| |
| |||||||
Log-Analyse und Auswertung: Laptop sehr schnell, sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.09.2012, 19:51
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Laptop sehr schnell, sehr langsam Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-151335664-723891683-3374794087-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.04 20:12:58 | 000,000,070 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.05.10 08:48:26 | 000,000,032 | ---- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{1455c82f-b015-11df-ad2c-00262d9bace7}\Shell - "" = AutoRun
O33 - MountPoints2\{1455c82f-b015-11df-ad2c-00262d9bace7}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{1954cd50-30fa-11e0-b972-00262d9bace7}\Shell - "" = AutoRun
O33 - MountPoints2\{1954cd50-30fa-11e0-b972-00262d9bace7}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011.06.29 14:41:32 | 000,410,312 | R--- | M] (MAXON Computer GmbH)
O33 - MountPoints2\{c659cdf2-6f4a-11e0-b845-00262d9bace7}\Shell - "" = AutoRun
O33 - MountPoints2\{c659cdf2-6f4a-11e0-b845-00262d9bace7}\Shell\AutoRun\command - "" = F:\Login.exe
O33 - MountPoints2\{d327923f-1406-11e0-a2a8-00262d9bace7}\Shell - "" = AutoRun
O33 - MountPoints2\{d327923f-1406-11e0-a2a8-00262d9bace7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d327924d-1406-11e0-a2a8-00262d9bace7}\Shell - "" = AutoRun
O33 - MountPoints2\{d327924d-1406-11e0-a2a8-00262d9bace7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ec712be1-17fc-11e0-92ec-00262d9bace7}\Shell - "" = AutoRun
O33 - MountPoints2\{ec712be1-17fc-11e0-92ec-00262d9bace7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fd89673b-1be5-11e0-91b4-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{fd89673b-1be5-11e0-91b4-001e101f50a4}\Shell\AutoRun\command - "" = E:\AutoRun.exe
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
:Files
C:\Users\Chris\AppData\Local\{*
C:\Users\Chris\AppData\Roaming\.#
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.09.2012, 13:54
| #17 |
 | Laptop sehr schnell, sehr langsam Was macht denn dieses Skript? Und was stimmt nicht mit meinem Laptop? Ich würde das ganz gerne verstehen und nicht nur blind befolgen. Natürlich: wenns zu umfangreich oder zu lästig zu erklären ist, muss es natürlich nicht getan werden.
__________________ |
|
10.09.2012, 11:54
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop sehr schnell, sehr langsam Sry ich kann hier wirklich nicht jede Zeile erklären
__________________Das Script löscht überflüssige Dateien und Einträge
__________________ |
|
10.09.2012, 19:52
| #19 |
| | Laptop sehr schnell, sehr langsam so ist ausgeführt. beim ersten versuch hat otl plötzlich nichts mehr gemacht, aber beim zweiten mal lief alles super, bis auf, dass der screen für eine gefühlte ewigkeit schwarz blieb und sich nichts mehr tat. hier die log: Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_USERS\S-1-5-21-151335664-723891683-3374794087-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File E:\autorun.inf not found.
File G:\autorun.inf not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1455c82f-b015-11df-ad2c-00262d9bace7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1455c82f-b015-11df-ad2c-00262d9bace7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1455c82f-b015-11df-ad2c-00262d9bace7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1455c82f-b015-11df-ad2c-00262d9bace7}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1954cd50-30fa-11e0-b972-00262d9bace7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1954cd50-30fa-11e0-b972-00262d9bace7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1954cd50-30fa-11e0-b972-00262d9bace7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1954cd50-30fa-11e0-b972-00262d9bace7}\ not found.
File E:\Setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c659cdf2-6f4a-11e0-b845-00262d9bace7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c659cdf2-6f4a-11e0-b845-00262d9bace7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c659cdf2-6f4a-11e0-b845-00262d9bace7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c659cdf2-6f4a-11e0-b845-00262d9bace7}\ not found.
File F:\Login.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d327923f-1406-11e0-a2a8-00262d9bace7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d327923f-1406-11e0-a2a8-00262d9bace7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d327923f-1406-11e0-a2a8-00262d9bace7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d327923f-1406-11e0-a2a8-00262d9bace7}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d327924d-1406-11e0-a2a8-00262d9bace7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d327924d-1406-11e0-a2a8-00262d9bace7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d327924d-1406-11e0-a2a8-00262d9bace7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d327924d-1406-11e0-a2a8-00262d9bace7}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec712be1-17fc-11e0-92ec-00262d9bace7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec712be1-17fc-11e0-92ec-00262d9bace7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec712be1-17fc-11e0-92ec-00262d9bace7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec712be1-17fc-11e0-92ec-00262d9bace7}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd89673b-1be5-11e0-91b4-001e101f50a4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd89673b-1be5-11e0-91b4-001e101f50a4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd89673b-1be5-11e0-91b4-001e101f50a4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd89673b-1be5-11e0-91b4-001e101f50a4}\ not found.
File E:\AutoRun.exe not found.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.
ADS C:\ProgramData\Temp:93DE1838 deleted successfully.
ADS C:\ProgramData\Temp:E3C56885 deleted successfully.
ADS C:\ProgramData\Temp:E1F04E8D deleted successfully.
ADS C:\ProgramData\Temp:ABE89FFE deleted successfully.
ADS C:\ProgramData\Temp:444C53BA deleted successfully.
ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
========== FILES ==========
C:\Users\Chris\AppData\Local\{BB25C49B-1A1E-432B-AD59-FEABFC180920} moved successfully.
C:\Users\Chris\AppData\Local\{E7A310D2-A56E-4EC1-84A9-63D5EEC615CD} moved successfully.
C:\Users\Chris\AppData\Roaming\.# folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\splash folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Chris
->Temp folder emptied: 5971191759 bytes
->Temporary Internet Files folder emptied: 103397716 bytes
->Google Chrome cache emptied: 282411773 bytes
->Apple Safari cache emptied: 148939776 bytes
->Flash cache emptied: 3145833 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1017856 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 313104484 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 6.508,00 mb
[EMPTYFLASH]
User: All Users
User: Chris
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.0 log created on 09102012_203706
Files\Folders moved on Reboot...
