 20:23:32 | 000,110,080 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\dnei64x.dll [2012/07/16 20:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client [2012/07/16 20:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Deterministic Networks [2012/07/16 20:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems [2012/07/16 20:14:00 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Shrew Soft VPN [2012/07/16 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\ShrewSoft [2012/07/13 13:23:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Christoph Küche [2012/07/13 13:21:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck [2012/07/13 13:21:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hardcopy [2012/07/13 13:20:11 | 001,703,936 | ---- | C] (www.sw4you.de Siegfried Weckmann) -- C:\Windows\SwSetupu.exe [2012/07/13 09:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALNO AG Küchenplaner [2012/07/13 09:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALNO [2012/07/11 09:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/07/11 09:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/07/11 09:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/07/10 10:08:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{40C0A572-C69F-4354-9859-ED9E54CAD252} [2012/07/10 10:08:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8CF5B2FF-4C50-4825-9602-F0FB1DDDD9B6} [2012/07/09 22:06:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CCA59C0B-61A0-43CC-A674-5297344FFE0B} [2012/07/09 22:05:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{61679FCA-974E-4F03-9B5F-9282CAF93678} [2012/07/04 11:31:44 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\adaware [2012/07/04 11:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2012/07/04 11:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus [2012/07/04 11:31:31 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys [2012/07/04 11:31:20 | 000,119,416 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFwIm.sys [2012/07/04 11:31:15 | 000,256,632 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFw.sys [2012/07/04 11:31:11 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbredrv.sys [2012/07/04 11:31:11 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe [2012/07/04 11:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012/07/04 11:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus [2012/07/04 11:21:51 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Ad-Aware Antivirus [2012/06/26 12:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin [2012/06/26 12:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin [2012/06/26 11:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin [2012/06/25 10:19:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Auerswald [2012/06/22 10:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012/06/22 04:24:45 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{64CE9632-E10E-4519-AFF0-BA8787FBB5FC} [2012/06/22 04:24:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{793541AA-BE70-4661-A3D4-D0AC1A3938B0} [2012/06/21 16:23:33 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{781B15AE-3422-4916-B40A-60087D7AC7A6} [2012/06/21 16:23:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F1313B8A-E9F4-4C71-8011-044293080CF0} [2012/06/21 16:05:57 | 000,000,000 | ---D | C] -- C:\Windows\de [2012/06/21 16:04:37 | 000,000,000 | ---D | C] -- C:\Windows\en [2012/06/21 16:04:30 | 000,000,000 | ---D | C] -- C:\Windows\fr [2012/06/21 16:04:23 | 000,000,000 | ---D | C] -- C:\Windows\es [2012/06/21 16:04:16 | 000,000,000 | ---D | C] -- C:\Windows\it [2012/06/21 16:04:09 | 000,000,000 | ---D | C] -- C:\Windows\nl [2012/06/21 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9A527056-42B3-415C-89A6-E0C861EA096D} [2012/06/21 15:49:09 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFB7D0FB-0801-49F6-AECA-AE9DA5E94D2D} [2012/06/21 15:48:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFEE86D2-0270-437B-91B5-1F03202DA990} [2012/06/21 14:46:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\tools [2012/06/21 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2012/06/21 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2012/06/21 08:21:10 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\mp3 für show [2012/06/21 07:44:50 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A4288D4B-CD3A-4A65-B2A6-98B4F2EA8554} [2012/06/21 07:44:32 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{17DF9FB7-BAF3-4F87-9A63-452041D4BF3F} [2012/06/20 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{0CC6E22A-2255-4213-BADF-C3E304011BEC} [2012/06/20 10:35:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Danksagung ========== Files - Modified Within 30 Days ========== [2012/07/18 09:20:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/07/18 09:15:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe [2012/07/18 09:13:10 | 000,000,000 | ---- | M] () -- C:\Users\Laptop\defogger_reenable [2012/07/18 09:10:54 | 000,050,477 | ---- | M] () -- C:\Users\Laptop\Desktop\Defogger.exe [2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/18 09:03:17 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/18 09:03:08 | 000,000,438 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/07/18 09:02:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/18 09:02:41 | 3092,107,264 | -HS- | M] () -- C:\hiberfil.sys [2012/07/18 08:52:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/18 08:34:20 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/07/16 21:26:06 | 000,002,002 | -H-- | M] () -- C:\Users\Laptop\Documents\Default.rdp [2012/07/16 20:25:19 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF [2012/07/16 20:23:30 | 000,002,653 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2012/07/16 09:20:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat [2012/07/13 13:21:32 | 000,002,391 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2012/07/13 11:59:53 | 000,001,908 | ---- | M] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk [2012/07/13 08:00:36 | 000,413,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/13 07:59:27 | 000,001,738 | ---- | M] () -- C:\Windows\SysWow64\EmailAVConfig.xml [2012/07/13 07:47:26 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/07/12 09:02:26 | 001,031,801 | ---- | M] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf [2012/07/12 09:02:26 | 000,180,570 | ---- | M] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf [2012/07/12 09:02:25 | 000,385,177 | ---- | M] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf [2012/07/11 13:51:56 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/07/11 13:51:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/07/11 13:51:16 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/07/11 13:44:36 | 000,650,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/07/11 13:44:28 | 000,117,692 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/07/11 09:18:15 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/07/10 11:35:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/07/09 23:12:01 | 000,751,391 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp [2012/07/05 15:53:12 | 000,001,188 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/07/03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012/07/03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/07/03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/06/22 07:53:31 | 000,717,636 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp [2012/06/21 22:53:11 | 000,723,001 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp [2012/06/21 16:48:11 | 000,688,426 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp [2012/06/21 09:53:36 | 000,680,434 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp [2012/06/20 22:56:29 | 000,687,833 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp [2012/06/20 22:56:15 | 000,687,832 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp ========== Files Created - No Company Name ========== [2012/07/18 09:13:10 | 000,000,000 | ---- | C] () -- C:\Users\Laptop\defogger_reenable [2012/07/18 09:10:52 | 000,050,477 | ---- | C] () -- C:\Users\Laptop\Desktop\Defogger.exe [2012/07/18 08:32:07 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/07/16 20:40:57 | 000,002,002 | -H-- | C] () -- C:\Users\Laptop\Documents\Default.rdp [2012/07/16 20:40:56 | 000,001,367 | ---- | C] () -- C:\Users\Laptop\Desktop\Remote Desktop Connection.lnk [2012/07/16 20:23:30 | 000,002,653 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2012/07/16 20:22:59 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF [2012/07/16 09:20:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat [2012/07/13 13:21:32 | 000,002,391 | ---- | C] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2012/07/13 09:40:04 | 000,001,908 | ---- | C] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk [2012/07/13 07:59:27 | 000,001,738 | ---- | C] () -- C:\Windows\SysWow64\EmailAVConfig.xml [2012/07/12 09:02:26 | 001,031,801 | ---- | C] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf [2012/07/12 09:02:25 | 000,385,177 | ---- | C] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf [2012/07/12 09:02:25 | 000,180,570 | ---- | C] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf [2012/07/11 09:18:15 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/07/09 23:11:53 | 000,751,391 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp [2012/07/05 15:53:12 | 000,001,188 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml [2012/06/22 10:45:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012/06/21 22:57:39 | 000,717,636 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp [2012/06/21 21:30:22 | 000,723,001 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp [2012/06/21 16:43:45 | 000,688,426 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp [2012/06/21 08:10:06 | 000,680,434 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp [2012/06/20 22:56:29 | 000,687,833 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp [2012/06/20 22:44:49 | 000,687,832 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp [2012/05/04 09:49:50 | 000,139,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/12/07 17:46:21 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [2011/12/07 17:46:21 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe [2011/12/07 17:46:21 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2011/05/19 20:18:25 | 001,599,138 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/05/19 20:12:52 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/05/19 20:12:51 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2011/05/10 12:48:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/05/10 12:48:43 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/05/10 12:48:40 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/05/10 12:48:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/05/10 12:48:33 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2010/11/25 06:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL ========== LOP Check ========== [2011/12/08 11:46:51 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Acronis [2012/07/09 07:48:59 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Ad-Aware Antivirus [2012/04/05 11:44:13 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Amazon [2011/05/19 20:48:32 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Fujitsu [2011/12/07 09:09:45 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Fujitsu Launch Center [2012/06/18 08:07:29 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Garmin [2012/01/27 13:58:28 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\pdfforge [2012/06/11 09:36:08 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Spotify [2012/06/18 08:17:19 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Thinstall [2012/06/19 22:29:03 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Extras logfile created on: 7/18/2012 9:16:54 AM - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.84 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 59.03% Memory free 7.68 Gb Paging File | 5.90 Gb Available in Paging File | 76.82% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 127.00 Gb Total Space | 17.69 Gb Free Space | 13.93% Space Free | Partition Type: NTFS Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{851B25E7-34C7-461A-80EF-DEF313D8E7B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{D4D01C98-8255-4DC3-888F-8BD5540F2D5C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E38099E4-850E-4AB1-B93E-BD7CEFE12B09}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{F3AD941A-7585-4010-9006-0840FFCCA783}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{010D7B67-84C7-4E12-917A-CE67137D4ED3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{2ADEAAA8-5AA4-4640-B979-83D6958B1B64}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{3668745A-E0AF-4755-A36D-DA969C2EE781}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{44412DE0-98FB-4FBD-B437-27D3701B134C}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{58B72A77-E4D4-42B5-8107-9CC2FDF3BEC9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{76731B0D-5FF8-47A0-9AAB-8F0A5F2A25AE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{7889903C-8203-45F4-9697-53060FBDD34C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{82A92841-660B-4048-9B00-FBC52C901B3F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A032B434-B4A4-4461-AA88-29E1B63A9DD5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{A7ACC4E6-F360-4557-B03D-2B0616C732DF}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{A8356CB5-A09B-4C4D-BFC9-D8466508979F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{AAB69D62-B5ED-4D77-AA7F-786976622A0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BBCF5ED8-9B69-4FBD-8790-E045DA271C30}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{BF3A6B68-6453-4886-9F38-EB8265413E91}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{CA5C0F1C-3002-454B-A349-5B991C23455F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{DCD89449-71A7-4312-8AE6-B32383E86845}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F84E6588-5CA9-49A1-BC22-EBBFC3B3F28E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "TCP