| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Langsamer PC, oft Keine RückmeldungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.09.2012, 00:38
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Langsamer PC, oft Keine Rückmeldung Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
SRV - (Rezip) -- C:\Windows\SysWOW64\Rezip.exe ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{30d84408-23f6-11e1-a24c-e8113225d51f}\Shell - "" = AutoRun
O33 - MountPoints2\{30d84408-23f6-11e1-a24c-e8113225d51f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{30d84427-23f6-11e1-a24c-e8113225d51f}\Shell - "" = AutoRun
O33 - MountPoints2\{30d84427-23f6-11e1-a24c-e8113225d51f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a8cd7116-e1f5-11e0-924e-e8113225d51f}\Shell - "" = AutoRun
O33 - MountPoints2\{a8cd7116-e1f5-11e0-924e-e8113225d51f}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
O33 - MountPoints2\{c2368966-2e8a-11e1-b817-e8113225d51f}\Shell - "" = AutoRun
O33 - MountPoints2\{c2368966-2e8a-11e1-b817-e8113225d51f}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\index.html
O33 - MountPoints2\{c36ba8ca-2491-11e1-afc5-e8113225d51f}\Shell - "" = AutoRun
O33 - MountPoints2\{c36ba8ca-2491-11e1-afc5-e8113225d51f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:E36F5B57
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.09.2012, 10:43
| #17 |
 | Langsamer PC, oft Keine RückmeldungCode:
ATTFilter All processes killed
========== OTL ==========
Error: Unable to stop service Rezip!
Service Rezip deleted successfully!
C:\Windows\SysWOW64\Rezip.exe moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d84408-23f6-11e1-a24c-e8113225d51f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30d84408-23f6-11e1-a24c-e8113225d51f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d84408-23f6-11e1-a24c-e8113225d51f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30d84408-23f6-11e1-a24c-e8113225d51f}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d84427-23f6-11e1-a24c-e8113225d51f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30d84427-23f6-11e1-a24c-e8113225d51f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30d84427-23f6-11e1-a24c-e8113225d51f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30d84427-23f6-11e1-a24c-e8113225d51f}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8cd7116-e1f5-11e0-924e-e8113225d51f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8cd7116-e1f5-11e0-924e-e8113225d51f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8cd7116-e1f5-11e0-924e-e8113225d51f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8cd7116-e1f5-11e0-924e-e8113225d51f}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2368966-2e8a-11e1-b817-e8113225d51f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2368966-2e8a-11e1-b817-e8113225d51f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2368966-2e8a-11e1-b817-e8113225d51f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2368966-2e8a-11e1-b817-e8113225d51f}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\index.html not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c36ba8ca-2491-11e1-afc5-e8113225d51f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c36ba8ca-2491-11e1-afc5-e8113225d51f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c36ba8ca-2491-11e1-afc5-e8113225d51f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c36ba8ca-2491-11e1-afc5-e8113225d51f}\ not found.
File F:\AutoRun.exe not found.
ADS C:\ProgramData\Temp:E36F5B57 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\******\Desktop\cmd.bat deleted successfully.
C:\Users\******\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: ******
->Temp folder emptied: 67808080 bytes
->Temporary Internet Files folder emptied: 212465527 bytes
->Java cache emptied: 254326 bytes
->FireFox cache emptied: 1139268249 bytes
->Flash cache emptied: 66578 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119753917 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 163005027 bytes
Total Files Cleaned = 1,624.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.3 log created on 09122012_111709
Files\Folders moved on Reboot...
C:\Users\******\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Code:
ATTFilter # AdwCleaner v2.000 - Datei am 09/12/2012 um 15:12:20 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : ****** - BIGT
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\******\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
-\\ Mozilla Firefox v15.0.1 (de)
Profilname : default
Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ga61upru.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [13808 octets] - [05/09/2012 00:52:25]
AdwCleaner[R2].txt - [13869 octets] - [05/09/2012 22:51:28]
AdwCleaner[S1].txt - [14487 octets] - [05/09/2012 22:51:49]
AdwCleaner[S2].txt - [986 octets] - [12/09/2012 15:12:20]
########## EOF - C:\AdwCleaner[S2].txt - [1045 octets] ##########
|
|
12.09.2012, 14:19
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine Rückmeldung Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
12.09.2012, 14:40
| #19 |
| | Langsamer PC, oft Keine RückmeldungCode:
ATTFilter 15:35:09.0235 0784 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:35:09.0438 0784 ============================================================
15:35:09.0438 0784 Current date / time: 2012/09/12 15:35:09.0438
15:35:09.0438 0784 SystemInfo:
15:35:09.0438 0784
15:35:09.0438 0784 OS Version: 6.1.7601 ServicePack: 1.0
15:35:09.0438 0784 Product type: Workstation
15:35:09.0438 0784 ComputerName: BIGT
15:35:09.0438 0784 UserName: ******
15:35:09.0438 0784 Windows directory: C:\Windows
15:35:09.0438 0784 System windows directory: C:\Windows
15:35:09.0438 0784 Running under WOW64
15:35:09.0438 0784 Processor architecture: Intel x64
15:35:09.0438 0784 Number of processors: 4
15:35:09.0438 0784 Page size: 0x1000
15:35:09.0438 0784 Boot type: Normal boot
15:35:09.0438 0784 ============================================================
15:35:10.0156 0784 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:35:10.0171 0784 ============================================================
15:35:10.0171 0784 \Device\Harddisk0\DR0:
15:35:10.0171 0784 MBR partitions:
15:35:10.0171 0784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
15:35:10.0171 0784 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x1EC00000
15:35:10.0187 0784 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x21433000, BlocksNum 0x18F52800
15:35:10.0187 0784 ============================================================
15:35:10.0218 0784 C: <-> \Device\Harddisk0\DR0\Partition2
15:35:10.0280 0784 D: <-> \Device\Harddisk0\DR0\Partition3
15:35:10.0280 0784 ============================================================
15:35:10.0280 0784 Initialize success
15:35:10.0280 0784 ============================================================
15:35:27.0362 4976 ============================================================
15:35:27.0362 4976 Scan started
15:35:27.0362 4976 Mode: Manual; SigCheck; TDLFS;
15:35:27.0362 4976 ============================================================
15:35:27.0690 4976 ================ Scan system memory ========================
15:35:27.0690 4976 System memory - ok
15:35:27.0690 4976 ================ Scan services =============================
15:35:27.0924 4976 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:35:28.0096 4976 1394ohci - ok
15:35:28.0158 4976 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:35:28.0174 4976 ACPI - ok
15:35:28.0267 4976 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:35:28.0298 4976 AcpiPmi - ok