C:\Users\Chris\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
10.09.2012, 21:31
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop sehr schnell, sehr langsam Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 08:34
| #21 |
| | Laptop sehr schnell, sehr langsamCode:
ATTFilter 09:17:46.0231 5992 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:17:46.0508 5992 ============================================================
09:17:46.0508 5992 Current date / time: 2012/09/11 09:17:46.0508
09:17:46.0508 5992 SystemInfo:
09:17:46.0508 5992
09:17:46.0509 5992 OS Version: 6.1.7601 ServicePack: 1.0
09:17:46.0509 5992 Product type: Workstation
09:17:46.0509 5992 ComputerName: CHRIS-PC
09:17:46.0509 5992 UserName: Chris
09:17:46.0509 5992 Windows directory: C:\Windows
09:17:46.0509 5992 System windows directory: C:\Windows
09:17:46.0509 5992 Running under WOW64
09:17:46.0509 5992 Processor architecture: Intel x64
09:17:46.0509 5992 Number of processors: 4
09:17:46.0509 5992 Page size: 0x1000
09:17:46.0509 5992 Boot type: Normal boot
09:17:46.0509 5992 ============================================================
09:17:47.0217 5992 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:17:47.0222 5992 ============================================================
09:17:47.0222 5992 \Device\Harddisk0\DR0:
09:17:47.0222 5992 MBR partitions:
09:17:47.0222 5992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
09:17:47.0222 5992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
09:17:47.0222 5992 ============================================================
09:17:47.0268 5992 C: <-> \Device\Harddisk0\DR0\Partition2
09:17:47.0268 5992 ============================================================
09:17:47.0268 5992 Initialize success
09:17:47.0268 5992 ============================================================
09:19:27.0562 5380 ============================================================
09:19:27.0562 5380 Scan started
09:19:27.0562 5380 Mode: Manual; SigCheck; TDLFS;
09:19:27.0562 5380 ============================================================
09:19:28.0207 5380 ================ Scan system memory ========================
09:19:28.0207 5380 System memory - ok
09:19:28.0207 5380 ================ Scan services =============================
09:19:28.0477 5380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:19:28.0687 5380 1394ohci - ok
09:19:28.0807 5380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:19:28.0837 5380 ACPI - ok
09:19:28.0912 5380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:19:28.0987 5380 AcpiPmi - ok
09:19:29.0067 5380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:19:29.0097 5380 adp94xx - ok
09:19:29.0147 5380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:19:29.0172 5380 adpahci - ok
09:19:29.0177 5380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:19:29.0192 5380 adpu320 - ok
09:19:29.0232 5380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:19:29.0413 5380 AeLookupSvc - ok
09:19:29.0493 5380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:19:29.0598 5380 AFD - ok
09:19:29.0663 5380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:19:29.0683 5380 agp440 - ok
09:19:29.0718 5380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:19:29.0833 5380 ALG - ok
09:19:29.0903 5380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:19:29.0923 5380 aliide - ok
09:19:29.0973 5380 [ 812349D328EB406815183A5D17B49E7C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:19:30.0088 5380 AMD External Events Utility - ok
09:19:30.0133 5380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:19:30.0158 5380 amdide - ok
09:19:30.0193 5380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:19:30.0333 5380 AmdK8 - ok
09:19:31.0033 5380 [ 0415FFE1B6A6EA141FEAFCA57567F57F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:19:31.0603 5380 amdkmdag - ok
09:19:31.0663 5380 [ DC24D6F38F17C0D643D9AA8A6852F8D0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:19:31.0723 5380 amdkmdap - ok
09:19:31.0758 5380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:19:31.0843 5380 AmdPPM - ok
09:19:31.0948 5380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:19:31.0973 5380 amdsata - ok
09:19:32.0003 5380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:19:32.0018 5380 amdsbs - ok
09:19:32.0033 5380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:19:32.0048 5380 amdxata - ok
09:19:32.0098 5380 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
09:19:32.0168 5380 AmUStor - ok
09:19:32.0213 5380 [ FAB590E0FC28CB474B965F8267458E14 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:19:32.0273 5380 ApfiltrService - ok
09:19:32.0333 5380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:19:32.0508 5380 AppID - ok
09:19:32.0543 5380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:19:32.0648 5380 AppIDSvc - ok
09:19:32.0753 5380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:19:32.0823 5380 Appinfo - ok
09:19:33.0058 5380 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:19:33.0078 5380 Apple Mobile Device - ok
09:19:33.0128 5380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:19:33.0148 5380 arc - ok
09:19:33.0153 5380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:19:33.0168 5380 arcsas - ok
09:19:33.0213 5380 aspnet_state - ok
09:19:33.0238 5380 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:19:33.0248 5380 aswFsBlk - ok
09:19:33.0293 5380 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:19:33.0308 5380 aswMonFlt - ok
09:19:33.0388 5380 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
09:19:33.0408 5380 aswRdr - ok
09:19:33.0573 5380 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:19:33.0613 5380 aswSnx - ok
09:19:33.0673 5380 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:19:33.0703 5380 aswSP - ok
09:19:33.0718 5380 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:19:33.0728 5380 aswTdi - ok
09:19:33.0748 5380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:19:33.0818 5380 AsyncMac - ok
09:19:33.0918 5380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:19:33.0933 5380 atapi - ok
09:19:34.0018 5380 [ AFD6C8D783E100F7C46277C45175A96F ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:19:34.0083 5380 athr - ok
09:19:34.0163 5380 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
09:19:34.0178 5380 AtiHdmiService - ok
09:19:34.0273 5380 [ 4AEF9EC86818375495FB78CA58DF4E18 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
09:19:34.0338 5380 atksgt ( UnsignedFile.Multi.Generic ) - warning
09:19:34.0338 5380 atksgt - detected UnsignedFile.Multi.Generic (1)
09:19:34.0423 5380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:19:34.0673 5380 AudioEndpointBuilder - ok
09:19:34.0683 5380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:19:34.0733 5380 AudioSrv - ok
09:19:34.0883 5380 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:19:34.0898 5380 avast! Antivirus - ok
09:19:35.0183 5380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:19:35.0348 5380 AxInstSV - ok
09:19:35.0538 5380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:19:35.0583 5380 b06bdrv - ok
09:19:35.0628 5380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:19:35.0678 5380 b57nd60a - ok
09:19:36.0033 5380 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
09:19:36.0163 5380 BCM43XX - ok
09:19:36.0198 5380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:19:36.0238 5380 BDESVC - ok
09:19:36.0258 5380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:19:36.0328 5380 Beep - ok
09:19:36.0404 5380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:19:36.0479 5380 BFE - ok
09:19:36.0514 5380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:19:36.0584 5380 BITS - ok
09:19:36.0619 5380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:19:36.0644 5380 blbdrive - ok
09:19:36.0714 5380 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:19:36.0749 5380 Bonjour Service - ok
09:19:36.0804 5380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:19:36.0854 5380 bowser - ok
09:19:36.0889 5380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:19:36.0944 5380 BrFiltLo - ok
09:19:36.0974 5380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:19:36.0999 5380 BrFiltUp - ok
09:19:37.0069 5380 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:19:37.0119 5380 Browser - ok
09:19:37.0279 5380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:19:37.0344 5380 Brserid - ok
09:19:37.0384 5380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:19:37.0414 5380 BrSerWdm - ok
09:19:37.0469 5380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:19:37.0554 5380 BrUsbMdm - ok
09:19:37.0559 5380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:19:37.0579 5380 BrUsbSer - ok
09:19:37.0584 5380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:19:37.0619 5380 BTHMODEM - ok
09:19:37.0659 5380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:19:37.0744 5380 bthserv - ok
09:19:37.0799 5380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:19:37.0879 5380 cdfs - ok
09:19:37.0954 5380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:19:38.0014 5380 cdrom - ok
09:19:38.0199 5380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:19:38.0279 5380 CertPropSvc - ok
09:19:38.0329 5380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:19:38.0384 5380 circlass - ok
09:19:38.0434 5380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:19:38.0459 5380 CLFS - ok