Query User{D3E5739E-52F0-4929-8AF4-03CDE250A073}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{B08E9171-0F36-47FB-9FCA-8C2211377426}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F1DFCC1-595D-4235-A044-E05B706D800A}" = AuthenTec Fingerprint Software "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver "{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B95CFA6A-E0E0-4437-A2F0-BE0948B68946}" = Intel(R) PROSet/Wireless WiFi Software "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility "{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64 "{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility "{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "ProInst" = Intel PROSet Wireless "Recuva" = Recuva "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.11 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0AA86CEE-2C8C-4ABB-8F95-B8D8E852C62C}" = SportTracks 3.1 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84c3f506-9960-4261-9e59-8bc6f94cb338}" = Nero 9 Essentials "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG Küchenplaner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D25122BC-A60E-4663-B602-B01718F12044}" = Cisco Systems VPN Client 4.8.01.0300 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6C5A4CA-1EE8-4C73-9679-0BC2946D1353}" = Battery Utility "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = Ad-Aware Antivirus "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "5513-1208-7298-9440" = JDownloader 0.9 "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9 "avast" = avast! Pro Antivirus "DeskUpdate_is1" = DeskUpdate 4.12 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Google Chrome" = Google Chrome "Hardcopy" = Hardcopy "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel "InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver "InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility "InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility "InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility "InstallShield_{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "MERTEN SCHALTER-MANAGER_is1" = MERTEN SCHALTER-MANAGER 2011-2012 v1.0 "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Picasa 3" = Picasa 3 "ProInst" = Intel PROSet Wireless "SWIQMIDrvInstaller" = Sierra Wireless QMI Driver Package "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 7/18/2012 3:15:51 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:52 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:53 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:54 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:55 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:56 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:57 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:58 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:15:59 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 3:16:00 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. [ OSession Events ] Error - 5/12/2012 4:50:41 AM | Computer Name = LAPTOP_PR | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 134 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 7/17/2012 8:42:54 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:42:55 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:42:56 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:42:57 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:42:58 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:42:59 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:43:00 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:43:01 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:43:02 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/17/2012 8:43:03 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > VIELEN DANK AUCH MAL !!!!!! |
|
18.07.2012, 09:50
| #4 |
| | PC reagiert ständig nicht mehr ... Hi, Du hast Zonealarm und Avast drauf, deinstalliere Zonealarm. Dann läuft ein Clouddienst von Apple, den würde ich temp. mal ausschalten. Wurde von dem Rechner Malware gelöscht, es sind Spuren zu sehen. Was macht der Scann mit MAM bzw. Killer? Fix für OTL:
 Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
:Commands
[emptytemp]
[Reboot]
chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
18.07.2012, 10:16
| #5 |
| | PC reagiert ständig nicht mehr ... BESTEN DANK !!! Der MAL FullScan ist wohl abgestürzt... bzw. lässt sich das Fenster nicht mehr öffnen :-( ich starte am besten den Rechner mal neu und deinstalliere Zonealarm, deaktiviere avast und iCloud und starte den MAL FullScan erneut. Anschließend mache ich dann Killer und OTL wie oben angegeben. OK??? Das mal Malware gelöscht wurde ist möglich. Ich lasse regelmäßig AdAware, Avast und CCleaner übers System laufen. |
|
18.07.2012, 10:43
| #6 |
| | PC reagiert ständig nicht mehr ... Hi, ok... chris
__________________ --> PC reagiert ständig nicht mehr ... |
|
18.07.2012, 10:53
| #7 |
| | PC reagiert ständig nicht mehr ... MAL war doch nicht abgestürtzt :-) Malwarebytes Anti-Malware (Test) 1.62.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.07.18.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Laptop :: LAPTOP_PR [Administrator] Schutz: Aktiviert 18.07.2012 09:54:01 mbam-log-2012-07-18 (09-54-01).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 410413 Laufzeit: 1 Stunde(n), 40 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Zone Alarm ist und war nicht installiert. |
|
18.07.2012, 11:14
| #8 |
| | PC reagiert ständig nicht mehr ... Hi, da ist ein Treiber von ZoneAlarm: DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\vsdatant.sys -- (vsdatant) Lade den mal bei www.virustotal.com hoch und lasse ihn überprüfen, Log posten... Die Kühlventilatoren laufen alle und sind nicht zugestaubt? chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
18.07.2012, 11:19
| #9 | |
| | PC reagiert ständig nicht mehr ... TDSS-Killer: 11:57:27.0938 5748 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 11:57:28.0056 5748 ============================================================ 11:57:28.0057 5748 Current date / time: 2012/07/18 11:57:28.0056 11:57:28.0057 5748 SystemInfo: 11:57:28.0057 5748 11:57:28.0057 5748 OS Version: 6.1.7601 ServicePack: 1.0 11:57:28.0057 5748 Product type: Workstation 11:57:28.0057 5748 ComputerName: LAPTOP_PR 11:57:28.0057 5748 UserName: Laptop 11:57:28.0058 5748 Windows directory: C:\Windows 11:57:28.0058 5748 System windows directory: C:\Windows 11:57:28.0058 5748 Running under WOW64 11:57:28.0058 5748 Processor architecture: Intel x64 11:57:28.0058 5748 Number of processors: 4 11:57:28.0058 5748 Page size: 0x1000 11:57:28.0058 5748 Boot type: Normal boot 11:57:28.0058 5748 ============================================================ 11:57:28.0862 5748 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:57:28.0873 5748 ============================================================ 11:57:28.0873 5748 \Device\Harddisk0\DR0: 11:57:28.0873 5748 MBR partitions: 11:57:28.0888 5748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x41C800, BlocksNum 0xFE00800 11:57:28.0902 5748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1021D800, BlocksNum 0x12CF3000 11:57:28.0941 5748 ============================================================ 11:57:28.0981 5748 C: <-> \Device\Harddisk0\DR0\Partition0 11:57:29.0030 5748 D: <-> \Device\Harddisk0\DR0\Partition1 11:57:29.0030 5748 ============================================================ 11:57:29.0030 5748 Initialize success 11:57:29.0030 5748 ============================================================ 11:57:41.0112 3788 ============================================================ 11:57:41.0112 3788 Scan started 11:57:41.0112 3788 Mode: Manual; SigCheck; TDLFS; 11:57:41.0112 3788 ============================================================ 11:57:42.0632 3788 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:57:42.0853 3788 1394ohci - ok 11:57:42.0893 3788 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:57:42.0936 3788 ACPI - ok 11:57:42.0993 3788 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:57:43.0094 3788 AcpiPmi - ok 11:57:43.0274 3788 AcrSch2Svc (1fe7229f34038d1abe837688ec0ef15b) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 11:57:43.0341 3788 AcrSch2Svc - ok 11:57:43.0490 3788 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe 11:57:43.0563 3788 Ad-Aware Service - ok 11:57:43.0655 3788 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 11:57:43.0677 3788 AdobeARMservice - ok 11:57:43.0868 3788 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:57:43.0902 3788 AdobeFlashPlayerUpdateSvc - ok 11:57:44.0064 3788 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:57:44.0114 3788 adp94xx - ok 11:57:44.0184 3788 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:57:44.0226 3788 adpahci - ok 11:57:44.0266 3788 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:57:44.0301 3788 adpu320 - ok 11:57:44.0335 3788 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 11:57:44.0541 3788 AeLookupSvc - ok 11:57:44.0593 3788 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys 11:57:44.0788 3788 afcdp - ok 11:57:45.0103 3788 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 11:57:45.0276 3788 afcdpsrv - ok 11:57:45.0457 3788 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:57:45.0551 3788 AFD - ok 11:57:45.0688 3788 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys 11:57:45.0813 3788 AgereSoftModem - ok 11:57:45.0845 3788 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:57:45.0874 3788 agp440 - ok 11:57:45.0919 3788 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 11:57:46.0026 3788 ALG - ok 11:57:46.0064 3788 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:57:46.0091 3788 aliide - ok 11:57:46.0115 3788 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:57:46.0141 3788 amdide - ok 11:57:46.0167 3788 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:57:46.0224 3788 AmdK8 - ok 11:57:46.0242 3788 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 11:57:46.0280 3788 AmdPPM - ok 11:57:46.0320 3788 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:57:46.0350 3788 amdsata - ok 11:57:46.0395 3788 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:57:46.0430 3788 amdsbs - ok 11:57:46.0471 3788 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:57:46.0499 3788 amdxata - ok 11:57:46.0551 3788 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:57:46.0739 3788 AppID - ok 11:57:46.0769 3788 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 11:57:46.0882 3788 AppIDSvc - ok 11:57:46.0925 3788 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 11:57:47.0034 3788 Appinfo - ok 11:57:47.0150 3788 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:57:47.0174 3788 Apple Mobile Device - ok 11:57:47.0241 3788 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 11:57:47.0333 3788 AppMgmt - ok 11:57:47.0368 3788 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:57:47.0398 3788 arc - ok 11:57:47.0423 3788 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:57:47.0454 3788 arcsas - ok 11:57:47.0562 3788 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 11:57:47.0588 3788 aspnet_state - ok 11:57:47.0641 3788 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys 11:57:47.0668 3788 aswFsBlk - ok 11:57:47.0718 3788 aswKbd (c42d45089fd2ec63d13571362c258dc6) C:\Windows\system32\drivers\aswKbd.sys 11:57:47.0743 3788 aswKbd - ok 11:57:47.0800 3788 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys 11:57:47.0828 3788 aswMonFlt - ok 11:57:47.0864 3788 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys 11:57:47.0890 3788 aswRdr - ok 11:57:48.0007 3788 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys 11:57:48.0076 3788 aswSnx - ok 11:57:48.0129 3788 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys 11:57:48.0177 3788 aswSP - ok 11:57:48.0198 3788 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys 11:57:48.0224 3788 aswTdi - ok 11:57:48.0265 3788 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:57:48.0386 3788 AsyncMac - ok 11:57:48.0406 3788 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:57:48.0436 3788 atapi - ok 11:57:48.0643 3788 ATService (fa47e65aa0c1dbc6dfeb7e9c6f12a5ea) C:\Program Files\Fingerprint Sensor\ATService.exe 11:57:48.0772 3788 ATService - ok 11:57:48.0970 3788 ATSwpWDF (4131dabb573d70fda332a55f206f6cff) C:\Windows\system32\Drivers\ATSwpWDF.sys 11:57:49.0027 3788 ATSwpWDF - ok 11:57:49.0112 3788 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:57:49.0244 3788 AudioEndpointBuilder - ok 11:57:49.0261 3788 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:57:49.0368 3788 AudioSrv - ok 11:57:49.0470 3788 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 11:57:49.0498 3788 avast! Antivirus - ok 11:57:49.0567 3788 AVMCOWAN (43744f1d3cde20f3925f10927c9036c2) C:\Windows\system32\DRIVERS\AVMCOWAN.sys 11:57:49.0627 3788 AVMCOWAN - ok 11:57:49.0675 3788 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 11:57:49.0775 3788 AxInstSV - ok 11:57:49.0844 3788 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:57:49.0936 3788 b06bdrv - ok 11:57:50.0002 3788 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:57:50.0060 