15:35:28.0439 4976 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:28.0454 4976 AdobeARMservice - ok
15:35:28.0610 4976 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:35:28.0626 4976 AdobeFlashPlayerUpdateSvc - ok
15:35:28.0688 4976 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:35:28.0720 4976 adp94xx - ok
15:35:28.0751 4976 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:35:28.0782 4976 adpahci - ok
15:35:28.0813 4976 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:35:28.0844 4976 adpu320 - ok
15:35:28.0876 4976 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:35:28.0969 4976 AeLookupSvc - ok
15:35:29.0016 4976 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:35:29.0063 4976 AFD - ok
15:35:29.0125 4976 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:35:29.0156 4976 agp440 - ok
15:35:29.0188 4976 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:35:29.0219 4976 ALG - ok
15:35:29.0266 4976 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:35:29.0281 4976 aliide - ok
15:35:29.0328 4976 [ 94E1920E0E45ABAF0E09CCCCBE99733C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:35:29.0390 4976 AMD External Events Utility - ok
15:35:29.0406 4976 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:35:29.0422 4976 amdide - ok
15:35:29.0453 4976 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:35:29.0500 4976 AmdK8 - ok
15:35:29.0671 4976 [ 3D07F9C090C7A1D76D624972A5384471 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:35:29.0936 4976 amdkmdag - ok
15:35:29.0968 4976 [ 99AB7E4B24C80155DC4296F657FAF3C7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:35:30.0014 4976 amdkmdap - ok
15:35:30.0046 4976 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:35:30.0077 4976 AmdPPM - ok
15:35:30.0124 4976 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:35:30.0139 4976 amdsata - ok
15:35:30.0170 4976 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:35:30.0202 4976 amdsbs - ok
15:35:30.0217 4976 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:35:30.0233 4976 amdxata - ok
15:35:30.0389 4976 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:35:30.0404 4976 AntiVirSchedulerService - ok
15:35:30.0451 4976 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:35:30.0467 4976 AntiVirService - ok
15:35:30.0529 4976 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:35:30.0607 4976 AppID - ok
15:35:30.0623 4976 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:35:30.0716 4976 AppIDSvc - ok
15:35:30.0763 4976 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:35:30.0841 4976 Appinfo - ok
15:35:30.0919 4976 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:30.0935 4976 Apple Mobile Device - ok
15:35:30.0982 4976 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:35:30.0997 4976 arc - ok
15:35:31.0013 4976 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:35:31.0028 4976 arcsas - ok
15:35:31.0060 4976 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:35:31.0138 4976 AsyncMac - ok
15:35:31.0200 4976 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:35:31.0216 4976 atapi - ok
15:35:31.0325 4976 [ 3D68A1EEF77307142636AF5127990BCB ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:35:31.0434 4976 athr - ok
15:35:31.0481 4976 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:35:31.0528 4976 AtiHdmiService - ok
15:35:31.0590 4976 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:35:31.0684 4976 AudioEndpointBuilder - ok
15:35:31.0699 4976 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:35:31.0777 4976 AudioSrv - ok
15:35:31.0871 4976 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:35:31.0902 4976 avgntflt - ok
15:35:31.0933 4976 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:35:31.0949 4976 avipbb - ok
15:35:31.0980 4976 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:35:31.0996 4976 avkmgr - ok
15:35:32.0058 4976 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:35:32.0105 4976 AxInstSV - ok
15:35:32.0136 4976 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:35:32.0183 4976 b06bdrv - ok
15:35:32.0214 4976 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:35:32.0276 4976 b57nd60a - ok
15:35:32.0323 4976 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:35:32.0339 4976 BDESVC - ok
15:35:32.0370 4976 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:35:32.0464 4976 Beep - ok
15:35:32.0557 4976 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:35:32.0651 4976 BFE - ok
15:35:32.0698 4976 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:35:32.0807 4976 BITS - ok
15:35:32.0838 4976 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:35:32.0869 4976 blbdrive - ok
15:35:32.0963 4976 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:35:32.0994 4976 Bonjour Service - ok
15:35:33.0056 4976 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:35:33.0119 4976 bowser - ok
15:35:33.0166 4976 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:35:33.0244 4976 BrFiltLo - ok
15:35:33.0259 4976 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:35:33.0306 4976 BrFiltUp - ok
15:35:33.0368 4976 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:35:33.0400 4976 Browser - ok
15:35:33.0415 4976 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:35:33.0446 4976 Brserid - ok
15:35:33.0478 4976 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:35:33.0509 4976 BrSerWdm - ok
15:35:33.0524 4976 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:35:33.0556 4976 BrUsbMdm - ok
15:35:33.0587 4976 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:35:33.0618 4976 BrUsbSer - ok
15:35:33.0665 4976 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:35:33.0712 4976 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
15:35:33.0712 4976 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
15:35:33.0743 4976 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:35:33.0790 4976 BthEnum - ok
15:35:33.0821 4976 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:35:33.0852 4976 BTHMODEM - ok
15:35:33.0883 4976 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:35:33.0930 4976 BthPan - ok
15:35:33.0961 4976 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:35:34.0008 4976 BTHPORT - ok
15:35:34.0055 4976 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:35:34.0148 4976 bthserv - ok
15:35:34.0180 4976 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:35:34.0211 4976 BTHUSB - ok
15:35:34.0242 4976 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:35:34.0320 4976 cdfs - ok
15:35:34.0367 4976 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:35:34.0414 4976 cdrom - ok
15:35:34.0460 4976 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:35:34.0554 4976 CertPropSvc - ok
15:35:34.0585 4976 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:35:34.0616 4976 circlass - ok
15:35:34.0679 4976 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:35:34.0710 4976 CLFS - ok
15:35:34.0772 4976 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:34.0788 4976 clr_optimization_v2.0.50727_32 - ok
15:35:34.0819 4976 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:35:34.0835 4976 clr_optimization_v2.0.50727_64 - ok
15:35:34.0944 4976 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:35:34.0960 4976 clr_optimization_v4.0.30319_32 - ok
15:35:34.0991 4976 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:35:35.0006 4976 clr_optimization_v4.0.30319_64 - ok
15:35:35.0038 4976 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:35:35.0069 4976 CmBatt - ok
15:35:35.0100 4976 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:35:35.0116 4976 cmdide - ok
15:35:35.0178 4976 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:35:35.0225 4976 CNG - ok