09:19:38.0489 5380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:19:38.0504 5380 clr_optimization_v2.0.50727_32 - ok
09:19:38.0549 5380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:19:38.0564 5380 clr_optimization_v2.0.50727_64 - ok
09:19:38.0734 5380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:19:38.0754 5380 clr_optimization_v4.0.30319_32 - ok
09:19:38.0789 5380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:19:38.0804 5380 clr_optimization_v4.0.30319_64 - ok
09:19:38.0819 5380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:19:38.0884 5380 CmBatt - ok
09:19:38.0939 5380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:19:38.0949 5380 cmdide - ok
09:19:39.0014 5380 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:19:39.0074 5380 CNG - ok
09:19:39.0119 5380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:19:39.0134 5380 Compbatt - ok
09:19:39.0189 5380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:19:39.0254 5380 CompositeBus - ok
09:19:39.0284 5380 COMSysApp - ok
09:19:39.0309 5380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:19:39.0324 5380 crcdisk - ok
09:19:39.0394 5380 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:19:39.0494 5380 CryptSvc - ok
09:19:39.0534 5380 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
09:19:39.0599 5380 dc3d - ok
09:19:39.0894 5380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:19:39.0989 5380 DcomLaunch - ok
09:19:40.0019 5380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:19:40.0099 5380 defragsvc - ok
09:19:40.0174 5380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:19:40.0239 5380 DfsC - ok
09:19:40.0304 5380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:19:40.0404 5380 Dhcp - ok
09:19:40.0544 5380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:19:40.0804 5380 discache - ok
09:19:40.0934 5380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:19:41.0019 5380 Disk - ok
09:19:41.0074 5380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:19:41.0199 5380 Dnscache - ok
09:19:41.0329 5380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:19:41.0434 5380 dot3svc - ok
09:19:41.0564 5380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:19:41.0659 5380 DPS - ok
09:19:41.0784 5380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:19:41.0829 5380 drmkaud - ok
09:19:41.0904 5380 [ 04CDA9CD1074BFD304CAC5DBDBEFC4E2 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:19:41.0934 5380 DsiWMIService - ok
09:19:42.0039 5380 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:19:42.0059 5380 dtsoftbus01 - ok
09:19:42.0159 5380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:19:42.0234 5380 DXGKrnl - ok
09:19:42.0314 5380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:19:42.0390 5380 EapHost - ok
09:19:42.0885 5380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:19:43.0085 5380 ebdrv - ok
09:19:43.0160 5380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:19:43.0270 5380 EFS - ok
09:19:43.0395 5380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:19:43.0500 5380 ehRecvr - ok
09:19:43.0540 5380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:19:43.0605 5380 ehSched - ok
09:19:43.0705 5380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:19:43.0750 5380 elxstor - ok
09:19:43.0930 5380 [ 49EEF52BFB986A2B5D70F4EC12637D7B ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:19:43.0995 5380 ePowerSvc - ok
09:19:44.0005 5380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:19:44.0070 5380 ErrDev - ok
09:19:44.0315 5380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:19:44.0420 5380 EventSystem - ok
09:19:44.0460 5380 ewusbnet - ok
09:19:44.0470 5380 ew_hwusbdev - ok
09:19:44.0565 5380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:19:44.0625 5380 exfat - ok
09:19:44.0645 5380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:19:44.0785 5380 fastfat - ok
09:19:44.0955 5380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:19:45.0070 5380 Fax - ok
09:19:45.0120 5380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:19:45.0200 5380 fdc - ok
09:19:45.0235 5380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:19:45.0325 5380 fdPHost - ok
09:19:45.0385 5380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:19:45.0490 5380 FDResPub - ok
09:19:45.0630 5380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:19:45.0645 5380 FileInfo - ok
09:19:45.0655 5380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:19:45.0700 5380 Filetrace - ok
09:19:45.0800 5380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:19:46.0015 5380 flpydisk - ok
09:19:46.0105 5380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:19:46.0120 5380 FltMgr - ok
09:19:46.0370 5380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:19:46.0695 5380 FontCache - ok
09:19:47.0215 5380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:19:47.0225 5380 FontCache3.0.0.0 - ok
09:19:47.0426 5380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:19:47.0446 5380 FsDepends - ok
09:19:47.0531 5380 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:19:47.0561 5380 Fs_Rec - ok
09:19:47.0636 5380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:19:47.0666 5380 fvevol - ok
09:19:47.0866 5380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:19:47.0881 5380 gagp30kx - ok
09:19:48.0046 5380 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:19:48.0066 5380 GEARAspiWDM - ok
09:19:48.0156 5380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:19:48.0266 5380 gpsvc - ok
09:19:48.0491 5380 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:19:48.0536 5380 Greg_Service - ok
09:19:48.0706 5380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:19:48.0721 5380 gupdate - ok
09:19:48.0766 5380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:19:48.0786 5380 gupdatem - ok
09:19:48.0991 5380 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
09:19:49.0001 5380 hamachi - ok
09:19:49.0071 5380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:19:49.0181 5380 hcw85cir - ok
09:19:49.0271 5380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:19:49.0316 5380 HdAudAddService - ok
09:19:49.0336 5380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:19:49.0381 5380 HDAudBus - ok
09:19:49.0531 5380 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:19:49.0541 5380 HECIx64 - ok
09:19:49.0606 5380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:19:49.0631 5380 HidBatt - ok
09:19:49.0671 5380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:19:49.0746 5380 HidBth - ok
09:19:49.0816 5380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:19:49.0881 5380 HidIr - ok
09:19:49.0926 5380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:19:50.0101 5380 hidserv - ok
09:19:50.0336 5380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:19:50.0366 5380 HidUsb - ok
09:19:50.0611 5380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:19:50.0671 5380 hkmsvc - ok
09:19:50.0841 5380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:19:50.0996 5380 HomeGroupListener - ok
09:19:51.0186 5380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:19:51.0366 5380 HomeGroupProvider - ok
09:19:51.0396 5380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:19:51.0416 5380 HpSAMD - ok
09:19:51.0646 5380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:19:51.0836 5380 HTTP - ok
09:19:51.0851 5380 huawei_enumerator - ok
09:19:51.0871 5380 hwdatacard - ok
09:19:51.0991 5380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:19:52.0011 5380 hwpolicy - ok
09:19:52.0171 5380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:19:52.0196 5380 i8042prt - ok
09:19:52.0231 5380 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:19:52.0251 5380 iaStor - ok
09:19:52.0496 5380 [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:19:52.0506 5380 IAStorDataMgrSvc - ok
09:19:52.0576 5380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:19:52.0616 5380 iaStorV - ok
09:19:52.0741 5380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:19:52.0791 5380 idsvc - ok
09:19:54.0136 5380 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:19:55.0131 5380 igfx - ok
09:19:55.0236 5380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:19:55.0266 5380 iirsp - ok
09:19:55.0521 5380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:19:55.0696 5380 IKEEXT - ok
09:19:56.0081 5380 [ 53019327813FF5AB2964B33B2C61307C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:19:56.0141 5380 IntcAzAudAddService - ok
09:19:56.0171 5380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:19:56.0181 5380 intelide - ok
09:19:56.0236 5380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:19:56.0296 5380 intelppm - ok
09:19:56.0331 5380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:19:56.0406 5380 IPBusEnum - ok
09:19:56.0536 5380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:19:56.0711 5380 IpFilterDriver - ok
09:19:56.0881 5380 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:19:57.0006 5380 iphlpsvc - ok
09:19:57.0276 5380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:19:57.0417 5380 IPMIDRV - ok
09:19:57.0552 5380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:19:57.0642 5380 IPNAT - ok
09:19:58.0207 5380 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:19:58.0252 5380 iPod Service - ok
09:19:58.0307 5380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:19:58.0547 5380 IRENUM - ok