3788 b57nd60a - ok 11:57:50.0127 3788 bcbtums (6f29ca4ea1db1888016eb22adae4227d) C:\Windows\system32\drivers\bcbtums.sys 11:57:50.0154 3788 bcbtums - ok 11:57:50.0195 3788 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 11:57:50.0255 3788 BDESVC - ok 11:57:50.0290 3788 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:57:50.0387 3788 Beep - ok 11:57:50.0476 3788 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 11:57:50.0597 3788 BFE - ok 11:57:50.0688 3788 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 11:57:50.0858 3788 BITS - ok 11:57:50.0919 3788 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:57:50.0970 3788 blbdrive - ok 11:57:51.0081 3788 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 11:57:51.0118 3788 Bonjour Service - ok 11:57:51.0168 3788 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:57:51.0247 3788 bowser - ok 11:57:51.0280 3788 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:57:51.0322 3788 BrFiltLo - ok 11:57:51.0328 3788 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:57:51.0368 3788 BrFiltUp - ok 11:57:51.0406 3788 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 11:57:51.0513 3788 Browser - ok 11:57:51.0562 3788 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:57:51.0615 3788 Brserid - ok 11:57:51.0637 3788 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:57:51.0688 3788 BrSerWdm - ok 11:57:51.0724 3788 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:57:51.0769 3788 BrUsbMdm - ok 11:57:51.0775 3788 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:57:51.0816 3788 BrUsbSer - ok 11:57:51.0878 3788 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 11:57:51.0977 3788 BthEnum - ok 11:57:52.0018 3788 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:57:52.0091 3788 BTHMODEM - ok 11:57:52.0124 3788 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 11:57:52.0182 3788 BthPan - ok 11:57:52.0426 3788 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 11:57:52.0501 3788 BTHPORT - ok 11:57:52.0553 3788 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 11:57:52.0655 3788 bthserv - ok 11:57:52.0677 3788 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 11:57:52.0723 3788 BTHUSB - ok 11:57:52.0786 3788 BTWAMPFL (72cc5dcc4e67e7927f94801166cfdcda) C:\Windows\system32\DRIVERS\btwampfl.sys 11:57:52.0814 3788 BTWAMPFL - ok 11:57:52.0897 3788 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\Windows\system32\drivers\btwaudio.sys 11:57:52.0946 3788 btwaudio - ok 11:57:53.0073 3788 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys 11:57:53.0115 3788 btwavdt - ok 11:57:53.0333 3788 btwdins (36e3016bedc45274e00e2943b591aeef) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 11:57:53.0377 3788 btwdins - ok 11:57:53.0393 3788 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys 11:57:53.0411 3788 btwl2cap - ok 11:57:53.0425 3788 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys 11:57:53.0444 3788 btwrchid - ok 11:57:53.0499 3788 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:57:53.0597 3788 cdfs - ok 11:57:53.0645 3788 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:57:53.0688 3788 cdrom - ok 11:57:53.0723 3788 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:57:53.0832 3788 CertPropSvc - ok 11:57:53.0869 3788 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:57:53.0913 3788 circlass - ok 11:57:53.0970 3788 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:57:54.0013 3788 CLFS - ok 11:57:54.0117 3788 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:57:54.0145 3788 clr_optimization_v2.0.50727_32 - ok 11:57:54.0193 3788 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:57:54.0223 3788 clr_optimization_v2.0.50727_64 - ok 11:57:54.0293 3788 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:57:54.0365 3788 clr_optimization_v4.0.30319_32 - ok 11:57:54.0426 3788 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:57:54.0467 3788 clr_optimization_v4.0.30319_64 - ok 11:57:54.0494 3788 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:57:54.0542 3788 CmBatt - ok 11:57:54.0572 3788 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:57:54.0598 3788 cmdide - ok 11:57:54.0663 3788 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 11:57:54.0749 3788 CNG - ok 11:57:54.0803 3788 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:57:54.0829 3788 Compbatt - ok 11:57:54.0841 3788 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:57:54.0886 3788 CompositeBus - ok 11:57:54.0908 3788 COMSysApp - ok 11:57:54.0940 3788 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:57:54.0966 3788 crcdisk - ok 11:57:55.0032 3788 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 11:57:55.0113 3788 CryptSvc - ok 11:57:55.0183 3788 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 11:57:55.0260 3788 CSC - ok 11:57:55.0351 3788 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 11:57:55.0418 3788 CscService - ok 11:57:55.0588 3788 CVPND (eedbab8486e358cdd6687e666941b30c) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe 11:57:55.0668 3788 CVPND - ok 11:57:55.0791 3788 CVPNDRVA (5ba042bcab6246c6bba51606afd7b488) C:\Windows\SysWOW64\Drivers\CVPNDRVA.sys 11:57:55.0820 3788 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning 11:57:55.0820 3788 CVPNDRVA - detected UnsignedFile.Multi.Generic (1) 11:57:55.0939 3788 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:57:56.0065 3788 DcomLaunch - ok 11:57:56.0129 3788 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 11:57:56.0254 3788 defragsvc - ok 11:57:56.0329 3788 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:57:56.0435 3788 DfsC - ok 11:57:56.0497 3788 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 11:57:56.0619 3788 Dhcp - ok 11:57:56.0644 3788 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:57:56.0755 3788 discache - ok 11:57:56.0781 3788 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:57:56.0810 3788 Disk - ok 11:57:56.0852 3788 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys 11:57:56.0917 3788 dmvsc - ok 11:57:56.0955 3788 DNE (c6f7bf3624f946bd70fa991da3c29fdd) C:\Windows\system32\DRIVERS\dne64x.sys 11:57:57.0045 3788 DNE - ok 11:57:57.0114 3788 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 11:57:57.0195 3788 Dnscache - ok 11:57:57.0230 3788 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 11:57:57.0342 3788 dot3svc - ok 11:57:57.0366 3788 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 11:57:57.0473 3788 DPS - ok 11:57:57.0509 3788 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:57:57.0553 3788 drmkaud - ok 11:57:57.0631 3788 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:57:57.0698 3788 DXGKrnl - ok 11:57:57.0754 3788 e1cexpress (dc1776d086aa9733b1929a3d979d9fdd) C:\Windows\system32\DRIVERS\e1c62x64.sys 11:57:57.0790 3788 e1cexpress - ok 11:57:57.0823 3788 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 11:57:57.0924 3788 EapHost - ok 11:57:58.0187 3788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:57:58.0385 3788 ebdrv - ok 11:57:58.0493 3788 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 11:57:58.0562 3788 EFS - ok 11:57:58.0659 3788 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 11:57:58.0741 3788 ehRecvr - ok 11:57:58.0782 3788 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 11:57:58.0833 3788 ehSched - ok 11:57:58.0928 3788 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:57:58.0977 3788 elxstor - ok 11:57:58.0992 3788 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:57:59.0032 3788 ErrDev - ok 11:57:59.0091 3788 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 11:57:59.0206 3788 EventSystem - ok 11:57:59.0366 3788 EvtEng (7a526761229c10b0d8508b905f0fee4c) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 11:57:59.0445 3788 EvtEng - ok 11:57:59.0594 3788 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:57:59.0694 3788 exfat - ok 11:57:59.0730 3788 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:57:59.0838 3788 fastfat - ok 11:57:59.0923 3788 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 11:58:00.0009 3788 Fax - ok 11:58:00.0029 3788 FBIOSDRV (9955bf48fd2fa8d481848cd3024edd0b) C:\Windows\system32\Drivers\FBIOSDRV.sys 11:58:00.0052 3788 FBIOSDRV - ok 11:58:00.0091 3788 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:58:00.0145 3788 fdc - ok 11:58:00.0174 3788 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 11:58:00.0281 3788 fdPHost - ok 11:58:00.0296 3788 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 11:58:00.0403 3788 FDResPub - ok 11:58:00.0430 3788 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:58:00.0458 3788 FileInfo - ok 11:58:00.0476 3788 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:58:00.0588 3788 Filetrace - ok 11:58:00.0630 3788 FJGSDisk (2fa407147f273d7852feb7bda71e54e1) C:\Windows\system32\DRIVERS\FJGSDisk.sys 11:58:00.0656 3788 FJGSDisk - ok 11:58:00.0682 3788 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:58:00.0712 3788 flpydisk - ok 11:58:00.0773 3788 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:58:00.0811 3788 FltMgr - ok 11:58:00.0920 3788 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 11:58:01.0031 3788 FontCache - ok 11:58:01.0114 3788 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:58:01.0137 3788 FontCache3.0.0.0 - ok 11:58:01.0205 3788 FscEfDmi (db75b9978e83c8d1e2a2aece3fece608) C:\Windows\system32\DRIVERS\FscEfDmi.sys 11:58:01.0257 3788 FscEfDmi - ok 11:58:01.0294 3788 FscGabi (4d1f8b1844f3317b4ca2fa7db1af2c98) C:\Windows\system32\DRIVERS\FscGabi.sys 11:58:01.0341 3788 FscGabi - ok 11:58:01.0371 3788 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:58:01.0398 3788 FsDepends - ok 11:58:01.0432 3788 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 11:58:01.0458 3788 Fs_Rec - ok 11:58:01.0494 3788 FUJ02B1 (ba0c1ffda496d8bcbcac63f8d98d20e3) C:\Windows\system32\drivers\FUJ02B1.sys 11:58:01.0545 3788 FUJ02B1 - ok 11:58:01.0595 3788 FUJ02E3 (7135030cbf87d724b6037bb023923730) C:\Windows\system32\drivers\FUJ02E3.sys 11:58:01.0653 3788 FUJ02E3 - ok 11:58:01.0740 3788 FUS2BASE (3d0f2c8b86bcab9a2bc5d5a725f45dcc) C:\Windows\system32\DRIVERS\fus2base.sys 11:58:01.0815 3788 FUS2BASE - ok 11:58:01.0863 3788 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:58:01.0906 3788 fvevol - ok 11:58:01.0938 3788 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:58:01.0965 3788 gagp30kx - ok 11:58:02.0004 3788 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:58:02.0024 3788 GEARAspiWDM - ok 11:58:02.0163 3788 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 11:58:02.0283 3788 gpsvc - ok 11:58:02.0322 3788 guardian2 (fb9ad1e93e445ab84594931b8552501a) C:\Windows\system32\Drivers\oz776x64.sys 11:58:02.0348 3788 guardian2 - ok 11:58:02.0461 3788 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:58:02.0487 3788 gupdate - ok 11:58:02.0501 3788 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:58:02.0523 3788 gupdatem - ok 11:58:02.0600 3788 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:58:02.0628 3788 gusvc - ok 11:58:02.0663 3788 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:58:02.0732 3788 hcw85cir - ok 11:58:02.0791 3788 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:58:02.0847 3788 HdAudAddService - ok 11:58:02.0890 3788 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:58:02.0930 3788 HDAudBus - ok 11:58:02.0964 3788 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:58:03.0007 3788 HidBatt - ok 11:58:03.0026 3788 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:58:03.0078 3788 HidBth - ok 11:58:03.0116 3788 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:58:03.0154 3788 HidIr - ok 11:58:03.0179 3788 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 11:58:03.0287 3788 hidserv - ok 11:58:03.0340 3788 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:58:03.0371 3788 HidUsb - ok 11:58:03.0403 3788 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 11:58:03.0512 3788 hkmsvc - ok 11:58:03.0558 3788 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 11:58:03.0633 3788 HomeGroupListener - ok 11:58:03.0664 3788 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 11:58:03.0719 3788 HomeGroupProvider - ok 11:58:03.0749 3788 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:58:03.0777 3788 HpSAMD - ok 11:58:03.0843 3788 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:58:03.0960 3788 HTTP - ok 11:58:03.0985 3788 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:58:04.0011 3788 hwpolicy - ok 11:58:04.0043 3788 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 11:58:04.0076 3788 i8042prt - ok 11:58:04.0136 3788 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\Windows\system32\drivers\iaStor.sys 11:58:04.0173 3788 iaStor - ok 11:58:04.0237 3788 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:58:04.0280 3788 iaStorV - ok 11:58:04.0424 3788 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:58:04.0482 3788 idsvc - ok 11:58:05.0199 3788 igfx (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:58:05.0764 3788 igfx - ok 11:58:05.0897 3788 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:58:05.0924 3788 iirsp - ok 11:58:06.0009 3788 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 11:58:06.0137 3788 IKEEXT - ok 11:58:06.0146 3788 intaud_WaveExtensible - ok 11:58:06.0335 3788 IntcAzAudAddService (d492d3b5a8ddde1d6621a8c53855eabf) C:\Windows\system32\drivers\RTKVHD64.sys 11:58:06.0472 3788 IntcAzAudAddService - ok 11:58:06.0637 3788 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 11:58:06.0696 3788 IntcDAud - ok 11:58:06.0729 3788 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:58:06.0754 3788 intelide - ok 11:58:06.0784 3788 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 11:58:06.0831 