15:35:35.0272 4976 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:35:35.0287 4976 Compbatt - ok
15:35:35.0350 4976 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:35:35.0412 4976 CompositeBus - ok
15:35:35.0428 4976 COMSysApp - ok
15:35:35.0443 4976 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:35:35.0459 4976 crcdisk - ok
15:35:35.0521 4976 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:35:35.0552 4976 CryptSvc - ok
15:35:35.0615 4976 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:35:35.0708 4976 DcomLaunch - ok
15:35:35.0755 4976 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:35:35.0833 4976 defragsvc - ok
15:35:35.0880 4976 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:35:35.0974 4976 DfsC - ok
15:35:36.0036 4976 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:35:36.0130 4976 Dhcp - ok
15:35:36.0161 4976 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:35:36.0254 4976 discache - ok
15:35:36.0286 4976 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:35:36.0317 4976 Disk - ok
15:35:36.0364 4976 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:35:36.0410 4976 Dnscache - ok
15:35:36.0457 4976 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:35:36.0535 4976 dot3svc - ok
15:35:36.0598 4976 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:35:36.0676 4976 DPS - ok
15:35:36.0707 4976 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:35:36.0754 4976 drmkaud - ok
15:35:36.0816 4976 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:35:36.0832 4976 dtsoftbus01 - ok
15:35:36.0878 4976 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:35:36.0925 4976 DXGKrnl - ok
15:35:36.0956 4976 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:35:37.0034 4976 EapHost - ok
15:35:37.0128 4976 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:35:37.0268 4976 ebdrv - ok
15:35:37.0331 4976 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:35:37.0362 4976 EFS - ok
15:35:37.0456 4976 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:35:37.0518 4976 ehRecvr - ok
15:35:37.0549 4976 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:35:37.0565 4976 ehSched - ok
15:35:37.0627 4976 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:35:37.0659 4976 elxstor - ok
15:35:37.0674 4976 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:35:37.0705 4976 ErrDev - ok
15:35:37.0752 4976 [ 438021C3F32F30E227D0F5DFD118B7B1 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:35:37.0799 4976 ETD - ok
15:35:37.0830 4976 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:35:37.0908 4976 EventSystem - ok
15:35:37.0924 4976 ewusbnet - ok
15:35:37.0955 4976 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:35:38.0033 4976 exfat - ok
15:35:38.0064 4976 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:35:38.0142 4976 fastfat - ok
15:35:38.0205 4976 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:35:38.0251 4976 Fax - ok
15:35:38.0283 4976 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:35:38.0314 4976 fdc - ok
15:35:38.0329 4976 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:35:38.0407 4976 fdPHost - ok
15:35:38.0423 4976 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:35:38.0485 4976 FDResPub - ok
15:35:38.0517 4976 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:35:38.0532 4976 FileInfo - ok
15:35:38.0548 4976 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:35:38.0641 4976 Filetrace - ok
15:35:38.0657 4976 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:35:38.0688 4976 flpydisk - ok
15:35:38.0735 4976 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:35:38.0766 4976 FltMgr - ok
15:35:38.0829 4976 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:35:38.0907 4976 FontCache - ok
15:35:38.0985 4976 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:35:39.0000 4976 FontCache3.0.0.0 - ok
15:35:39.0016 4976 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:35:39.0031 4976 FsDepends - ok
15:35:39.0078 4976 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:35:39.0094 4976 Fs_Rec - ok
15:35:39.0156 4976 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:35:39.0187 4976 fvevol - ok
15:35:39.0219 4976 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:35:39.0234 4976 gagp30kx - ok
15:35:39.0265 4976 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:35:39.0281 4976 GEARAspiWDM - ok
15:35:39.0328 4976 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:35:39.0421 4976 gpsvc - ok
15:35:39.0515 4976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:35:39.0531 4976 gupdate - ok
15:35:39.0546 4976 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:35:39.0562 4976 gupdatem - ok
15:35:39.0624 4976 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:35:39.0640 4976 gusvc - ok
15:35:39.0671 4976 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:35:39.0702 4976 hcw85cir - ok
15:35:39.0749 4976 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:35:39.0796 4976 HdAudAddService - ok
15:35:39.0827 4976 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:35:39.0858 4976 HDAudBus - ok
15:35:39.0889 4976 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:35:39.0921 4976 HidBatt - ok
15:35:39.0936 4976 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:35:39.0983 4976 HidBth - ok
15:35:39.0999 4976 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:35:40.0030 4976 HidIr - ok
15:35:40.0061 4976 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:35:40.0139 4976 hidserv - ok
15:35:40.0186 4976 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:35:40.0217 4976 HidUsb - ok
15:35:40.0264 4976 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:35:40.0373 4976 hkmsvc - ok
15:35:40.0420 4976 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:35:40.0451 4976 HomeGroupListener - ok
15:35:40.0513 4976 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:35:40.0545 4976 HomeGroupProvider - ok
15:35:40.0591 4976 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:35:40.0623 4976 HpSAMD - ok
15:35:40.0685 4976 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:35:40.0779 4976 HTTP - ok
15:35:40.0825 4976 hwdatacard - ok
15:35:40.0857 4976 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:35:40.0888 4976 hwpolicy - ok
15:35:40.0888 4976 hwusbdev - ok
15:35:40.0966 4976 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:35:40.0981 4976 i8042prt - ok
15:35:41.0013 4976 [ A5F72BB0D024E7E463344105BE613AE4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:35:41.0044 4976 iaStor - ok
15:35:41.0091 4976 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:35:41.0122 4976 iaStorV - ok
15:35:41.0200 4976 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:35:41.0231 4976 idsvc - ok
15:35:41.0403 4976 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:35:41.0637 4976 igfx - ok
15:35:41.0668 4976 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:35:41.0699 4976 iirsp - ok
15:35:41.0746 4976 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:35:41.0855 4976 IKEEXT - ok
15:35:41.0917 4976 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
15:35:41.0964 4976 Impcd - ok
15:35:42.0058 4976 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:35:42.0136 4976 IntcAzAudAddService - ok
15:35:42.0198 4976 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:35:42.0229 4976 intelide - ok
15:35:42.0261 4976 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:35:42.0292 4976 intelppm - ok
15:35:42.0323 4976 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:35:42.0401 4976 IPBusEnum - ok