09:19:58.0582 5380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:19:58.0602 5380 isapnp - ok
09:19:58.0752 5380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:19:58.0787 5380 iScsiPrt - ok
09:19:59.0082 5380 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
09:19:59.0107 5380 k57nd60a - ok
09:19:59.0177 5380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:19:59.0202 5380 kbdclass - ok
09:19:59.0372 5380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:19:59.0502 5380 kbdhid - ok
09:19:59.0672 5380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:19:59.0697 5380 KeyIso - ok
09:19:59.0837 5380 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:19:59.0862 5380 KSecDD - ok
09:19:59.0937 5380 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:19:59.0967 5380 KSecPkg - ok
09:19:59.0997 5380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:20:00.0052 5380 ksthunk - ok
09:20:00.0177 5380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:20:00.0262 5380 KtmRm - ok
09:20:00.0337 5380 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
09:20:00.0357 5380 L1E - ok
09:20:00.0542 5380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:20:00.0617 5380 LanmanServer - ok
09:20:00.0672 5380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:20:00.0787 5380 LanmanWorkstation - ok
09:20:00.0872 5380 [ B658B7076B1ACAA5876524595630F183 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
09:20:00.0887 5380 lirsgt ( UnsignedFile.Multi.Generic ) - warning
09:20:00.0887 5380 lirsgt - detected UnsignedFile.Multi.Generic (1)
09:20:00.0922 5380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:20:01.0117 5380 lltdio - ok
09:20:01.0262 5380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:20:01.0382 5380 lltdsvc - ok
09:20:01.0417 5380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:20:01.0462 5380 lmhosts - ok
09:20:01.0532 5380 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:20:01.0562 5380 LMS - ok
09:20:01.0627 5380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:20:01.0652 5380 LSI_FC - ok
09:20:01.0667 5380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:20:01.0682 5380 LSI_SAS - ok
09:20:01.0697 5380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:20:01.0712 5380 LSI_SAS2 - ok
09:20:01.0727 5380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:20:01.0742 5380 LSI_SCSI - ok
09:20:01.0777 5380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:20:01.0887 5380 luafv - ok
09:20:01.0972 5380 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
09:20:02.0052 5380 ManyCam - ok
09:20:02.0112 5380 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
09:20:02.0247 5380 mcaudrv_simple - ok
09:20:02.0377 5380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:20:02.0417 5380 Mcx2Svc - ok
09:20:02.0447 5380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:20:02.0462 5380 megasas - ok
09:20:02.0482 5380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:20:02.0502 5380 MegaSR - ok
09:20:02.0517 5380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:20:02.0787 5380 MMCSS - ok
09:20:02.0822 5380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:20:02.0887 5380 Modem - ok
09:20:02.0912 5380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:20:02.0977 5380 monitor - ok
09:20:03.0097 5380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:20:03.0127 5380 mouclass - ok
09:20:03.0152 5380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:20:03.0187 5380 mouhid - ok
09:20:03.0277 5380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:20:03.0307 5380 mountmgr - ok
09:20:03.0322 5380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:20:03.0342 5380 mpio - ok
09:20:03.0362 5380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:20:03.0407 5380 mpsdrv - ok
09:20:03.0467 5380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:20:03.0567 5380 MpsSvc - ok
09:20:03.0612 5380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:20:03.0662 5380 MRxDAV - ok
09:20:03.0722 5380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:20:03.0827 5380 mrxsmb - ok
09:20:03.0897 5380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:20:03.0947 5380 mrxsmb10 - ok
09:20:03.0997 5380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:20:04.0027 5380 mrxsmb20 - ok
09:20:04.0072 5380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:20:04.0087 5380 msahci - ok
09:20:04.0142 5380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:20:04.0162 5380 msdsm - ok
09:20:04.0207 5380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:20:04.0322 5380 MSDTC - ok
09:20:04.0367 5380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:20:04.0412 5380 Msfs - ok
09:20:04.0422 5380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:20:04.0522 5380 mshidkmdf - ok
09:20:04.0572 5380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:20:04.0597 5380 msisadrv - ok
09:20:04.0647 5380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:20:04.0737 5380 MSiSCSI - ok
09:20:04.0742 5380 msiserver - ok
09:20:04.0797 5380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:20:04.0957 5380 MSKSSRV - ok
09:20:05.0017 5380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:20:05.0112 5380 MSPCLOCK - ok
09:20:05.0137 5380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:20:05.0197 5380 MSPQM - ok
09:20:05.0237 5380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:20:05.0257 5380 MsRPC - ok
09:20:05.0307 5380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:20:05.0317 5380 mssmbios - ok
09:20:05.0377 5380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:20:05.0427 5380 MSTEE - ok
09:20:05.0457 5380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:20:05.0487 5380 MTConfig - ok
09:20:05.0507 5380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:20:05.0522 5380 Mup - ok
09:20:05.0632 5380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:20:05.0727 5380 napagent - ok
09:20:05.0797 5380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:20:05.0857 5380 NativeWifiP - ok
09:20:06.0022 5380 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:20:06.0077 5380 NDIS - ok
09:20:06.0182 5380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:20:06.0242 5380 NdisCap - ok
09:20:06.0292 5380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:20:06.0357 5380 NdisTapi - ok
09:20:06.0408 5380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:20:06.0483 5380 Ndisuio - ok
09:20:06.0558 5380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:20:06.0648 5380 NdisWan - ok
09:20:06.0688 5380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:20:06.0788 5380 NDProxy - ok
09:20:06.0898 5380 [ B6CBA9A0403E2C1A9EA03C33A4932E89 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:20:06.0928 5380 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:20:06.0928 5380 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:20:06.0983 5380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:20:07.0068 5380 NetBIOS - ok
09:20:07.0113 5380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:20:07.0208 5380 NetBT - ok
09:20:07.0243 5380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:20:07.0258 5380 Netlogon - ok
09:20:07.0283 5380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:20:07.0363 5380 Netman - ok
09:20:07.0373 5380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:20:07.0428 5380 netprofm - ok
09:20:07.0498 5380 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:20:07.0513 5380 NetTcpPortSharing - ok
09:20:07.0563 5380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:20:07.0578 5380 nfrd960 - ok
09:20:07.0663 5380 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:20:07.0758 5380 NlaSvc - ok
09:20:07.0793 5380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:20:07.0838 5380 Npfs - ok
09:20:07.0853 5380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:20:07.0908 5380 nsi - ok
09:20:07.0928 5380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:20:07.0983 5380 nsiproxy - ok
09:20:08.0103 5380 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:20:08.0158 5380 Ntfs - ok
09:20:08.0218 5380 [ E556FE51AF531E1B75D6198929D8A4AF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:20:08.0248 5380 NTI IScheduleSvc - ok
09:20:08.0268 5380 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:20:08.0278 5380 NTIDrvr - ok
09:20:08.0298 5380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:20:08.0353 5380 Null - ok
09:20:08.0373 5380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:20:08.0388 5380 nvraid - ok
09:20:08.0433 5380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:20:08.0463 5380 nvstor - ok
09:20:08.0518 5380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:20:08.0533 5380 nv_agp - ok
09:20:08.0553 5380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:20:08.0603 5380 ohci1394 - ok
09:20:08.0703 5380 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:20:08.0728 5380 ose - ok
09:20:08.0958 5380 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:20:09.0203 5380 osppsvc - ok
09:20:09.0273 5380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:20:09.0348 5380 p2pimsvc - ok
09:20:09.0393 5380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:20:09.0468 5380 p2psvc - ok
09:20:09.0508 5380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:20:09.0528 5380 Parport - ok
09:20:09.0613 5380 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:20:09.0643 5380 partmgr - ok