3788 intelppm - ok 11:58:06.0875 3788 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 11:58:06.0987 3788 IPBusEnum - ok 11:58:07.0009 3788 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:58:07.0112 3788 IpFilterDriver - ok 11:58:07.0178 3788 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 11:58:07.0301 3788 iphlpsvc - ok 11:58:07.0330 3788 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:58:07.0369 3788 IPMIDRV - ok 11:58:07.0407 3788 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:58:07.0503 3788 IPNAT - ok 11:58:07.0637 3788 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 11:58:07.0696 3788 iPod Service - ok 11:58:07.0735 3788 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:58:07.0777 3788 IRENUM - ok 11:58:07.0791 3788 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:58:07.0817 3788 isapnp - ok 11:58:07.0860 3788 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:58:07.0897 3788 iScsiPrt - ok 11:58:07.0903 3788 iwdbus - ok 11:58:07.0952 3788 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 11:58:07.0980 3788 kbdclass - ok 11:58:07.0997 3788 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 11:58:08.0037 3788 kbdhid - ok 11:58:08.0071 3788 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:58:08.0103 3788 KeyIso - ok 11:58:08.0131 3788 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 11:58:08.0160 3788 KSecDD - ok 11:58:08.0184 3788 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 11:58:08.0216 3788 KSecPkg - ok 11:58:08.0265 3788 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:58:08.0367 3788 ksthunk - ok 11:58:08.0417 3788 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 11:58:08.0533 3788 KtmRm - ok 11:58:08.0587 3788 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 11:58:08.0712 3788 LanmanServer - ok 11:58:08.0754 3788 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 11:58:08.0859 3788 LanmanWorkstation - ok 11:58:08.0889 3788 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:58:08.0989 3788 lltdio - ok 11:58:09.0041 3788 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 11:58:09.0144 3788 lltdsvc - ok 11:58:09.0158 3788 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 11:58:09.0252 3788 lmhosts - ok 11:58:09.0343 3788 LMS (a63b719f4f8657f3fcd84436d09378c8) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 11:58:09.0378 3788 LMS - ok 11:58:09.0423 3788 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:58:09.0453 3788 LSI_FC - ok 11:58:09.0475 3788 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:58:09.0504 3788 LSI_SAS - ok 11:58:09.0538 3788 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:58:09.0566 3788 LSI_SAS2 - ok 11:58:09.0595 3788 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:58:09.0625 3788 LSI_SCSI - ok 11:58:09.0677 3788 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:58:09.0784 3788 luafv - ok 11:58:09.0845 3788 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 11:58:09.0872 3788 MBAMProtector - ok 11:58:09.0977 3788 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:58:10.0022 3788 MBAMService - ok 11:58:10.0056 3788 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 11:58:10.0093 3788 Mcx2Svc - ok 11:58:10.0112 3788 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:58:10.0138 3788 megasas - ok 11:58:10.0218 3788 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:58:10.0255 3788 MegaSR - ok 11:58:10.0288 3788 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 11:58:10.0311 3788 MEIx64 - ok 11:58:10.0393 3788 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 11:58:10.0417 3788 Microsoft Office Groove Audit Service - ok 11:58:10.0450 3788 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:58:10.0556 3788 MMCSS - ok 11:58:10.0576 3788 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:58:10.0677 3788 Modem - ok 11:58:10.0713 3788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:58:10.0768 3788 monitor - ok 11:58:10.0798 3788 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:58:10.0825 3788 mouclass - ok 11:58:10.0882 3788 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:58:10.0920 3788 mouhid - ok 11:58:10.0944 3788 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:58:10.0973 3788 mountmgr - ok 11:58:11.0061 3788 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:58:11.0094 3788 MozillaMaintenance - ok 11:58:11.0133 3788 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:58:11.0169 3788 mpio - ok 11:58:11.0183 3788 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:58:11.0277 3788 mpsdrv - ok 11:58:11.0358 3788 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 11:58:11.0486 3788 MpsSvc - ok 11:58:11.0521 3788 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:58:11.0583 3788 MRxDAV - ok 11:58:11.0637 3788 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:58:11.0716 3788 mrxsmb - ok 11:58:11.0783 3788 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:58:11.0829 3788 mrxsmb10 - ok 11:58:11.0858 3788 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:58:11.0918 3788 mrxsmb20 - ok 11:58:11.0951 3788 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:58:11.0978 3788 msahci - ok 11:58:12.0002 3788 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:58:12.0033 3788 msdsm - ok 11:58:12.0069 3788 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 11:58:12.0119 3788 MSDTC - ok 11:58:12.0144 3788 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:58:12.0246 3788 Msfs - ok 11:58:12.0272 3788 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:58:12.0381 3788 mshidkmdf - ok 11:58:12.0397 3788 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:58:12.0423 3788 msisadrv - ok 11:58:12.0474 3788 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 11:58:12.0580 3788 MSiSCSI - ok 11:58:12.0587 3788 msiserver - ok 11:58:12.0623 3788 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:58:12.0713 3788 MSKSSRV - ok 11:58:12.0720 3788 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:58:12.0819 3788 MSPCLOCK - ok 11:58:12.0825 3788 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:58:12.0919 3788 MSPQM - ok 11:58:12.0986 3788 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:58:13.0027 3788 MsRPC - ok 11:58:13.0051 3788 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:58:13.0078 3788 mssmbios - ok 11:58:13.0130 3788 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:58:13.0228 3788 MSTEE - ok 11:58:13.0243 3788 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:58:13.0286 3788 MTConfig - ok 11:58:13.0329 3788 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:58:13.0356 3788 Mup - ok 11:58:13.0415 3788 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 11:58:13.0531 3788 napagent - ok 11:58:13.0588 3788 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:58:13.0646 3788 NativeWifiP - ok 11:58:13.0717 3788 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 11:58:13.0784 3788 NDIS - ok 11:58:13.0821 3788 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:58:13.0923 3788 NdisCap - ok 11:58:13.0959 3788 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:58:14.0064 3788 NdisTapi - ok 11:58:14.0086 3788 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:58:14.0188 3788 Ndisuio - ok 11:58:14.0227 3788 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:58:14.0333 3788 NdisWan - ok 11:58:14.0353 3788 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:58:14.0455 3788 NDProxy - ok 11:58:14.0616 3788 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 11:58:14.0676 3788 Nero BackItUp Scheduler 4.0 - ok 11:58:14.0720 3788 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:58:14.0822 3788 NetBIOS - ok 11:58:14.0856 3788 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:58:14.0959 3788 NetBT - ok 11:58:14.0994 3788 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:58:15.0028 3788 Netlogon - ok 11:58:15.0091 3788 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 11:58:15.0196 3788 Netman - ok 11:58:15.0291 3788 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:58:15.0320 3788 NetMsmqActivator - ok 11:58:15.0326 3788 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:58:15.0351 3788 NetPipeActivator - ok 11:58:15.0404 3788 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 11:58:15.0512 3788 netprofm - ok 11:58:15.0519 3788 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:58:15.0544 3788 NetTcpActivator - ok 11:58:15.0550 3788 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:58:15.0575 3788 NetTcpPortSharing - ok 11:58:16.0105 3788 NETwNs64 (774c9eccef83ab8a3d1466f19809c95f) C:\Windows\system32\DRIVERS\NETwNs64.sys 11:58:16.0519 3788 NETwNs64 - ok 11:58:16.0643 3788 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:58:16.0670 3788 nfrd960 - ok 11:58:16.0721 3788 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 11:58:16.0829 3788 NlaSvc - ok 11:58:16.0861 3788 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:58:16.0967 3788 Npfs - ok 11:58:17.0005 3788 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 11:58:17.0099 3788 nsi - ok 11:58:17.0120 3788 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:58:17.0222 3788 nsiproxy - ok 11:58:17.0357 3788 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:58:17.0454 3788 Ntfs - ok 11:58:17.0570 3788 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:58:17.0667 3788 Null - ok 11:58:17.0708 3788 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys 11:58:17.0749 3788 nusb3hub - ok 11:58:17.0782 3788 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys 11:58:17.0842 3788 nusb3xhc - ok 11:58:17.0886 3788 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:58:17.0918 3788 nvraid - ok 11:58:17.0934 3788 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:58:17.0966 3788 nvstor - ok 11:58:17.0999 3788 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:58:18.0029 3788 nv_agp - ok 11:58:18.0138 3788 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 11:58:18.0179 3788 odserv - ok 11:58:18.0235 3788 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:58:18.0293 3788 ohci1394 - ok 11:58:18.0349 3788 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:58:18.0378 3788 ose - ok 11:58:18.0424 3788 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:58:18.0518 3788 p2pimsvc - ok 11:58:18.0573 3788 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 11:58:18.0630 3788 p2psvc - ok 11:58:18.0670 3788 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:58:18.0702 3788 Parport - ok 11:58:18.0744 3788 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 11:58:18.0773 3788 partmgr - ok 11:58:18.0812 3788 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 11:58:18.0882 3788 PcaSvc - ok 11:58:18.0928 3788 pci (b26e102e0f54773119b162f56c9dd994) C:\Windows\system32\drivers\pci.sys 11:58:18.0962 3788 pci - ok 11:58:18.0981 3788 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:58:19.0007 3788 pciide - ok 11:58:19.0043 3788 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:58:19.0078 3788 pcmcia - ok 11:58:19.0105 3788 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:58:19.0133 3788 pcw - ok 11:58:19.0195 3788 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:58:19.0313 3788 PEAUTH - ok 11:58:19.0438 3788 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 11:58:19.0552 3788 PeerDistSvc - ok 11:58:19.0632 3788 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 11:58:19.0684 3788 PerfHost - ok 11:58:19.0799 3788 PFNService (6ce8bb00a615a4f3fa2f36fdb2ef4efa) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe 11:58:19.0834 3788 PFNService ( UnsignedFile.Multi.Generic ) - warning 11:58:19.0835 3788 PFNService - detected UnsignedFile.Multi.Generic (1) 11:58:19.0982 3788 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 11:58:20.0131 3788 pla - ok 11:58:20.0199 3788 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 11:58:20.0280 3788 PlugPlay - ok 11:58:20.0303 3788 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 11:58:20.0348 3788 PNRPAutoReg - ok 11:58:20.0389 3788 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:58:20.0430 3788 PNRPsvc - ok 11:58:20.0490 3788 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 11:58:20.0603 3788 PolicyAgent - ok 11:58:20.0648 3788 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll 11:58:20.0723 3788 Power - ok 11:58:20.0805 3788 PowerSavingUtilityService (76ff4836efa78dbf3f39f612d88ca7e7) C:\Program Files\Fujitsu\PSUtility\PSUService.exe 11:58:20.0827 3788 PowerSavingUtilityService - ok 11:58:20.0887 3788 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:58:20.0994 3788 PptpMiniport - ok 11:58:21.0018 3788 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:58:21.0066 3788 Processor - ok 11:58:21.0103 3788 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 11:58:21.0167 3788 ProfSvc - ok 11:58:21.0194 3788 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:58:21.0226 3788 ProtectedStorage - ok 11:58:21.0264 3788 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:58:21.0375 3788 Psched - ok 11:58:21.0478 3788 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:58:21.0569 3788 ql2300 - ok 11:58:21.0696 3788 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:58:21.0727 3788 ql40xx - ok 11:58:21.0772 3788 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 11:58:21.0827 3788 QWAVE - ok 11:58:21.0850 3788 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:58:21.0912 3788 QWAVEdrv - ok 11:58:21.0933 3788 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:58:22.0033 3788 RasAcd - ok 11:58:22.0073 3788 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:58:22.0165 3788 RasAgileVpn - ok 11:58:22.0199 3788 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 11:58:22.0304 3788 