15:35:42.0448 4976 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:35:42.0526 4976 IpFilterDriver - ok
15:35:42.0604 4976 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:35:42.0697 4976 iphlpsvc - ok
15:35:42.0729 4976 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:35:42.0760 4976 IPMIDRV - ok
15:35:42.0791 4976 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:35:42.0870 4976 IPNAT - ok
15:35:42.0932 4976 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:35:42.0964 4976 iPod Service - ok
15:35:43.0010 4976 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:35:43.0057 4976 IRENUM - ok
15:35:43.0088 4976 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:35:43.0120 4976 isapnp - ok
15:35:43.0151 4976 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:35:43.0182 4976 iScsiPrt - ok
15:35:43.0213 4976 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:35:43.0229 4976 kbdclass - ok
15:35:43.0276 4976 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:35:43.0307 4976 kbdhid - ok
15:35:43.0338 4976 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:35:43.0354 4976 KeyIso - ok
15:35:43.0416 4976 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:35:43.0432 4976 KSecDD - ok
15:35:43.0447 4976 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:35:43.0463 4976 KSecPkg - ok
15:35:43.0494 4976 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:35:43.0572 4976 ksthunk - ok
15:35:43.0603 4976 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:35:43.0666 4976 KtmRm - ok
15:35:43.0744 4976 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:35:43.0822 4976 LanmanServer - ok
15:35:43.0868 4976 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:35:43.0946 4976 LanmanWorkstation - ok
15:35:43.0978 4976 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:35:44.0056 4976 lltdio - ok
15:35:44.0071 4976 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:35:44.0165 4976 lltdsvc - ok
15:35:44.0180 4976 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:35:44.0258 4976 lmhosts - ok
15:35:44.0290 4976 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:35:44.0305 4976 LSI_FC - ok
15:35:44.0321 4976 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:35:44.0336 4976 LSI_SAS - ok
15:35:44.0352 4976 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:35:44.0383 4976 LSI_SAS2 - ok
15:35:44.0399 4976 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:35:44.0414 4976 LSI_SCSI - ok
15:35:44.0430 4976 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:35:44.0508 4976 luafv - ok
15:35:44.0586 4976 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:35:44.0602 4976 MBAMProtector - ok
15:35:44.0680 4976 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:35:44.0711 4976 MBAMService - ok
15:35:44.0758 4976 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:35:44.0804 4976 Mcx2Svc - ok
15:35:44.0820 4976 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:35:44.0836 4976 megasas - ok
15:35:44.0867 4976 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:35:44.0898 4976 MegaSR - ok
15:35:44.0960 4976 Microsoft SharePoint Workspace Audit Service - ok
15:35:44.0992 4976 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:35:45.0070 4976 MMCSS - ok
15:35:45.0085 4976 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:35:45.0163 4976 Modem - ok
15:35:45.0194 4976 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:35:45.0241 4976 monitor - ok
15:35:45.0304 4976 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:35:45.0319 4976 mouclass - ok
15:35:45.0350 4976 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:35:45.0382 4976 mouhid - ok
15:35:45.0444 4976 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:35:45.0460 4976 mountmgr - ok
15:35:45.0522 4976 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:35:45.0538 4976 MozillaMaintenance - ok
15:35:45.0569 4976 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:35:45.0584 4976 mpio - ok
15:35:45.0616 4976 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:35:45.0694 4976 mpsdrv - ok
15:35:45.0740 4976 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:35:45.0834 4976 MpsSvc - ok
15:35:45.0881 4976 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:35:45.0928 4976 MRxDAV - ok
15:35:45.0959 4976 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:35:46.0006 4976 mrxsmb - ok
15:35:46.0037 4976 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:35:46.0068 4976 mrxsmb10 - ok
15:35:46.0084 4976 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:35:46.0130 4976 mrxsmb20 - ok
15:35:46.0146 4976 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:35:46.0162 4976 msahci - ok
15:35:46.0208 4976 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:35:46.0224 4976 msdsm - ok
15:35:46.0240 4976 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:35:46.0286 4976 MSDTC - ok
15:35:46.0333 4976 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:35:46.0411 4976 Msfs - ok
15:35:46.0411 4976 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:35:46.0489 4976 mshidkmdf - ok
15:35:46.0536 4976 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:35:46.0552 4976 msisadrv - ok
15:35:46.0583 4976 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:35:46.0661 4976 MSiSCSI - ok
15:35:46.0661 4976 msiserver - ok
15:35:46.0676 4976 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:35:46.0739 4976 MSKSSRV - ok
15:35:46.0754 4976 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:35:46.0832 4976 MSPCLOCK - ok
15:35:46.0832 4976 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:35:46.0910 4976 MSPQM - ok
15:35:46.0957 4976 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:35:46.0988 4976 MsRPC - ok
15:35:47.0035 4976 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:35:47.0051 4976 mssmbios - ok
15:35:47.0082 4976 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:35:47.0160 4976 MSTEE - ok
15:35:47.0176 4976 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:35:47.0222 4976 MTConfig - ok
15:35:47.0238 4976 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:35:47.0254 4976 Mup - ok
15:35:47.0300 4976 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:35:47.0378 4976 napagent - ok
15:35:47.0410 4976 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:35:47.0456 4976 NativeWifiP - ok
15:35:47.0534 4976 [ 1BBBF640BC0E0B750537BAECE8D66C18 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:35:47.0566 4976 NAUpdate - ok
15:35:47.0612 4976 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:35:47.0659 4976 NDIS - ok
15:35:47.0706 4976 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:35:47.0784 4976 NdisCap - ok
15:35:47.0815 4976 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:35:47.0893 4976 NdisTapi - ok
15:35:47.0940 4976 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:35:48.0002 4976 Ndisuio - ok
15:35:48.0049 4976 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:35:48.0127 4976 NdisWan - ok
15:35:48.0190 4976 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:35:48.0252 4976 NDProxy - ok
15:35:48.0283 4976 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:35:48.0361 4976 NetBIOS - ok
15:35:48.0408 4976 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:35:48.0486 4976 NetBT - ok
15:35:48.0502 4976 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:35:48.0533 4976 Netlogon - ok
15:35:48.0564 4976 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:35:48.0658 4976 Netman - ok
15:35:48.0673 4976 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:35:48.0767 4976 netprofm - ok
15:35:48.0798 4976 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:48.0814 4976 NetTcpPortSharing - ok