09:20:09.0688 5380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:20:09.0743 5380 PcaSvc - ok
09:20:09.0798 5380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:20:09.0828 5380 pci - ok
09:20:09.0848 5380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:20:09.0863 5380 pciide - ok
09:20:09.0948 5380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:20:09.0983 5380 pcmcia - ok
09:20:09.0998 5380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:20:10.0023 5380 pcw - ok
09:20:10.0043 5380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:20:10.0118 5380 PEAUTH - ok
09:20:10.0343 5380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:20:10.0378 5380 PerfHost - ok
09:20:10.0543 5380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:20:10.0683 5380 pla - ok
09:20:10.0933 5380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:20:11.0003 5380 PlugPlay - ok
09:20:11.0173 5380 [ 35CCB20B0D730B7764D049463E4B2AC5 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:20:11.0183 5380 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:20:11.0183 5380 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:20:11.0198 5380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:20:11.0273 5380 PNRPAutoReg - ok
09:20:11.0318 5380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:20:11.0353 5380 PNRPsvc - ok
09:20:11.0444 5380 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
09:20:11.0469 5380 Point64 - ok
09:20:11.0529 5380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:20:11.0614 5380 PolicyAgent - ok
09:20:11.0744 5380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:20:11.0859 5380 Power - ok
09:20:11.0929 5380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:20:12.0109 5380 PptpMiniport - ok
09:20:12.0144 5380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:20:12.0174 5380 Processor - ok
09:20:12.0279 5380 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:20:12.0564 5380 ProfSvc - ok
09:20:12.0574 5380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:20:12.0594 5380 ProtectedStorage - ok
09:20:12.0729 5380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:20:12.0829 5380 Psched - ok
09:20:12.0924 5380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:20:12.0979 5380 ql2300 - ok
09:20:13.0024 5380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:20:13.0054 5380 ql40xx - ok
09:20:13.0094 5380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:20:13.0124 5380 QWAVE - ok
09:20:13.0144 5380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:20:13.0209 5380 QWAVEdrv - ok
09:20:13.0244 5380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:20:13.0339 5380 RasAcd - ok
09:20:13.0384 5380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:20:13.0424 5380 RasAgileVpn - ok
09:20:13.0454 5380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:20:13.0519 5380 RasAuto - ok
09:20:13.0559 5380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:20:13.0619 5380 Rasl2tp - ok
09:20:13.0684 5380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:20:13.0749 5380 RasMan - ok
09:20:13.0804 5380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:20:13.0859 5380 RasPppoe - ok
09:20:13.0874 5380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:20:13.0959 5380 RasSstp - ok
09:20:14.0019 5380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:20:14.0099 5380 rdbss - ok
09:20:14.0134 5380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:20:14.0159 5380 rdpbus - ok
09:20:14.0184 5380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:20:14.0284 5380 RDPCDD - ok
09:20:14.0399 5380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:20:14.0574 5380 RDPENCDD - ok
09:20:14.0604 5380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:20:14.0644 5380 RDPREFMP - ok
09:20:14.0709 5380 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:20:14.0779 5380 RDPWD - ok
09:20:15.0059 5380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:20:15.0089 5380 rdyboost - ok
09:20:15.0189 5380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:20:15.0294 5380 RemoteAccess - ok
09:20:15.0424 5380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:20:15.0504 5380 RemoteRegistry - ok
09:20:15.0529 5380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:20:15.0574 5380 RpcEptMapper - ok
09:20:15.0609 5380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:20:15.0664 5380 RpcLocator - ok
09:20:15.0744 5380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:20:15.0814 5380 RpcSs - ok
09:20:15.0859 5380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:20:15.0939 5380 rspndr - ok
09:20:16.0039 5380 [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
09:20:16.0064 5380 s1039bus - ok
09:20:16.0099 5380 [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
09:20:16.0109 5380 s1039mdfl - ok
09:20:16.0124 5380 [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
09:20:16.0144 5380 s1039mdm - ok
09:20:16.0159 5380 [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
09:20:16.0174 5380 s1039mgmt - ok
09:20:16.0184 5380 [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
09:20:16.0199 5380 s1039nd5 - ok
09:20:16.0224 5380 [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
09:20:16.0239 5380 s1039obex - ok
09:20:16.0279 5380 [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
09:20:16.0294 5380 s1039unic - ok
09:20:16.0329 5380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:20:16.0349 5380 SamSs - ok
09:20:16.0420 5380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:20:16.0450 5380 sbp2port - ok
09:20:16.0475 5380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:20:16.0580 5380 SCardSvr - ok
09:20:16.0620 5380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:20:16.0675 5380 scfilter - ok
09:20:16.0765 5380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:20:16.0845 5380 Schedule - ok
09:20:16.0890 5380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:20:16.0935 5380 SCPolicySvc - ok
09:20:16.0950 5380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:20:17.0035 5380 SDRSVC - ok
09:20:17.0100 5380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:20:17.0205 5380 secdrv - ok
09:20:17.0235 5380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:20:17.0305 5380 seclogon - ok
09:20:17.0350 5380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:20:17.0430 5380 SENS - ok
09:20:17.0445 5380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:20:17.0520 5380 SensrSvc - ok
09:20:17.0590 5380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:20:17.0620 5380 Serenum - ok
09:20:17.0650 5380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:20:17.0690 5380 Serial - ok
09:20:17.0720 5380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:20:17.0765 5380 sermouse - ok
09:20:17.0855 5380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:20:17.0930 5380 SessionEnv - ok
09:20:17.0980 5380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:20:18.0025 5380 sffdisk - ok
09:20:18.0040 5380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:20:18.0070 5380 sffp_mmc - ok
09:20:18.0090 5380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:20:18.0120 5380 sffp_sd - ok
09:20:18.0200 5380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:20:18.0330 5380 sfloppy - ok
09:20:18.0395 5380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:20:18.0495 5380 SharedAccess - ok
09:20:18.0545 5380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:20:18.0620 5380 ShellHWDetection - ok
09:20:18.0650 5380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:20:18.0665 5380 SiSRaid2 - ok
09:20:18.0725 5380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:20:18.0755 5380 SiSRaid4 - ok
09:20:18.0840 5380 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:20:18.0855 5380 SkypeUpdate - ok
09:20:18.0885 5380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:20:18.0955 5380 Smb - ok
09:20:19.0080 5380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:20:19.0120 5380 SNMPTRAP - ok
09:20:19.0135 5380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:20:19.0150 5380 spldr - ok
09:20:19.0200 5380 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:20:19.0300 5380 Spooler - ok
09:20:19.0690 5380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:20:19.0810 5380 sppsvc - ok
09:20:19.0880 5380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:20:19.0980 5380 sppuinotify - ok
09:20:20.0315 5380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:20:20.0401 5380 srv - ok
09:20:20.0431 5380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:20:20.0466 5380 srv2 - ok
09:20:20.0526 5380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:20:20.0561 5380 srvnet - ok
09:20:20.0611 5380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:20:20.0676 5380 SSDPSRV - ok
09:20:20.0691 5380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:20:20.0741 5380 SstpSvc - ok
09:20:20.0761 5380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:20:20.0776 5380 stexstor - ok
09:20:20.0846 5380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:20:20.0891 5380 stisvc - ok
09:20:20.0936 5380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:20:20.0946 5380 swenum - ok
09:20:21.0076 5380 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:20:21.0136 5380 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
09:20:21.0136 5380 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