RasAuto - ok 11:58:22.0346 3788 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:58:22.0451 3788 Rasl2tp - ok 11:58:22.0514 3788 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 11:58:22.0628 3788 RasMan - ok 11:58:22.0671 3788 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:58:22.0779 3788 RasPppoe - ok 11:58:22.0808 3788 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:58:22.0910 3788 RasSstp - ok 11:58:22.0946 3788 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:58:23.0066 3788 rdbss - ok 11:58:23.0090 3788 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 11:58:23.0134 3788 rdpbus - ok 11:58:23.0148 3788 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:58:23.0254 3788 RDPCDD - ok 11:58:23.0293 3788 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 11:58:23.0345 3788 RDPDR - ok 11:58:23.0375 3788 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:58:23.0476 3788 RDPENCDD - ok 11:58:23.0496 3788 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:58:23.0596 3788 RDPREFMP - ok 11:58:23.0635 3788 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 11:58:23.0704 3788 RDPWD - ok 11:58:23.0753 3788 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:58:23.0788 3788 rdyboost - ok 11:58:23.0897 3788 RegSrvc (2ec95080fad2621c5e3034de4c39a2a3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 11:58:23.0950 3788 RegSrvc - ok 11:58:23.0981 3788 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 11:58:24.0103 3788 RemoteAccess - ok 11:58:24.0148 3788 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 11:58:24.0263 3788 RemoteRegistry - ok 11:58:24.0337 3788 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 11:58:24.0393 3788 RFCOMM - ok 11:58:24.0436 3788 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 11:58:24.0533 3788 RpcEptMapper - ok 11:58:24.0560 3788 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 11:58:24.0596 3788 RpcLocator - ok 11:58:24.0667 3788 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:58:24.0773 3788 RpcSs - ok 11:58:24.0851 3788 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys 11:58:24.0889 3788 RSPCIESTOR - ok 11:58:24.0932 3788 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:58:25.0036 3788 rspndr - ok 11:58:25.0063 3788 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 11:58:25.0099 3788 s3cap - ok 11:58:25.0139 3788 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:58:25.0171 3788 SamSs - ok 11:58:25.0456 3788 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe 11:58:25.0628 3788 SBAMSvc - ok 11:58:25.0767 3788 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys 11:58:25.0792 3788 sbapifs - ok 11:58:25.0872 3788 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\Windows\system32\drivers\SbFw.sys 11:58:25.0904 3788 SbFw - ok 11:58:25.0931 3788 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\sbfwim.sys 11:58:25.0958 3788 SBFWIMCL - ok 11:58:25.0976 3788 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\SBFWIM.sys 11:58:26.0001 3788 SBFWIMCLMP - ok 11:58:26.0021 3788 sbhips (b671eef468d13016b9286f5835a06ae1) C:\Windows\system32\drivers\sbhips.sys 11:58:26.0045 3788 sbhips - ok 11:58:26.0080 3788 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:58:26.0111 3788 sbp2port - ok 11:58:26.0148 3788 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys 11:58:26.0171 3788 SBRE - ok 11:58:26.0233 3788 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\Windows\system32\DRIVERS\sbwtis.sys 11:58:26.0258 3788 sbwtis - ok 11:58:26.0339 3788 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 11:58:26.0452 3788 SCardSvr - ok 11:58:26.0480 3788 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:58:26.0578 3788 scfilter - ok 11:58:26.0672 3788 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 11:58:26.0800 3788 Schedule - ok 11:58:26.0825 3788 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:58:26.0913 3788 SCPolicySvc - ok 11:58:26.0966 3788 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 11:58:27.0020 3788 sdbus - ok 11:58:27.0063 3788 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 11:58:27.0133 3788 SDRSVC - ok 11:58:27.0166 3788 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:58:27.0256 3788 secdrv - ok 11:58:27.0292 3788 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 11:58:27.0400 3788 seclogon - ok 11:58:27.0419 3788 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 11:58:27.0535 3788 SENS - ok 11:58:27.0574 3788 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 11:58:27.0644 3788 SensrSvc - ok 11:58:27.0669 3788 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:58:27.0711 3788 Serenum - ok 11:58:27.0737 3788 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:58:27.0771 3788 Serial - ok 11:58:27.0800 3788 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:58:27.0838 3788 sermouse - ok 11:58:27.0877 3788 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 11:58:27.0989 3788 SessionEnv - ok 11:58:28.0003 3788 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:58:28.0049 3788 sffdisk - ok 11:58:28.0062 3788 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:58:28.0109 3788 sffp_mmc - ok 11:58:28.0122 3788 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:58:28.0174 3788 sffp_sd - ok 11:58:28.0208 3788 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:58:28.0252 3788 sfloppy - ok 11:58:28.0318 3788 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 11:58:28.0431 3788 SharedAccess - ok 11:58:28.0485 3788 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 11:58:28.0598 3788 ShellHWDetection - ok 11:58:28.0711 3788 Sierra Wireless QDL Service (f16269f0a47cbbf4578204283ac0d6b3) C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe 11:58:28.0741 3788 Sierra Wireless QDL Service - ok 11:58:28.0760 3788 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:58:28.0787 3788 SiSRaid2 - ok 11:58:28.0826 3788 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:58:28.0855 3788 SiSRaid4 - ok 11:58:28.0889 3788 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:58:28.0998 3788 Smb - ok 11:58:29.0057 3788 snapman (b2c19ae46c5a109679b4fb38058df05a) C:\Windows\system32\DRIVERS\snapman.sys 11:58:29.0092 3788 snapman - ok 11:58:29.0130 3788 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 11:58:29.0176 3788 SNMPTRAP - ok 11:58:29.0304 3788 SNP2UVC (9cd1c53490eb5601870a69a8e40f7b12) C:\Windows\system32\DRIVERS\snp2uvc.sys 11:58:29.0414 3788 SNP2UVC - ok 11:58:29.0532 3788 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:58:29.0558 3788 spldr - ok 11:58:29.0626 3788 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 11:58:29.0736 3788 Spooler - ok 11:58:29.0948 3788 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 11:58:30.0163 3788 sppsvc - ok 11:58:30.0279 3788 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 11:58:30.0384 3788 sppuinotify - ok 11:58:30.0491 3788 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:58:30.0553 3788 srv - ok 11:58:30.0623 3788 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:58:30.0680 3788 srv2 - ok 11:58:30.0714 3788 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:58:30.0761 3788 srvnet - ok 11:58:30.0811 3788 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 11:58:30.0927 3788 SSDPSRV - ok 11:58:30.0952 3788 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 11:58:31.0051 3788 SstpSvc - ok 11:58:31.0085 3788 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:58:31.0112 3788 stexstor - ok 11:58:31.0186 3788 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 11:58:31.0266 3788 stisvc - ok 11:58:31.0320 3788 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 11:58:31.0348 3788 storflt - ok 11:58:31.0402 3788 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 11:58:31.0474 3788 StorSvc - ok 11:58:31.0529 3788 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 11:58:31.0556 3788 storvsc - ok 11:58:31.0569 3788 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:58:31.0595 3788 swenum - ok 11:58:31.0634 3788 swg3kflt00 (27fa8ebc9a28b57658f6747473cb5c8e) C:\Windows\system32\DRIVERS\swg3kflt00.sys 11:58:31.0684 3788 swg3kflt00 - ok 11:58:31.0757 3788 swg3kmbb00 (d74305444436e41beb59ff2260a6394a) C:\Windows\system32\DRIVERS\swg3kmbb00.sys 11:58:31.0821 3788 swg3kmbb00 - ok 11:58:31.0865 3788 swg3knmea00 (143b763e71df2ed586c278541f89432d) C:\Windows\system32\DRIVERS\swg3knmea00.sys 11:58:31.0923 3788 swg3knmea00 - ok 11:58:31.0975 3788 swg3kser00 (143b763e71df2ed586c278541f89432d) C:\Windows\system32\DRIVERS\swg3kser00.sys 11:58:32.0007 3788 swg3kser00 - ok 11:58:32.0029 3788 swibus00 (b49e9db5401ecc28a104e64f5434a38e) C:\Windows\system32\DRIVERS\swibus00.sys 11:58:32.0067 3788 swibus00 - ok 11:58:32.0094 3788 swibusflt00 (b49e9db5401ecc28a104e64f5434a38e) C:\Windows\system32\DRIVERS\swibusflt00.sys 11:58:32.0119 3788 swibusflt00 - ok 11:58:32.0173 3788 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 11:58:32.0294 3788 swprv - ok 11:58:32.0354 3788 SynTP (3c08fb2829a5304825f974b1631dedfa) C:\Windows\system32\DRIVERS\SynTP.sys 11:58:32.0389 3788 SynTP - ok 11:58:32.0527 3788 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 11:58:32.0646 3788 SysMain - ok 11:58:32.0748 3788 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 11:58:32.0799 3788 TabletInputService - ok 11:58:32.0837 3788 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 11:58:32.0954 3788 TapiSrv - ok 11:58:32.0986 3788 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 11:58:33.0084 3788 TBS - ok 11:58:33.0252 3788 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 11:58:33.0362 3788 Tcpip - ok 11:58:33.0603 3788 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 11:58:33.0702 3788 TCPIP6 - ok 11:58:33.0833 3788 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:58:33.0929 3788 tcpipreg - ok 11:58:33.0954 3788 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:58:34.0014 3788 TDPIPE - ok 11:58:34.0128 3788 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys 11:58:34.0205 3788 tdrpman273 - ok 11:58:34.0239 3788 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 11:58:34.0280 3788 TDTCP - ok 11:58:34.0308 3788 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:58:34.0409 3788 tdx - ok 11:58:34.0439 3788 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:58:34.0468 3788 TermDD - ok 11:58:34.0545 3788 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 11:58:34.0667 3788 TermService - ok 11:58:34.0690 3788 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 11:58:34.0751 3788 Themes - ok 11:58:34.0773 3788 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:58:34.0866 3788 THREADORDER - ok 11:58:34.0944 3788 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys 11:58:35.0006 3788 timounter - ok 11:58:35.0052 3788 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 11:58:35.0100 3788 TPM - ok 11:58:35.0141 3788 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 11:58:35.0255 3788 TrkWks - ok 11:58:35.0312 3788 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 11:58:35.0416 3788 TrustedInstaller - ok 11:58:35.0448 3788 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:58:35.0553 3788 tssecsrv - ok 11:58:35.0580 3788 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:58:35.0650 3788 TsUsbFlt - ok 11:58:35.0679 3788 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 11:58:35.0712 3788 TsUsbGD - ok 11:58:35.0762 3788 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:58:35.0868 3788 tunnel - ok 11:58:35.0896 3788 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:58:35.0925 3788 uagp35 - ok 11:58:35.0963 3788 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:58:36.0078 3788 udfs - ok 11:58:36.0118 3788 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 11:58:36.0157 3788 UI0Detect - ok 11:58:36.0184 3788 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:58:36.0212 3788 uliagpkx - ok 11:58:36.0241 3788 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 11:58:36.0272 3788 umbus - ok 11:58:36.0293 3788 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 11:58:36.0331 3788 UmPass - ok 11:58:36.0383 3788 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 11:58:36.0441 3788 UmRdpService - ok 11:58:36.0664 3788 UNS (e419566c7918a4c8e9497afbd502fb2a) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 11:58:36.0802 3788 UNS - ok 11:58:36.0922 3788 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 11:58:37.0040 3788 upnphost - ok 11:58:37.0121 3788 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 11:58:37.0156 3788 USBAAPL64 - ok 11:58:37.0190 3788 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 11:58:37.0250 3788 usbccgp - ok 11:58:37.0293 3788 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:58:37.0344 3788 usbcir - ok 11:58:37.0379 3788 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:58:37.0424 3788 usbehci - ok 11:58:37.0491 3788 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys 11:58:37.0544 3788 usbhub - ok 11:58:37.0580 3788 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 11:58:37.0625 3788 usbohci - ok 11:58:37.0644 3788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 11:58:37.0711 3788 usbprint - ok 11:58:37.0754 3788 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:58:37.0811 3788 USBSTOR - ok 11:58:37.0840 3788 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 11:58:37.0873 3788 usbuhci - ok 11:58:37.0916 3788 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 11:58:37.0969 3788 usbvideo - ok 11:58:37.0999 3788 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 11:58:38.0105 3788 UxSms - ok 11:58:38.0140 3788 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:58:38.0171 3788 VaultSvc - ok 11:58:38.0185 3788 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:58:38.0212 