15:35:48.0845 4976 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:35:48.0860 4976 nfrd960 - ok
15:35:48.0938 4976 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:35:49.0016 4976 NlaSvc - ok
15:35:49.0032 4976 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:35:49.0094 4976 Npfs - ok
15:35:49.0126 4976 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:35:49.0204 4976 nsi - ok
15:35:49.0219 4976 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:35:49.0297 4976 nsiproxy - ok
15:35:49.0375 4976 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:35:49.0438 4976 Ntfs - ok
15:35:49.0484 4976 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:35:49.0562 4976 Null - ok
15:35:49.0578 4976 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:35:49.0609 4976 nvraid - ok
15:35:49.0640 4976 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:35:49.0656 4976 nvstor - ok
15:35:49.0718 4976 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:35:49.0750 4976 nv_agp - ok
15:35:49.0781 4976 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:35:49.0812 4976 ohci1394 - ok
15:35:49.0890 4976 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:35:49.0906 4976 ose - ok
15:35:50.0062 4976 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:35:50.0280 4976 osppsvc - ok
15:35:50.0358 4976 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:35:50.0389 4976 p2pimsvc - ok
15:35:50.0420 4976 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:35:50.0467 4976 p2psvc - ok
15:35:50.0498 4976 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:35:50.0514 4976 Parport - ok
15:35:50.0561 4976 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:35:50.0576 4976 partmgr - ok
15:35:50.0608 4976 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:35:50.0654 4976 PcaSvc - ok
15:35:50.0701 4976 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:35:50.0732 4976 pci - ok
15:35:50.0748 4976 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:35:50.0764 4976 pciide - ok
15:35:50.0795 4976 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:35:50.0810 4976 pcmcia - ok
15:35:50.0826 4976 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:35:50.0842 4976 pcw - ok
15:35:50.0873 4976 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:35:50.0966 4976 PEAUTH - ok
15:35:51.0044 4976 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:35:51.0091 4976 PerfHost - ok
15:35:51.0169 4976 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:35:51.0263 4976 pla - ok
15:35:51.0310 4976 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:35:51.0356 4976 PlugPlay - ok
15:35:51.0372 4976 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:35:51.0419 4976 PNRPAutoReg - ok
15:35:51.0434 4976 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:35:51.0466 4976 PNRPsvc - ok
15:35:51.0512 4976 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:35:51.0528 4976 Point64 - ok
15:35:51.0575 4976 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:35:51.0668 4976 PolicyAgent - ok
15:35:51.0700 4976 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:35:51.0778 4976 Power - ok
15:35:51.0824 4976 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:35:51.0887 4976 PptpMiniport - ok
15:35:51.0918 4976 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:35:51.0965 4976 Processor - ok
15:35:51.0996 4976 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:35:52.0027 4976 ProfSvc - ok
15:35:52.0043 4976 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:35:52.0058 4976 ProtectedStorage - ok
15:35:52.0105 4976 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:35:52.0168 4976 Psched - ok
15:35:52.0230 4976 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:35:52.0246 4976 PxHlpa64 - ok
15:35:52.0292 4976 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:35:52.0370 4976 ql2300 - ok
15:35:52.0386 4976 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:35:52.0402 4976 ql40xx - ok
15:35:52.0448 4976 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:35:52.0480 4976 QWAVE - ok
15:35:52.0495 4976 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:35:52.0526 4976 QWAVEdrv - ok
15:35:52.0558 4976 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:35:52.0620 4976 RasAcd - ok
15:35:52.0651 4976 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:35:52.0714 4976 RasAgileVpn - ok
15:35:52.0729 4976 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:35:52.0807 4976 RasAuto - ok
15:35:52.0838 4976 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:35:52.0901 4976 Rasl2tp - ok
15:35:52.0948 4976 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:35:53.0026 4976 RasMan - ok
15:35:53.0041 4976 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:35:53.0135 4976 RasPppoe - ok
15:35:53.0150 4976 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:35:53.0228 4976 RasSstp - ok
15:35:53.0291 4976 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:35:53.0353 4976 rdbss - ok
15:35:53.0384 4976 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:35:53.0416 4976 rdpbus - ok
15:35:53.0447 4976 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:35:53.0509 4976 RDPCDD - ok
15:35:53.0540 4976 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:35:53.0618 4976 RDPENCDD - ok
15:35:53.0634 4976 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:35:53.0712 4976 RDPREFMP - ok
15:35:53.0728 4976 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:35:53.0774 4976 RDPWD - ok
15:35:53.0837 4976 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:35:53.0868 4976 rdyboost - ok
15:35:53.0884 4976 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:35:53.0962 4976 RemoteAccess - ok
15:35:53.0977 4976 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:35:54.0055 4976 RemoteRegistry - ok
15:35:54.0102 4976 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:35:54.0133 4976 RFCOMM - ok
15:35:54.0149 4976 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:35:54.0242 4976 RpcEptMapper - ok
15:35:54.0258 4976 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:35:54.0289 4976 RpcLocator - ok
15:35:54.0352 4976 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:35:54.0430 4976 RpcSs - ok
15:35:54.0445 4976 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:35:54.0523 4976 rspndr - ok
15:35:54.0554 4976 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:35:54.0586 4976 RTL8167 - ok
15:35:54.0664 4976 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\Windows\SysWOW64\drivers\rtport.sys
15:35:54.0679 4976 rtport - ok
15:35:54.0710 4976 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\Windows\system32\Drivers\SABI.sys
15:35:54.0726 4976 SABI - ok
15:35:54.0726 4976 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:35:54.0757 4976 SamSs - ok
15:35:54.0804 4976 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:35:54.0820 4976 sbp2port - ok
15:35:54.0866 4976 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:35:54.0960 4976 SCardSvr - ok
15:35:55.0007 4976 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:35:55.0069 4976 scfilter - ok
15:35:55.0132 4976 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:35:55.0225 4976 Schedule - ok
15:35:55.0272 4976 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:35:55.0334 4976 SCPolicySvc - ok
15:35:55.0381 4976 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:35:55.0412 4976 SDRSVC - ok
15:35:55.0428 4976 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:35:55.0506 4976 secdrv - ok
15:35:55.0553 4976 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:35:55.0615 4976 seclogon - ok