09:20:21.0206 5380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:20:21.0306 5380 swprv - ok
09:20:21.0431 5380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:20:21.0501 5380 SysMain - ok
09:20:21.0556 5380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:20:21.0611 5380 TabletInputService - ok
09:20:21.0656 5380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:20:21.0731 5380 TapiSrv - ok
09:20:21.0796 5380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:20:21.0866 5380 TBS - ok
09:20:22.0096 5380 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:20:22.0156 5380 Tcpip - ok
09:20:22.0201 5380 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:20:22.0246 5380 TCPIP6 - ok
09:20:22.0316 5380 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:20:22.0406 5380 tcpipreg - ok
09:20:22.0456 5380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:20:22.0511 5380 TDPIPE - ok
09:20:22.0571 5380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:20:22.0601 5380 TDTCP - ok
09:20:22.0706 5380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:20:22.0771 5380 tdx - ok
09:20:22.0876 5380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:20:22.0901 5380 TermDD - ok
09:20:22.0951 5380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:20:23.0091 5380 TermService - ok
09:20:23.0136 5380 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:20:23.0191 5380 Themes - ok
09:20:23.0221 5380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:20:23.0271 5380 THREADORDER - ok
09:20:23.0281 5380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:20:23.0346 5380 TrkWks - ok
09:20:23.0451 5380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:20:23.0566 5380 TrustedInstaller - ok
09:20:23.0596 5380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:20:23.0641 5380 tssecsrv - ok
09:20:23.0716 5380 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:20:23.0771 5380 TsUsbFlt - ok
09:20:23.0826 5380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:20:23.0901 5380 tunnel - ok
09:20:23.0926 5380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:20:23.0941 5380 uagp35 - ok
09:20:23.0976 5380 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:20:23.0986 5380 UBHelper - ok
09:20:24.0036 5380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:20:24.0086 5380 udfs - ok
09:20:24.0111 5380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:20:24.0131 5380 UI0Detect - ok
09:20:24.0176 5380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:20:24.0191 5380 uliagpkx - ok
09:20:24.0256 5380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:20:24.0306 5380 umbus - ok
09:20:24.0356 5380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:20:24.0391 5380 UmPass - ok
09:20:24.0726 5380 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:20:24.0786 5380 UNS - ok
09:20:24.0866 5380 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:20:24.0896 5380 Updater Service - ok
09:20:24.0966 5380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:20:25.0131 5380 upnphost - ok
09:20:25.0206 5380 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:20:25.0251 5380 USBAAPL64 - ok
09:20:25.0321 5380 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:20:25.0391 5380 usbaudio - ok
09:20:25.0417 5380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:20:25.0442 5380 usbccgp - ok
09:20:25.0467 5380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:20:25.0492 5380 usbcir - ok
09:20:25.0507 5380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:20:25.0522 5380 usbehci - ok
09:20:25.0582 5380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:20:25.0627 5380 usbhub - ok
09:20:25.0642 5380 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:20:25.0672 5380 usbohci - ok
09:20:25.0692 5380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:20:25.0727 5380 usbprint - ok
09:20:25.0737 5380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:20:25.0782 5380 USBSTOR - ok
09:20:25.0797 5380 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:20:25.0842 5380 usbuhci - ok
09:20:25.0932 5380 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:20:25.0977 5380 usbvideo - ok
09:20:26.0027 5380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:20:26.0122 5380 UxSms - ok
09:20:26.0132 5380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:20:26.0147 5380 VaultSvc - ok
09:20:26.0182 5380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:20:26.0192 5380 vdrvroot - ok
09:20:26.0272 5380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:20:26.0367 5380 vds - ok
09:20:26.0412 5380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:20:26.0447 5380 vga - ok
09:20:26.0462 5380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:20:26.0527 5380 VgaSave - ok
09:20:26.0582 5380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:20:26.0617 5380 vhdmp - ok
09:20:26.0682 5380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:20:26.0707 5380 viaide - ok
09:20:26.0727 5380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:20:26.0747 5380 volmgr - ok
09:20:26.0807 5380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:20:26.0847 5380 volmgrx - ok
09:20:26.0922 5380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:20:26.0952 5380 volsnap - ok
09:20:27.0017 5380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:20:27.0042 5380 vsmraid - ok
09:20:27.0192 5380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:20:27.0287 5380 VSS - ok
09:20:27.0302 5380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:20:27.0327 5380 vwifibus - ok
09:20:27.0347 5380 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:20:27.0367 5380 vwififlt - ok
09:20:27.0392 5380 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:20:27.0407 5380 vwifimp - ok
09:20:27.0477 5380 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:20:27.0537 5380 W32Time - ok
09:20:27.0572 5380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:20:27.0597 5380 WacomPen - ok
09:20:27.0657 5380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:20:27.0742 5380 WANARP - ok
09:20:27.0747 5380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:20:27.0792 5380 Wanarpv6 - ok
09:20:27.0917 5380 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:20:27.0967 5380 WatAdminSvc - ok
09:20:28.0117 5380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:20:28.0257 5380 wbengine - ok
09:20:28.0297 5380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:20:28.0327 5380 WbioSrvc - ok
09:20:28.0392 5380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:20:28.0457 5380 wcncsvc - ok
09:20:28.0492 5380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:20:28.0522 5380 WcsPlugInService - ok
09:20:28.0552 5380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:20:28.0562 5380 Wd - ok
09:20:28.0637 5380 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:20:28.0687 5380 Wdf01000 - ok
09:20:28.0717 5380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:20:28.0912 5380 WdiServiceHost - ok
09:20:28.0917 5380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:20:28.0947 5380 WdiSystemHost - ok
09:20:28.0987 5380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:20:29.0037 5380 WebClient - ok
09:20:29.0072 5380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:20:29.0152 5380 Wecsvc - ok
09:20:29.0187 5380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:20:29.0257 5380 wercplsupport - ok
09:20:29.0297 5380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:20:29.0347 5380 WerSvc - ok
09:20:29.0382 5380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:20:29.0427 5380 WfpLwf - ok
09:20:29.0457 5380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:20:29.0472 5380 WIMMount - ok
09:20:29.0497 5380 WinDefend - ok
09:20:29.0502 5380 WinHttpAutoProxySvc - ok
09:20:29.0577 5380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:20:29.0657 5380 Winmgmt - ok
09:20:29.0882 5380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:20:29.0977 5380 WinRM - ok
09:20:30.0082 5380 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:20:30.0127 5380 WinUsb - ok
09:20:30.0177 5380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:20:30.0312 5380 Wlansvc - ok
09:20:30.0492 5380 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:20:30.0567 5380 wlidsvc - ok
09:20:30.0637 5380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:20:30.0682 5380 WmiAcpi - ok
09:20:30.0717 5380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:20:30.0757 5380 wmiApSrv - ok
09:20:30.0787 5380 WMPNetworkSvc - ok
09:20:30.0827 5380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:20:30.0852 5380 WPCSvc - ok
09:20:30.0902 5380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:20:30.0957 5380 WPDBusEnum - ok
09:20:30.0987 5380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:20:31.0047 5380 ws2ifsl - ok
09:20:31.0077 5380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:20:31.0117 5380 wscsvc - ok
09:20:31.0122 5380 WSearch - ok
09:20:31.0277 5380 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:20:31.0377 5380 wuauserv - ok
09:20:31.0603 5380 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:20:31.0673 5380 WudfPf - ok
09:20:31.0738 5380 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:20:31.0833 5380 WUDFRd - ok
09:20:31.0893 5380 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:20:31.0958 5380 wudfsvc - ok
09:20:31.0993 5380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:20:32.0038 5380 WwanSvc - ok