3788 vdrvroot - ok 11:58:38.0269 3788 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 11:58:38.0379 3788 vds - ok 11:58:38.0425 3788 vflt (00c7df4f50962ba218ab60d32869100b) C:\Windows\system32\DRIVERS\vfilter.sys 11:58:38.0451 3788 vflt ( UnsignedFile.Multi.Generic ) - warning 11:58:38.0451 3788 vflt - detected UnsignedFile.Multi.Generic (1) 11:58:38.0502 3788 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:58:38.0539 3788 vga - ok 11:58:38.0562 3788 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:58:38.0662 3788 VgaSave - ok 11:58:38.0698 3788 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:58:38.0732 3788 vhdmp - ok 11:58:38.0756 3788 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:58:38.0783 3788 viaide - ok 11:58:38.0821 3788 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 11:58:38.0855 3788 vmbus - ok 11:58:38.0883 3788 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 11:58:38.0924 3788 VMBusHID - ok 11:58:38.0968 3788 vnet (a99ca064ad11266fe7067a79bf78bbb5) C:\Windows\system32\DRIVERS\virtualnet.sys 11:58:38.0979 3788 vnet ( UnsignedFile.Multi.Generic ) - warning 11:58:38.0979 3788 vnet - detected UnsignedFile.Multi.Generic (1) 11:58:39.0033 3788 volmgr (071e1b172d49154ee1d23a2acc472efb) C:\Windows\system32\drivers\volmgr.sys 11:58:39.0061 3788 volmgr - ok 11:58:39.0119 3788 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:58:39.0168 3788 volmgrx - ok 11:58:39.0202 3788 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys 11:58:39.0241 3788 volsnap - ok 11:58:39.0271 3788 vsdatant - ok 11:58:39.0305 3788 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:58:39.0338 3788 vsmraid - ok 11:58:39.0457 3788 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 11:58:39.0615 3788 VSS - ok 11:58:39.0743 3788 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:58:39.0796 3788 vwifibus - ok 11:58:39.0821 3788 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:58:39.0877 3788 vwififlt - ok 11:58:39.0899 3788 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 11:58:39.0942 3788 vwifimp - ok 11:58:39.0994 3788 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 11:58:40.0112 3788 W32Time - ok 11:58:40.0155 3788 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:58:40.0194 3788 WacomPen - ok 11:58:40.0233 3788 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:58:40.0328 3788 WANARP - ok 11:58:40.0335 3788 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:58:40.0423 3788 Wanarpv6 - ok 11:58:40.0544 3788 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 11:58:40.0652 3788 wbengine - ok 11:58:40.0765 3788 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 11:58:40.0833 3788 WbioSrvc - ok 11:58:40.0877 3788 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 11:58:40.0951 3788 wcncsvc - ok 11:58:40.0987 3788 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 11:58:41.0056 3788 WcsPlugInService - ok 11:58:41.0102 3788 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:58:41.0128 3788 Wd - ok 11:58:41.0190 3788 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:58:41.0244 3788 Wdf01000 - ok 11:58:41.0273 3788 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:58:41.0381 3788 WdiServiceHost - ok 11:58:41.0388 3788 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:58:41.0439 3788 WdiSystemHost - ok 11:58:41.0486 3788 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 11:58:41.0546 3788 WebClient - ok 11:58:41.0582 3788 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 11:58:41.0686 3788 Wecsvc - ok 11:58:41.0707 3788 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 11:58:41.0821 3788 wercplsupport - ok 11:58:41.0864 3788 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 11:58:41.0971 3788 WerSvc - ok 11:58:42.0032 3788 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:58:42.0122 3788 WfpLwf - ok 11:58:42.0142 3788 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:58:42.0168 3788 WIMMount - ok 11:58:42.0231 3788 WinDefend - ok 11:58:42.0244 3788 WinHttpAutoProxySvc - ok 11:58:42.0321 3788 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 11:58:42.0430 3788 Winmgmt - ok 11:58:42.0576 3788 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 11:58:42.0736 3788 WinRM - ok 11:58:42.0883 3788 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 11:58:42.0933 3788 WinUsb - ok 11:58:43.0024 3788 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 11:58:43.0101 3788 Wlansvc - ok 11:58:43.0177 3788 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 11:58:43.0200 3788 wlcrasvc - ok 11:58:43.0402 3788 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:58:43.0513 3788 wlidsvc - ok 11:58:43.0635 3788 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:58:43.0665 3788 WmiAcpi - ok 11:58:43.0750 3788 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 11:58:43.0800 3788 wmiApSrv - ok 11:58:43.0852 3788 WMPNetworkSvc - ok 11:58:43.0886 3788 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 11:58:43.0938 3788 WPCSvc - ok 11:58:43.0976 3788 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 11:58:44.0021 3788 WPDBusEnum - ok 11:58:44.0049 3788 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:58:44.0139 3788 ws2ifsl - ok 11:58:44.0181 3788 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 11:58:44.0250 3788 wscsvc - ok 11:58:44.0287 3788 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 11:58:44.0332 3788 WSDPrintDevice - ok 11:58:44.0339 3788 WSearch - ok 11:58:44.0508 3788 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 11:58:44.0648 3788 wuauserv - ok 11:58:44.0775 3788 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:58:44.0866 3788 WudfPf - ok 11:58:44.0897 3788 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:58:44.0997 3788 WUDFRd - ok 11:58:45.0027 3788 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 11:58:45.0123 3788 wudfsvc - ok 11:58:45.0159 3788 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 11:58:45.0232 3788 WwanSvc - ok 11:58:45.0363 3788 ZcfgSvc7 (ee46baf6a85b9d7c40dadc2eda73df26) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe 11:58:45.0421 3788 ZcfgSvc7 - ok 11:58:45.0478 3788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 11:58:45.0837 3788 \Device\Harddisk0\DR0 - ok 11:58:45.0861 3788 Boot (0x1200) (a5431a2c4f9c7e11fe02680e7fa29459) \Device\Harddisk0\DR0\Partition0 11:58:45.0864 3788 \Device\Harddisk0\DR0\Partition0 - ok 11:58:45.0888 3788 Boot (0x1200) (b3152ce8c105252c232df8eeaaf5480d) \Device\Harddisk0\DR0\Partition1 11:58:45.0891 3788 \Device\Harddisk0\DR0\Partition1 - ok 11:58:45.0892 3788 ============================================================ 11:58:45.0892 3788 Scan finished 11:58:45.0892 3788 ============================================================ 11:58:45.0904 2080 Detected object count: 4 11:58:45.0904 2080 Actual detected object count: 4 12:17:07.0906 2080 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 12:17:07.0906 2080 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:17:07.0908 2080 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user 12:17:07.0908 2080 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:17:07.0911 2080 vflt ( UnsignedFile.Multi.Generic ) - skipped by user 12:17:07.0911 2080 vflt ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:17:07.0915 2080 vnet ( UnsignedFile.Multi.Generic ) - skipped by user 12:17:07.0915 2080 vnet ( UnsignedFile.Multi.Generic ) - User select action: Skip Zitat:
This sample is goodware. #goodware Die Ventilatoren laufen. Allerdings nur selten hörbar. Ob as verstaubt ist sehe ich nicht. Ich kann mir aber nicht vorstellen, dass das Hängenbleiben ein Temperaturproblem ist. Jetzt mach ich weiter mit OTL, mit den oben genannten Einstellungen OTL logfile created on: 7/18/2012 12:33:55 PM - Run 2 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.84 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 39.60% Memory free 7.68 Gb Paging File | 5.27 Gb Available in Paging File | 68.67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 127.00 Gb Total Space | 17.53 Gb Free Space | 13.81% Space Free | Partition Type: NTFS Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Laptop\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann) PRC - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe () PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) PRC - C:\PROGRA~2\AD-AWA~1\AdAware.exe (Lavasoft Limited) PRC - C:\Program Files (x86)\Safari\Safari.exe (Apple Inc.) PRC - C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe (Apple Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) PRC - C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe (Sierra Wireless, Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Windows\vsnp2uvc.exe (Sonix) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () MOD - C:\Program Files (x86)\Hardcopy\HcDLL2_37_Win32.dll () MOD - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe () MOD - C:\Program Files (x86)\Hardcopy\hardcopy_05.dll () MOD - C:\Program Files (x86)\Hardcopy\HcDllS.dll () MOD - C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (ZcfgSvc7) Intel(R) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe (Intel(R) Corporation) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED) SRV:64bit: - (ATService) -- C:\Program Files\Fingerprint Sensor\ATService.exe (AuthenTec, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) SRV - (Sierra Wireless QDL Service) -- C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe (Sierra Wireless, Inc.) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (GFI Software) DRV:64bit: - (sbwtis) -- C:\Windows\SysNative\drivers\sbwtis.sys (GFI Software) DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (GFI Software) DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis) DRV:64bit: - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis) DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis) DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software) DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\sbredrv.sys (GFI Software) DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software) DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software) DRV:64bit: - (FscGabi) -- C:\Windows\SysNative\drivers\FscGabi.sys (Fujitsu Technology Solutions) DRV:64bit: - (FscEfDmi) -- C:\Windows\SysNative\drivers\FscEfDmi.sys (Fujitsu Technology Solutions) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (swg3kmbb00) -- C:\Windows\SysNative\drivers\swg3kmbb00.sys (Sierra Wireless Incorporated) DRV:64bit: - (swibusflt00) -- C:\Windows\SysNative\drivers\swibusflt00.sys (Sierra Wireless Inc.) DRV:64bit: - (swibus00) -- C:\Windows\SysNative\drivers\swibus00.sys (Sierra Wireless Inc.) DRV:64bit: - (swg3kflt00) -- C:\Windows\SysNative\drivers\swg3kflt00.sys (Sierra Wireless Incorporated) DRV:64bit: - (swg3kser00) -- C:\Windows\SysNative\drivers\swg3kser00.sys (Sierra Wireless Incorporated) DRV:64bit: - (swg3knmea00) -- C:\Windows\SysNative\drivers\swg3knmea00.sys (Sierra Wireless Incorporated) DRV:64bit: - (e1cexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys () DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.) DRV:64bit: - (FJGSDisk) -- C:\Windows\SysNative\drivers\FJGSDisk.sys (FUJITSU LIMITED) DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (vflt) -- C:\Windows\SysNative\drivers\vfilter.sys (Shrew Soft Inc) DRV:64bit: - (vnet) -- C:\Windows\SysNative\drivers\virtualnet.sys (Shrew Soft Inc) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (guardian2) -- C:\Windows\SysNative\drivers\oz776x64.sys (O2Micro) DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (FUS2BASE) -- C:\Windows\SysNative\drivers\fus2base.sys (AVM Berlin) DRV:64bit: - (AVMCOWAN) -- C:\Windows\SysNative\drivers\avmcowan.sys (AVM GmbH) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED) DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED) DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.) DRV - (SBRE) -- C:\Windows\SysWOW64\drivers\SBREDrv.sys (GFI Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (CVPNDRVA) -- C:\Windows\SysWOW64\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (DNE) -- C:\Windows\SysWOW64\drivers\dne64x.sys (Deterministic Networks, Inc.) DRV - (vsdatant) -- C:\Windows\SysWOW64\vsdatant.sys (Zone Labs LLC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186} IE:64bit: - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186} IE - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Fujitsu Technology Solutions IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fujitsu Technology Solutions IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\..\SearchScopes,DefaultScope = {D5F17733-DD7D-4C1E-A875-39236ADC9DEE} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searc} IE - HKCU\..