15:35:55.0646 4976 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:35:55.0724 4976 SENS - ok
15:35:55.0740 4976 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:35:55.0771 4976 SensrSvc - ok
15:35:55.0802 4976 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:35:55.0834 4976 Serenum - ok
15:35:55.0865 4976 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:35:55.0896 4976 Serial - ok
15:35:55.0943 4976 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:35:55.0974 4976 sermouse - ok
15:35:56.0036 4976 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:35:56.0114 4976 SessionEnv - ok
15:35:56.0146 4976 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:35:56.0177 4976 sffdisk - ok
15:35:56.0192 4976 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:35:56.0224 4976 sffp_mmc - ok
15:35:56.0239 4976 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:35:56.0270 4976 sffp_sd - ok
15:35:56.0302 4976 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:35:56.0317 4976 sfloppy - ok
15:35:56.0348 4976 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:35:56.0442 4976 SharedAccess - ok
15:35:56.0489 4976 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:35:56.0567 4976 ShellHWDetection - ok
15:35:56.0598 4976 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:35:56.0614 4976 SiSRaid2 - ok
15:35:56.0645 4976 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:35:56.0676 4976 SiSRaid4 - ok
15:35:56.0754 4976 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:35:56.0770 4976 SkypeUpdate - ok
15:35:56.0801 4976 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:35:56.0879 4976 Smb - ok
15:35:56.0926 4976 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:35:56.0972 4976 SNMPTRAP - ok
15:35:56.0988 4976 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:35:57.0004 4976 spldr - ok
15:35:57.0066 4976 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:35:57.0097 4976 Spooler - ok
15:35:57.0206 4976 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:35:57.0394 4976 sppsvc - ok
15:35:57.0409 4976 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:35:57.0487 4976 sppuinotify - ok
15:35:57.0550 4976 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:35:57.0581 4976 srv - ok
15:35:57.0596 4976 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:35:57.0643 4976 srv2 - ok
15:35:57.0690 4976 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:35:57.0737 4976 srvnet - ok
15:35:57.0768 4976 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:35:57.0846 4976 SSDPSRV - ok
15:35:57.0862 4976 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:35:57.0924 4976 SstpSvc - ok
15:35:57.0955 4976 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:35:57.0971 4976 stexstor - ok
15:35:58.0033 4976 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:35:58.0080 4976 stisvc - ok
15:35:58.0111 4976 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:35:58.0142 4976 swenum - ok
15:35:58.0252 4976 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:35:58.0298 4976 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:35:58.0298 4976 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:35:58.0345 4976 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:35:58.0439 4976 swprv - ok
15:35:58.0517 4976 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:35:58.0595 4976 SysMain - ok
15:35:58.0642 4976 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:35:58.0673 4976 TabletInputService - ok
15:35:58.0907 4976 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
15:35:59.0172 4976 TabletServicePen - ok
15:35:59.0266 4976 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:35:59.0344 4976 TapiSrv - ok
15:35:59.0359 4976 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:35:59.0437 4976 TBS - ok
15:35:59.0515 4976 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:35:59.0578 4976 Tcpip - ok
15:35:59.0624 4976 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:35:59.0702 4976 TCPIP6 - ok
15:35:59.0749 4976 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:35:59.0812 4976 tcpipreg - ok
15:35:59.0843 4976 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:35:59.0858 4976 TDPIPE - ok
15:35:59.0890 4976 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:35:59.0921 4976 TDTCP - ok
15:35:59.0952 4976 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:36:00.0046 4976 tdx - ok
15:36:00.0077 4976 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:36:00.0092 4976 TermDD - ok
15:36:00.0108 4976 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:36:00.0202 4976 TermService - ok
15:36:00.0233 4976 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:36:00.0280 4976 Themes - ok
15:36:00.0295 4976 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:36:00.0373 4976 THREADORDER - ok
15:36:00.0436 4976 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
15:36:00.0467 4976 TouchServicePen - ok
15:36:00.0498 4976 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:36:00.0576 4976 TrkWks - ok
15:36:00.0654 4976 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:00.0732 4976 TrustedInstaller - ok
15:36:00.0779 4976 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:00.0857 4976 tssecsrv - ok
15:36:00.0904 4976 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:36:00.0919 4976 TsUsbFlt - ok
15:36:00.0982 4976 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:36:01.0060 4976 tunnel - ok
15:36:01.0091 4976 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:36:01.0106 4976 TurboB - ok
15:36:01.0138 4976 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:36:01.0153 4976 TurboBoost - ok
15:36:01.0184 4976 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:36:01.0200 4976 uagp35 - ok
15:36:01.0247 4976 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:36:01.0325 4976 udfs - ok
15:36:01.0372 4976 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:36:01.0387 4976 UI0Detect - ok
15:36:01.0450 4976 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:36:01.0465 4976 uliagpkx - ok
15:36:01.0512 4976 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:36:01.0543 4976 umbus - ok
15:36:01.0559 4976 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:36:01.0606 4976 UmPass - ok
15:36:01.0621 4976 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:36:01.0715 4976 upnphost - ok
15:36:01.0746 4976 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:36:01.0762 4976 USBAAPL64 - ok
15:36:01.0824 4976 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:36:01.0855 4976 usbaudio - ok
15:36:01.0886 4976 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:36:01.0918 4976 usbccgp - ok
15:36:01.0980 4976 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:36:02.0011 4976 usbcir - ok
15:36:02.0027 4976 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:36:02.0058 4976 usbehci - ok
15:36:02.0089 4976 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:36:02.0136 4976 usbhub - ok
15:36:02.0167 4976 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:36:02.0198 4976 usbohci - ok
15:36:02.0245 4976 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:36:02.0276 4976 usbprint - ok
15:36:02.0323 4976 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:36:02.0354 4976 usbscan - ok
15:36:02.0370 4976 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:36:02.0417 4976 USBSTOR - ok
15:36:02.0432 4976 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:36:02.0464 4976 usbuhci - ok
15:36:02.0526 4976 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:36:02.0573 4976 usbvideo - ok
15:36:02.0604 4976 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:36:02.0666 4976 UxSms - ok