09:20:32.0163 5380 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
09:20:32.0203 5380 xusb21 - ok
09:20:32.0268 5380 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
09:20:32.0293 5380 ================ Scan global ===============================
09:20:32.0348 5380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:20:32.0493 5380 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:20:32.0508 5380 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:20:32.0558 5380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:20:32.0593 5380 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:20:32.0603 5380 [Global] - ok
09:20:32.0603 5380 ================ Scan MBR ==================================
09:20:32.0623 5380 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:20:33.0433 5380 \Device\Harddisk0\DR0 - ok
09:20:33.0433 5380 ================ Scan VBR ==================================
09:20:33.0463 5380 [ 2ABF4F61FA7C844150641D1DB49E3183 ] \Device\Harddisk0\DR0\Partition1
09:20:33.0463 5380 \Device\Harddisk0\DR0\Partition1 - ok
09:20:33.0478 5380 [ CC65AEFBE29DD8571EDA7B0F5CED762D ] \Device\Harddisk0\DR0\Partition2
09:20:33.0478 5380 \Device\Harddisk0\DR0\Partition2 - ok
09:20:33.0478 5380 ============================================================
09:20:33.0478 5380 Scan finished
09:20:33.0478 5380 ============================================================
09:20:33.0493 3460 Detected object count: 5
09:20:33.0493 3460 Actual detected object count: 5
09:31:00.0121 3460 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
09:31:00.0121 3460 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:31:00.0121 3460 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
09:31:00.0121 3460 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:31:00.0126 3460 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:31:00.0126 3460 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:31:00.0126 3460 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:31:00.0126 3460 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:31:00.0126 3460 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
09:31:00.0126 3460 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
11.09.2012, 16:06
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop sehr schnell, sehr langsam Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.09.2012, 13:54
| #23 |
| | Laptop sehr schnell, sehr langsam hier das log: Combofix Logfile: Code:
ATTFilter ComboFix 12-09-14.03 - Chris 15.09.2012 15:02:40.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3957.2481 [GMT 2:00]
ausgeführt von:: c:\users\Chris\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\Chris\AppData\Roaming\explorer.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-15 bis 2012-09-15 ))))))))))))))))))))))))))))))
.
.
2012-09-15 11:42 . 2012-09-15 12:00 -------- d-----w- c:\users\Chris\AppData\Local\Spotify
2012-09-15 11:41 . 2012-09-15 12:39 -------- d-----w- c:\users\Chris\AppData\Roaming\Spotify
2012-09-14 08:27 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07B36084-7095-487B-AB54-9A83141F417D}\mpengine.dll
2012-09-12 17:45 . 2012-09-12 18:37 -------- d-----w- c:\programdata\ASGVIS
2012-09-12 17:36 . 2012-09-12 16:50 108363776 ----a-w- c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XfdEd.exe
2012-09-12 15:25 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 15:25 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 15:25 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 15:25 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 15:25 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 15:25 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 15:25 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 09:19 . 2012-09-11 09:19 -------- d-----w- c:\program files\MAXON
2012-09-08 09:24 . 2012-09-08 09:24 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-08 09:24 . 2012-09-08 09:24 -------- d-----r- c:\program files (x86)\Skype
2012-09-07 12:22 . 2012-09-07 12:22 -------- d-----w- C:\_OTL
2012-09-03 10:01 . 2012-09-14 12:26 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-09-03 10:01 . 2012-09-14 12:26 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-13 05:01 . 2010-08-31 06:35 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 09:13 . 2011-10-23 11:31 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2010-08-25 10:31 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2010-08-25 10:31 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-07-29 19:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2010-08-25 10:31 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2010-08-25 10:31 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-08-25 10:31 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2010-08-25 10:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-10-23 11:31 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-18 18:15 . 2012-08-15 13:50 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-05 20:06 . 2012-08-10 09:38 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-04 22:16 . 2012-08-15 13:51 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-15 13:51 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 22:13 . 2012-08-15 13:51 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14 . 2012-08-15 13:51 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-07-03 11:46 . 2012-08-14 09:00 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-27 07:06 . 2012-08-15 13:50 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-06-27 07:06 . 2012-08-15 13:50 1494016 ----a-w- c:\windows\system32\urlmon.dll
2012-06-27 07:06 . 2012-08-15 13:50 134144 ----a-w- c:\windows\system32\url.dll
2012-06-27 07:03 . 2012-08-15 13:51 9059840 ----a-w- c:\windows\system32\mshtml.dll
2012-06-27 07:03 . 2012-08-15 13:50 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-27 07:03 . 2012-08-15 13:50 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-06-27 07:02 . 2012-08-15 13:50 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-27 07:02 . 2012-08-15 13:50 247808 ----a-w- c:\windows\system32\ieui.dll
2012-06-27 07:02 . 2012-08-15 13:50 2453504 ----a-w- c:\windows\system32\iertutil.dll
2012-06-27 07:02 . 2012-08-15 13:50 12297216 ----a-w- c:\windows\system32\ieframe.dll
2012-06-27 05:53 . 2012-08-15 13:50 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-27 04:53 . 2012-08-15 13:50 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-27 04:10 . 2012-08-15 13:50 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-26 16:58 . 2012-06-26 16:58 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-25 14:30 . 2012-06-25 14:30 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft AutoScreenRecorder 3.1 Free"="0" [X]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Spotify Web Helper"="c:\users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-09-15 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-02-23 1288784]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
XfdEd.exe [2012-9-12 108363776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/04/11 15:30];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-12-02 40448]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-13 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-05 254528]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 204288]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-02-23 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-05 865824]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-01-07 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-26 10496512]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-26 326656]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 13:42]
.
2012-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 13:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-04-11 206208]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-05 860192]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=273608100916l0468z1h5t4541k960
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-151335664-723891683-3374794087-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:ed,42,88,91,f9,8a,52,d2,11,50,d7,7d,dd,66,8f,be,dd,f7,d3,a8,eb,
74,eb,3a,b9,0d,61,10,8e,26,d9,41,a6,63,eb,53,be,52,4a,58,0a,15,36,e9,4e,b2,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-15 15:26:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-15 13:26
.
Vor Suchlauf: 18 Verzeichnis(se), 26.613.411.840 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 26.297.905.152 Bytes frei
.
- - End Of File - - 58D3FD779E033BEA0C633228BAC6E682
|
|
21.09.2012, 19:53
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop sehr schnell, sehr langsam Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter File::
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XfdEd.exe
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 15:36
| #25 |
| | Laptop sehr schnell, sehr langsam Endlich habe ich mal wieder eine ruhige Minute gefunden. Hier das log: Combofix Logfile: Code:
ATTFilter ComboFix 12-10-04.02 - Chris 05.10.2012 10:18:21.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3957.2410 [GMT 2:00]
ausgeführt von:: c:\users\Chris\Downloads\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Chris\Downloads\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XfdEd.exe"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-05 bis 2012-10-05 ))))))))))))))))))))))))))))))
.