\SearchScopes\{D5F17733-DD7D-4C1E-A875-39236ADC9DEE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/10 11:35:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 10:25:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/22 10:45:09 | 000,000,000 | ---D | M] [2012/01/27 08:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Extensions [2012/07/11 08:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions [2012/06/26 12:06:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012/01/27 12:00:08 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012/07/11 14:32:54 | 000,002,385 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\7q6ocu5b.default\searchplugins\youtube.xml [2012/02/05 19:27:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/07/10 11:35:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2012/06/26 08:59:44 | 000,339,843 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI [2012/06/13 08:03:18 | 000,009,485 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{BA2430E0-5B72-4CAC-BC9E-7D1AACA75D3D}.XPI [2012/06/13 08:03:18 | 000,010,443 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SHOWTHEIMAGE@BRUNWIN.NET.XPI [2012/06/13 08:03:18 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI [2012/01/27 09:59:07 | 000,008,362 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\TOGGLEPRIVATEBROWSING@SUPERNOVA00.BIZ.XPI [2012/06/17 10:25:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/02/03 14:50:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012/06/17 10:25:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/06/17 10:25:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/06/17 10:25:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/06/17 10:25:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/06/17 10:25:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/06/17 10:25:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: Google CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: Google CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: avast! WebRep = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - Startup: C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK = C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_64.CAB (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10BEEE1C-6AEA-47DD-8CDF-010DC88F9374}: NameServer = 192.168.0.254 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell - "" = AutoRun O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell - "" = AutoRun O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/18 12:34:05 | 000,623,304 | ---- | C] (No company) -- C:\Users\Laptop\Desktop\LanmanCheck.exe [2012/07/18 11:56:19 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\TDS [2012/07/18 09:15:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe [2012/07/18 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Malwarebytes [2012/07/18 08:32:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/07/18 08:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/07/18 08:32:02 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/07/18 08:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/07/18 08:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012/07/16 20:25:31 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2012/07/16 20:23:32 | 000,131,584 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\drivers\dne64x.sys [2012/07/16 20:23:32 | 000,110,080 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\dnei64x.dll [2012/07/16 20:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client [2012/07/16 20:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Deterministic Networks [2012/07/16 20:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems [2012/07/16 20:14:00 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Shrew Soft VPN [2012/07/16 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\ShrewSoft [2012/07/13 13:23:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Christoph Küche [2012/07/13 13:21:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck [2012/07/13 13:21:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hardcopy [2012/07/13 13:20:11 | 001,703,936 | ---- | C] (sw4you - Freeware für Windows 98, 2000, 2003, XP und Windows Vista (32 + 64 Bit). Siegfried Weckmann) -- C:\Windows\SwSetupu.exe [2012/07/13 09:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALNO AG Küchenplaner [2012/07/13 09:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALNO [2012/07/13 07:47:45 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/07/13 07:47:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/07/13 07:47:43 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/07/13 07:47:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/07/13 07:47:40 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/07/13 07:47:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/07/13 07:47:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/07/13 07:47:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/07/13 07:47:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/07/13 07:47:34 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/07/13 07:47:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/07/13 07:47:32 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/07/13 07:47:32 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/07/11 09:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/07/11 09:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/07/11 09:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/07/11 09:05:48 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2012/07/11 09:05:48 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2012/07/11 09:05:48 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012/07/11 08:00:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/07/11 08:00:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/07/11 08:00:31 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/07/11 08:00:19 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/07/11 08:00:13 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012/07/10 10:08:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{40C0A572-C69F-4354-9859-ED9E54CAD252} [2012/07/10 10:08:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8CF5B2FF-4C50-4825-9602-F0FB1DDDD9B6} [2012/07/09 22:06:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CCA59C0B-61A0-43CC-A674-5297344FFE0B} [2012/07/09 22:05:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{61679FCA-974E-4F03-9B5F-9282CAF93678} [2012/07/05 07:40:55 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2012/07/04 11:31:44 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\adaware [2012/07/04 11:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2012/07/04 11:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus [2012/07/04 11:31:31 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys [2012/07/04 11:31:20 | 000,119,416 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFwIm.sys [2012/07/04 11:31:15 | 000,256,632 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFw.sys [2012/07/04 11:31:11 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbredrv.sys [2012/07/04 11:31:11 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe [2012/07/04 11:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2012/07/04 11:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus [2012/07/04 11:21:51 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Ad-Aware Antivirus [2012/06/26 12:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin [2012/06/26 12:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin [2012/06/26 11:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin [2012/06/25 10:19:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Auerswald [2012/06/25 07:47:43 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/06/25 07:47:43 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/06/25 07:47:43 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/25 07:47:34 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/25 07:47:33 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/25 07:47:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/25 07:47:22 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/06/25 07:47:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/06/22 10:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012/06/22 04:24:45 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{64CE9632-E10E-4519-AFF0-BA8787FBB5FC} [2012/06/22 04:24:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{793541AA-BE70-4661-A3D4-D0AC1A3938B0} [2012/06/21 16:23:33 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{781B15AE-3422-4916-B40A-60087D7AC7A6} [2012/06/21 16:23:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F1313B8A-E9F4-4C71-8011-044293080CF0} [2012/06/21 16:05:57 | 000,000,000 | ---D | C] -- C:\Windows\de [2012/06/21 16:04:37 | 000,000,000 | ---D | C] -- C:\Windows\en [2012/06/21 16:04:30 | 000,000,000 | ---D | C] -- C:\Windows\fr [2012/06/21 16:04:23 | 000,000,000 | ---D | C] -- C:\Windows\es [2012/06/21 16:04:16 | 000,000,000 | ---D | C] -- C:\Windows\it [2012/06/21 16:04:09 | 000,000,000 | ---D | C] -- C:\Windows\nl [2012/06/21 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9A527056-42B3-415C-89A6-E0C861EA096D} [2012/06/21 15:49:09 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFB7D0FB-0801-49F6-AECA-AE9DA5E94D2D} [2012/06/21 15:48:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFEE86D2-0270-437B-91B5-1F03202DA990} [2012/06/21 14:46:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\tools [2012/06/21 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2012/06/21 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2012/06/21 08:21:10 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\mp3 für show [2012/06/21 07:44:50 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A4288D4B-CD3A-4A65-B2A6-98B4F2EA8554} [2012/06/21 07:44:32 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{17DF9FB7-BAF3-4F87-9A63-452041D4BF3F} [2012/06/20 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{0CC6E22A-2255-4213-BADF-C3E304011BEC} [2012/06/20 10:35:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Danksagung ========== Files - Modified Within 30 Days ========== [2012/07/18 12:34:05 | 000,623,304 | ---- | M] (No company) -- C:\Users\Laptop\Desktop\LanmanCheck.exe [2012/07/18 12:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/07/18 11:52:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/18 09:15:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe [2012/07/18 09:13:10 | 000,000,000 | ---- | M] () -- C:\Users\Laptop\defogger_reenable [2012/07/18 09:10:54 | 000,050,477 | ---- | M] () -- C:\Users\Laptop\Desktop\Defogger.exe [2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/18 09:03:17 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/18 09:03:08 | 000,000,438 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/07/18 09:02:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/18 09:02:41 | 3092,107,264 | -HS- | M] () -- C:\hiberfil.sys [2012/07/18 08:34:20 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/07/16 21:26:06 | 000,002,002 | -H-- | M] () -- C:\Users\Laptop\Documents\Default.rdp [2012/07/16 20:25:19 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF [2012/07/16 20:23:30 | 000,002,653 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2012/07/16 09:20:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat [2012/07/13 13:21:32 | 000,002,391 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2012/07/13 11:59:53 | 000,001,908 | ---- | M] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk [2012/07/13 08:00:36 | 000,413,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/13 07:59:27 | 000,001,738 | ---- | M] () -- C:\Windows\SysWow64\EmailAVConfig.xml [2012/07/13 07:47:26 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/07/12 10:20:30 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/07/12 10:20:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/07/12 09:02:26 | 001,031,801 | ---- | M] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf [2012/07/12 09:02:26 | 000,180,570 | ---- | M] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf [2012/07/12 09:02:25 | 000,385,177 | ---- | M] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf [2012/07/11 13:51:56 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/07/11 13:51:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/07/11 13:51:16 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/07/11 13:44:36 | 000,650,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/07/11 13:44:28 | 000,117,692 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/07/11 09:18:15 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/07/10 11:35:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/07/09 23:12:01 | 000,751,391 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp [2012/07/05 15:53:12 | 000,001,188 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/07/03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012/07/03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/07/03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/06/22 07:53:31 | 000,717,636 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp [2012/06/21 22:53:11 | 000,723,001 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp [2012/06/21 16:48:11 | 000,688,426 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp [2012/06/21 09:53:36 | 000,680,434 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp [2012/06/20 22:56:29 | 000,687,833 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp [2012/06/20 22:56:15 | 000,687,832 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp ========== Files Created - No Company Name ========== [2012/07/18 09:13:10 | 000,000,000 | ---- | C] () -- C:\Users\Laptop\defogger_reenable [2012/07/18 09:10:52 | 000,050,477 | ---- | C] () -- C:\Users\Laptop\Desktop\Defogger.exe [2012/07/18 08:32:07 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/07/16 20:40:57 | 000,002,002 | -H-- | C] () -- C:\Users\Laptop\Documents\Default.rdp [2012/07/16 20:40:56 | 000,001,367 | ---- | C] () -- C:\Users\Laptop\Desktop\Remote Desktop Connection.lnk [2012/07/16 20:23:30 | 000,002,653 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2012/07/16 20:22:59 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF [2012/07/16 09:20:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat [2012/07/13 13:21:32 | 000,002,391 | ---- | C] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2012/07/13 09:40:04 | 000,001,908 | ---- | C] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk [2012/07/13 07:59:27 | 000,001,738 | ---- | C] () -- C:\Windows\SysWow64\EmailAVConfig.xml [2012/07/12 09:02:26 | 001,031,801 | ---- | C] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf [2012/07/12 09:02:25 | 000,385,177 | ---- | C] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf [2012/07/12 09:02:25 | 000,180,570 | ---- | C] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf [2012/07/11 09:18:15 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/07/09 23:11:53 | 000,751,391 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp [2012/07/05 15:53:12 | 000,001,188 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml [2012/06/22 10:45:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012/06/21 22:57:39 | 000,717,636 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp [2012/06/21 21:30:22 | 000,723,001 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp [2012/06/21 16:43:45 | 000,688,426 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp [2012/06/21 08:10:06 | 000,680,434 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp [2012/06/20 22:56:29 | 000,687,833 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp [2012/06/20 22:44:49 | 000,687,832 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp [2012/05/04 09:49:50 | 000,139,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/12/07 17:46:21 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [2011/12/07 17:46:21 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe [2011/12/07 17:46:21 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2011/05/19 20:18:25 | 001,599,138 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/05/19 20:12:52 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/05/19 20:12:51 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2011/05/10 12:48:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/05/10 12:48:43 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/05/10 12:48:40 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/05/10 12:48:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/05/10 12:48:33 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2010/11/25 06:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL < End of report > |
|
18.07.2012, 12:01
| #10 | |
| | PC reagiert ständig nicht mehr ... OTL Extras logfile created on: 7/18/2012 12:33:55 PM - Run 2 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.84 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 39.60% Memory free 7.68 Gb Paging File | 5.27 Gb Available in Paging File | 68.67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 127.00 Gb Total Space | 17.53 Gb Free Space | 13.81% Space Free | Partition Type: NTFS Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{851B25E7-34C7-461A-80EF-DEF313D8E7B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{D4D01C98-8255-4DC3-888F-8BD5540F2D5C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E38099E4-850E-4AB1-B93E-BD7CEFE12B09}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{F3AD941A-7585-4010-9006-0840FFCCA783}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{010D7B67-84C7-4E12-917A-CE67137D4ED3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{2ADEAAA8-5AA4-4640-B979-83D6958B1B64}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{3668745A-E0AF-4755-A36D-DA969C2EE781}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{44412DE0-98FB-4FBD-B437-27D3701B134C}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{58B72A77-E4D4-42B5-8107-9CC2FDF3BEC9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{76731B0D-5FF8-47A0-9AAB-8F0A5F2A25AE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{7889903C-8203-45F4-9697-53060FBDD34C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{82A92841-660B-4048-9B00-FBC52C901B3F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A032B434-B4A4-4461-AA88-29E1B63A9DD5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{A7ACC4E6-F360-4557-B03D-2B0616C732DF}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{A8356CB5-A09B-4C4D-BFC9-D8466508979F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{AAB69D62-B5ED-4D77-AA7F-786976622A0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BBCF5ED8-9B69-4FBD-8790-E045DA271C30}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe | "{BF3A6B68-6453-4886-9F38-EB8265413E91}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{CA5C0F1C-3002-454B-A349-5B991C23455F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{DCD89449-71A7-4312-8AE6-B32383E86845}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F84E6588-5CA9-49A1-BC22-EBBFC3B3F28E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "TCP Query User{D3E5739E-52F0-4929-8AF4-03CDE250A073}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{B08E9171-0F36-47FB-9FCA-8C2211377426}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F1DFCC1-595D-4235-A044-E05B706D800A}" = AuthenTec Fingerprint Software "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver "{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B95CFA6A-E0E0-4437-A2F0-BE0948B68946}" = Intel(R) PROSet/Wireless WiFi Software "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility "{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64 "{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility "{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "ProInst" = Intel PROSet Wireless "Recuva" = Recuva "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.11 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0AA86CEE-2C8C-4ABB-8F95-B8D8E852C62C}" = SportTracks 3.1 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4 "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84c3f506-9960-4261-9e59-8bc6f94cb338}" = Nero 9 Essentials "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG Küchenplaner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D25122BC-A60E-4663-B602-B01718F12044}" = Cisco Systems VPN Client 4.8.01.0300 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6C5A4CA-1EE8-4C73-9679-0BC2946D1353}" = Battery Utility "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = Ad-Aware Antivirus "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "5513-1208-7298-9440" = JDownloader 0.9 "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9 "avast" = avast! Pro Antivirus "DeskUpdate_is1" = DeskUpdate 4.12 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Google Chrome" = Google Chrome "Hardcopy" = Hardcopy "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel "InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver "InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility "InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility "InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility "InstallShield_{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "MERTEN SCHALTER-MANAGER_is1" = MERTEN SCHALTER-MANAGER 2011-2012 v1.0 "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Picasa 3" = Picasa 3 "ProInst" = Intel PROSet Wireless "SWIQMIDrvInstaller" = Sierra Wireless QMI Driver Package "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 7/18/2012 4:14:20 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:21 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:22 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:23 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:24 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:25 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:26 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:27 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:28 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. Error - 7/18/2012 4:14:29 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003 Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: Das System kann die angegebene Datei nicht finden. [ OSession Events ] Error - 5/12/2012 4:50:41 AM | Computer Name = LAPTOP_PR | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 134 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 7/18/2012 1:44:21 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:22 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:23 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:24 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:25 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:26 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:27 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:28 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:29 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 7/18/2012 1:44:30 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000 Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > LanmanCheck sagt: "alles OK,..." DLL im Lanmanworkstation Schlüssel: %SystemRoot%\System32\wkssvc.dll Geladene DLL: C:\Windows\System32\wkssvc.dll Signatur der DLL: Microsoft Windows Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet. MD5 der DLL: 851A1382EED3E3A7476DB004F4EE3E1A DLL im Dnscache Schlüssel: %SystemRoot%\System32\dnsrslvr.dll Geladene DLL: C:\Windows\System32\dnsrslvr.dll Signatur der DLL: Microsoft Windows Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet. MD5 der DLL: 16835866AAA693C7D7FCEBA8FFF706E4 Alles OK, der Rechner ist nicht vom Lanmanworkstation Trojaner befallen! Zitat:
Hier das Log vom OTL - RUN FIX All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Laptop ->Temp folder emptied: 51021622 bytes ->Temporary Internet Files folder emptied: 4221837 bytes ->Java cache emptied: 681470 bytes ->FireFox cache emptied: 406485524 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 50289664 bytes ->Flash cache emptied: 3232 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 119237352 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes RecycleBin emptied: 29380 bytes Total Files Cleaned = 603.00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07182012_132541 Files\Folders moved on Reboot... C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... |
|
18.07.2012, 12:52
| #11 |
| | PC reagiert ständig nicht mehr ... Hi, ausser Kleinigkeiten nichts zu finden. Irgendwas neues in letzter Zeit installiert? Fix für OTL:
Code:
ATTFilter
:OTL
DRV - (vsdatant) -- C:\Windows\SysWOW64\vsdatant.sys (Zone Labs LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
:Commands
[emptytemp]
[Reboot]
Du solltest mal den Speicher überprüfen und die Festplatte. Zeigt der Taskmanager 100% Auslastung beim Hängenbleiben an und welche Anwendung/Prozess ist das (Achtung: Alle Prozesse aller Nutzer anzeigen lassen)... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
18.07.2012, 14:26
| #12 |
| | PC reagiert ständig nicht mehr ... Beim OTR - FIX-Scan mit denen oben angegebenen Parametern blieb der Lapto nach dem Reboot hängen. soll ich OTR nochmal so ausführen? Geändert von rupa (18.07.2012 um 14:38 Uhr) |
|
18.07.2012, 14:59
| #13 |
| | PC reagiert ständig nicht mehr ... Hi, in den abgesicherten Modus booten (F8 beim Booten) und dann nochmal probieren... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
19.07.2012, 06:55
| #14 |
| | PC reagiert ständig nicht mehr ... Hier der LOG vom OTL-FIX All processes killed ========== OTL ========== Error: No service named vsdatant was found to stop! Service\Driver key vsdatant not found. File C:\Windows\SysWOW64\vsdatant.sys not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Laptop ->Temp folder emptied: 134 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 2251776 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 9070 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2.00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07192012_074605 Files\Folders moved on Reboot... File\Folder C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! PendingFileRenameOperations files... File C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Hat wohl gestern doch funktioniert - oder? Hier das LOG von gestern Nachmittag mit den gleichen Parametern. (Gestern ist der PC anschließend nicht mehr ordnungsgemäß hochgefahren. Ich konnte ihn allerdings neustarten und dann lief er normal.) All processes killed ========== OTL ========== Service vsdatant stopped successfully! Service vsdatant deleted successfully! C:\Windows\SysWOW64\vsdatant.sys moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Laptop ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 49393 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 4397056 bytes ->Flash cache emptied: 492 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 119050573 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 118.00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07182012_143757 Files\Folders moved on Reboot... File move failed. C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot. PendingFileRenameOperations files... [2012/07/18 13:46:28 | 000,000,000 | ---- | M] () C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt : Unable to obtain MD5 Registry entries deleted on Reboot... Ich hab den Eindruck, dass der Laptop wieder vernünftig läuft. Kann ich nun bedenkenlos weitermachen? Oder soll ich noch was unternehmen? Ich hab den Eindruck, dass der Laptop wieder vernünftig läuft. Kann ich nun bedenkenlos weitermachen? Oder soll ich noch was unternehmen? |
|
20.07.2012, 07:12
| #15 |
| | PC reagiert ständig nicht mehr ... Hi, Du kannst Antimalwarebytes updaten und nochmal einen FULLSCAN machen und ein neues OTL-Logfile posten... Denke aber, dass wir durch sind... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
| Themen zu PC reagiert ständig nicht mehr ... |
| administrator, anti-malware, autostart, bösartige, dateien, downloads, erfolgreich, explorer, gelöscht, gen, hallo zusammen, heuristiks/extra, heuristiks/shuriken, hängen, laptop, log, malwarebytes, minute, nicht mehr, picasa, quarantäne, reagiert, registrierung, service, speicher, test, version, zusammen |
Linear-Darstellung