15:36:02.0682 4976 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:36:02.0698 4976 VaultSvc - ok
15:36:02.0776 4976 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:36:02.0791 4976 vdrvroot - ok
15:36:02.0854 4976 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:36:02.0947 4976 vds - ok
15:36:02.0978 4976 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:03.0010 4976 vga - ok
15:36:03.0025 4976 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:36:03.0103 4976 VgaSave - ok
15:36:03.0150 4976 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:36:03.0181 4976 vhdmp - ok
15:36:03.0228 4976 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:36:03.0244 4976 viaide - ok
15:36:03.0275 4976 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:36:03.0290 4976 volmgr - ok
15:36:03.0337 4976 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:36:03.0368 4976 volmgrx - ok
15:36:03.0400 4976 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:36:03.0415 4976 volsnap - ok
15:36:03.0462 4976 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:36:03.0478 4976 vsmraid - ok
15:36:03.0556 4976 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:36:03.0665 4976 VSS - ok
15:36:03.0680 4976 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:36:03.0712 4976 vwifibus - ok
15:36:03.0727 4976 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:36:03.0758 4976 vwififlt - ok
15:36:03.0805 4976 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:36:03.0883 4976 W32Time - ok
15:36:03.0946 4976 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
15:36:03.0961 4976 wacommousefilter - ok
15:36:03.0977 4976 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:36:03.0992 4976 WacomPen - ok
15:36:04.0055 4976 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
15:36:04.0070 4976 wacomvhid - ok
15:36:04.0133 4976 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:36:04.0211 4976 WANARP - ok
15:36:04.0211 4976 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:36:04.0273 4976 Wanarpv6 - ok
15:36:04.0336 4976 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:36:04.0398 4976 wbengine - ok
15:36:04.0414 4976 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:36:04.0460 4976 WbioSrvc - ok
15:36:04.0507 4976 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:36:04.0570 4976 wcncsvc - ok
15:36:04.0585 4976 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:36:04.0616 4976 WcsPlugInService - ok
15:36:04.0632 4976 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:36:04.0648 4976 Wd - ok
15:36:04.0679 4976 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:36:04.0726 4976 Wdf01000 - ok
15:36:04.0726 4976 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:36:04.0772 4976 WdiServiceHost - ok
15:36:04.0788 4976 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:36:04.0819 4976 WdiSystemHost - ok
15:36:04.0866 4976 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:36:04.0913 4976 WebClient - ok
15:36:04.0928 4976 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:36:05.0006 4976 Wecsvc - ok
15:36:05.0022 4976 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:36:05.0100 4976 wercplsupport - ok
15:36:05.0116 4976 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:36:05.0194 4976 WerSvc - ok
15:36:05.0225 4976 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:36:05.0287 4976 WfpLwf - ok
15:36:05.0303 4976 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:36:05.0318 4976 WIMMount - ok
15:36:05.0350 4976 WinDefend - ok
15:36:05.0350 4976 WinHttpAutoProxySvc - ok
15:36:05.0412 4976 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:36:05.0474 4976 Winmgmt - ok
15:36:05.0568 4976 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:36:05.0693 4976 WinRM - ok
15:36:05.0771 4976 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:36:05.0818 4976 WinUsb - ok
15:36:05.0864 4976 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:36:05.0927 4976 Wlansvc - ok
15:36:05.0974 4976 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:36:05.0989 4976 wlcrasvc - ok
15:36:06.0098 4976 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:36:06.0192 4976 wlidsvc - ok
15:36:06.0239 4976 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:36:06.0270 4976 WmiAcpi - ok
15:36:06.0301 4976 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:36:06.0332 4976 wmiApSrv - ok
15:36:06.0348 4976 WMPNetworkSvc - ok
15:36:06.0379 4976 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:36:06.0395 4976 WPCSvc - ok
15:36:06.0442 4976 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:36:06.0457 4976 WPDBusEnum - ok
15:36:06.0488 4976 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:36:06.0566 4976 ws2ifsl - ok
15:36:06.0582 4976 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:36:06.0613 4976 wscsvc - ok
15:36:06.0613 4976 WSearch - ok
15:36:06.0722 4976 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:36:06.0816 4976 wuauserv - ok
15:36:06.0847 4976 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:36:06.0910 4976 WudfPf - ok
15:36:06.0972 4976 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:36:07.0050 4976 WUDFRd - ok
15:36:07.0097 4976 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:36:07.0159 4976 wudfsvc - ok
15:36:07.0190 4976 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:36:07.0237 4976 WwanSvc - ok
15:36:07.0315 4976 [ E1E858AEF2ED420CBB7605D3ECCEC69A ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:36:07.0331 4976 yukonw7 - ok
15:36:07.0378 4976 ================ Scan global ===============================
15:36:07.0378 4976 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:36:07.0409 4976 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:36:07.0424 4976 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:36:07.0440 4976 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:36:07.0487 4976 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:36:07.0487 4976 [Global] - ok
15:36:07.0487 4976 ================ Scan MBR ==================================
15:36:07.0502 4976 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
15:36:07.0924 4976 \Device\Harddisk0\DR0 - ok
15:36:07.0924 4976 ================ Scan VBR ==================================
15:36:07.0939 4976 [ 98FA392A7F5F4A5EAE8D5AA6861452C8 ] \Device\Harddisk0\DR0\Partition1
15:36:07.0939 4976 \Device\Harddisk0\DR0\Partition1 - ok
15:36:07.0955 4976 [ 5D03D53EE8858B2C412D5F791E558890 ] \Device\Harddisk0\DR0\Partition2
15:36:07.0970 4976 \Device\Harddisk0\DR0\Partition2 - ok
15:36:07.0986 4976 [ 062BEC524833AB7AB2346E0F0B956E24 ] \Device\Harddisk0\DR0\Partition3
15:36:07.0986 4976 \Device\Harddisk0\DR0\Partition3 - ok
15:36:07.0986 4976 ============================================================
15:36:07.0986 4976 Scan finished
15:36:07.0986 4976 ============================================================
15:36:08.0017 4620 Detected object count: 2
15:36:08.0017 4620 Actual detected object count: 2
15:36:23.0243 4620 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:36:23.0243 4620 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:36:23.0243 4620 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:36:23.0243 4620 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.09.2012, 15:20
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine Rückmeldung Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.09.2012, 18:47
| #21 |
| | Langsamer PC, oft Keine RückmeldungCode:
ATTFilter ComboFix 12-09-12.03 - ****** 12.09.2012 19:34:57.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3946.2404 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-12 bis 2012-09-12 ))))))))))))))))))))))))))))))
.