.
2012-10-05 08:30 . 2012-10-05 08:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-05 08:19 . 2012-10-05 08:19 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{707FC53F-BE7C-49B8-A52D-0E1C900D6E9E}\offreg.dll
2012-10-05 07:39 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{707FC53F-BE7C-49B8-A52D-0E1C900D6E9E}\mpengine.dll
2012-09-29 19:57 . 2012-09-29 19:57 -------- d-----w- c:\program files (x86)\uTorrent
2012-09-29 19:56 . 2012-10-02 13:27 -------- d-----w- c:\users\Chris\AppData\Roaming\uTorrent
2012-09-27 09:56 . 2012-09-27 09:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-27 09:56 . 2012-09-27 09:55 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-26 10:45 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-21 16:30 . 2012-09-21 16:30 -------- d-----w- c:\users\Chris\AppData\Local\Macromedia
2012-09-21 16:28 . 2012-09-21 16:28 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 16:28 . 2012-09-21 16:28 -------- d-----w- c:\windows\system32\Macromed
2012-09-19 20:05 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-19 20:04 . 2012-09-19 20:04 -------- d-----w- c:\program files\iPod
2012-09-19 20:04 . 2012-09-19 20:05 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-19 20:04 . 2012-09-19 20:05 -------- d-----w- c:\program files\iTunes
2012-09-16 09:04 . 2012-09-16 09:04 -------- d-----w- c:\users\Chris\AppData\Roaming\Advanced Chemistry Development
2012-09-15 11:42 . 2012-10-04 21:50 -------- d-----w- c:\users\Chris\AppData\Local\Spotify
2012-09-15 11:41 . 2012-10-04 23:30 -------- d-----w- c:\users\Chris\AppData\Roaming\Spotify
2012-09-12 17:45 . 2012-09-12 18:37 -------- d-----w- c:\programdata\ASGVIS
2012-09-12 17:36 . 2012-09-12 16:50 108363776 ----a-w- c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XfdEd.exe
2012-09-12 15:25 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 15:25 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 15:25 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 15:25 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 15:25 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 15:25 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 15:25 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 09:19 . 2012-09-11 09:19 -------- d-----w- c:\program files\MAXON
2012-09-08 09:24 . 2012-09-08 09:24 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-08 09:24 . 2012-09-08 09:24 -------- d-----r- c:\program files (x86)\Skype
2012-09-07 12:22 . 2012-09-07 12:22 -------- d-----w- C:\_OTL
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-27 09:55 . 2012-08-10 09:38 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-27 09:55 . 2010-08-24 07:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-21 16:28 . 2011-07-05 18:53 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-13 05:01 . 2010-08-31 06:35 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 11:01 . 2011-09-05 07:10 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2011-09-05 07:10 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-21 09:13 . 2011-10-23 11:31 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2010-08-25 10:31 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2010-08-25 10:31 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-07-29 19:17 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2010-08-25 10:31 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2010-08-25 10:31 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-08-25 10:31 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2010-08-25 10:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-10-23 11:31 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-18 18:15 . 2012-08-15 13:50 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-09 11:42 . 2012-07-09 11:42 4547984 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft AutoScreenRecorder 3.1 Free"="0" [X]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Spotify Web Helper"="c:\users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-09-15 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-02-23 1288784]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
XfdEd.exe [2012-9-12 108363776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/04/11 15:30];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-12-02 40448]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-13 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-05 254528]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 204288]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-02-23 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-05 865824]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-01-07 255744]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-26 10496512]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-26 326656]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 13:42]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 13:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-04-11 206208]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-05 860192]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=273608100916l0468z1h5t4541k960
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-151335664-723891683-3374794087-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:ed,42,88,91,f9,8a,52,d2,11,50,d7,7d,dd,66,8f,be,dd,f7,d3,a8,eb,
74,eb,3a,b9,0d,61,10,8e,26,d9,41,a6,63,eb,53,be,52,4a,58,0a,15,36,e9,4e,b2,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-05 10:36:12
ComboFix-quarantined-files.txt 2012-10-05 08:36
ComboFix2.txt 2012-09-15 13:26
.
Vor Suchlauf: 19 Verzeichnis(se), 26.700.648.448 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 26.864.353.280 Bytes frei
.
- - End Of File - - CE685DE3098A10406B79D505E6714048
|
|
11.10.2012, 16:02
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop sehr schnell, sehr langsam Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.10.2012, 20:39
| #27 |
| | Laptop sehr schnell, sehr langsam hier zunächst GMER: [code] GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-14 21:16:56
Windows 6.1.7601 Service Pack 1
Running: 8dhrk2mk.exe
---- Files - GMER 1.0.15 ----
File C:\avast! sandbox 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7} 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364 0 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\file-16px.png 495 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\folder-16px.png 547 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\leftImage.png 81662 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\logoImage.png 11698 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\msgbox-error.png 1553 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\msgbox-info.png 2669 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\msgbox-question.png 2662 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\msgbox-warning.png 1807 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\open_project-16px.png 639 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\slideShow0.png 209167 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\slideShow1.png 183880 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\slideShow2.png 214843 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\slideShow3.png 198235 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\splashImage.png 209167 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\updir.png 1133 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\wmImage.png 11698 bytes
File C:\avast! sandbox\S-1-5-21-151335664-723891683-3374794087-1000\r316\_uninstall6124_{fb6fd440-fd04-11e1-a367-00262d9bace7}\C\Users\Chris\AppData\Local\Temp\.bitrock\.tmp_5208_8850364\x01image_small.png 8476 bytes
---- EOF - GMER 1.0.15 ----
hier kommt OSAM: Code:
ATTFilter OSAM Logfile: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-14 21:30:13
-----------------------------
21:30:13.756 OS Version: Windows x64 6.1.7601 Service Pack 1
21:30:13.756 Number of processors: 4 586 0x2502
21:30:13.756 ComputerName: CHRIS-PC UserName: Chris
21:30:14.692 Initialize success
21:30:18.124 AVAST engine defs: 12101400
21:31:58.791 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:31:58.807 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3
21:31:58.838 Disk 0 MBR read successfully
21:31:58.838 Disk 0 MBR scan
21:31:58.854 Disk 0 Windows VISTA default MBR code
21:31:58.854 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
21:31:58.869 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 24578048
21:31:58.885 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 293143 MB offset 24782848
21:31:58.932 Disk 0 scanning C:\Windows\system32\drivers
21:32:12.894 Service scanning
21:32:48.961 Modules scanning
21:32:48.977 Disk 0 trace - called modules:
21:32:49.008 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:32:49.523 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bc1060]
21:32:49.523 3 CLASSPNP.SYS[fffff88001a5b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004912050]
21:32:49.539 Scan finished successfully
21:34:10.586 Disk 0 MBR has been saved successfully to "C:\Users\Chris\Documents\MBR.dat"
21:34:10.586 The log file has been saved successfully to "C:\Users\Chris\Documents\aswMBR.txt"
|
|
15.10.2012, 10:39
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop sehr schnell, sehr langsam Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Laptop sehr schnell, sehr langsam |
| administrator, anti-malware, autostart, code, dateien, explorer, gen, guten, langsam, langsamkeit, laptop, malwarebytes, microsoft, online, problem, scan, schnell, schädlinge, sehr langsam, seite, service, software, speicher, spiele, spielen, trojaner, version |
Linear-Darstellung