.
2012-09-12 17:41 . 2012-09-12 17:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-12 17:41 . 2012-09-12 17:41 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD8FAF05-31B8-4D60-AC66-2BBF347E5FA5}\offreg.dll
2012-09-12 13:06 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-09-12 13:06 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-09-12 11:36 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 11:36 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 11:36 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 11:36 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 11:36 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 11:36 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 11:36 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 09:17 . 2012-09-12 09:17 -------- d-----w- C:\_OTL
2012-09-11 12:40 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD8FAF05-31B8-4D60-AC66-2BBF347E5FA5}\mpengine.dll
2012-09-09 21:56 . 2012-09-09 21:56 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-06 17:38 . 2012-09-08 01:20 -------- d-----w- c:\users\******\AppData\Roaming\Skype
2012-09-06 17:37 . 2012-09-06 17:37 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-06 17:37 . 2012-09-06 17:37 -------- d-----r- c:\program files (x86)\Skype
2012-09-05 17:13 . 2012-09-05 17:13 -------- d-----w- c:\program files (x86)\Runtime Software
2012-09-03 17:03 . 2012-09-03 17:03 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-03 17:03 . 2012-09-03 17:03 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-31 12:13 . 2012-08-31 12:13 -------- d-----w- c:\program files (x86)\PDFTK Builder
2012-08-31 11:58 . 2012-08-31 11:58 -------- d-----w- c:\program files (x86)\gs
2012-08-31 11:46 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2012-08-31 11:46 . 2012-07-29 11:59 96768 ----a-w- c:\windows\system32\pdfcmon.dll
2012-08-31 11:46 . 2012-08-31 11:46 -------- d-----w- c:\program files (x86)\PDFCreator
2012-08-31 11:46 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2012-08-31 11:46 . 1998-07-06 16:55 64512 ----a-w- c:\windows\SysWow64\MSCC2DE.DLL
2012-08-29 13:51 . 2012-08-29 13:51 -------- d-----w- c:\users\******\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2012-08-29 13:49 . 2012-08-29 13:49 -------- d-----w- c:\users\******\AppData\Roaming\Wacom
2012-08-29 13:49 . 2012-08-29 13:51 -------- d-----w- c:\programdata\Wacom
2012-08-29 13:49 . 2012-08-29 13:49 -------- d-----w- c:\program files (x86)\Bamboo Dock
2012-08-28 16:44 . 2012-08-28 16:44 -------- d-----w- c:\users\******\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-08-27 15:09 . 2012-08-27 15:09 -------- d-----w- c:\program files\7-Zip
2012-08-21 22:49 . 2012-08-21 22:49 -------- d-----w- c:\program files (x86)\ESET
2012-08-16 09:10 . 2012-08-29 01:49 -------- d-----w- c:\users\******\AppData\Roaming\KeePass
2012-08-16 09:03 . 2012-08-16 09:03 -------- d-----w- c:\program files (x86)\KeePass Password Safe 2
2012-08-15 12:01 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 11:46 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 11:46 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 11:46 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 11:46 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 11:46 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 11:46 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 11:46 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 11:46 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 11:46 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 11:46 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 11:46 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 11:46 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-12 13:07 . 2011-06-17 17:23 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-03 17:03 . 2012-06-18 11:06 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-03 17:03 . 2011-10-05 20:31 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-26 23:58 . 2012-04-07 01:38 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-26 23:58 . 2011-06-17 15:13 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-09 14:20 . 2012-08-09 14:20 711240 ----a-w- c:\windows\is-6BU9L.exe
2012-07-03 11:46 . 2011-11-05 17:27 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2011-01-06 3666944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-09-27 646232]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-31 116648]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-26 250568]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-31 116648]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-09 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-03-31 13824]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-07 203264]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-07-07 7195648]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 265728]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-01 136192]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-09-14 398112]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 36525540
*Deregistered* - 36525540
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 23:58]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-31 00:59]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-31 00:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-07 10144288]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.benwick.de/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ga61upru.default\
FF - prefs.js: browser.search.selectedEngine - YouTube-Videosuche
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{43B74FAB-FB58-447D-8D3A-5F638AF36FD1} - c:\programdata\{D423354A-E70D-49AC-B74E-9DB73BB8ACA3}\Netzmanager1.061.0003_110527a.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-12 19:44:07
ComboFix-quarantined-files.txt 2012-09-12 17:44
.
Vor Suchlauf: 11 Verzeichnis(se), 108.253.347.840 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 107.959.128.064 Bytes frei
.
- - End Of File - - 659EB4E31D0DA9C1505642BB8F8B2FF7
|
|
12.09.2012, 20:56
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine Rückmeldung Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.09.2012, 01:00
| #23 |
| | Langsamer PC, oft Keine Rückmeldung GMER Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-13 01:32:53
Windows 6.1.7601 Service Pack 1
Running: 81kuy7so.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001bb114b280
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001bb115d388
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001bb114b280 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001bb115d388 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 01:44:04 on 13.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\Windows\System32\DRIVERS\ewusbmdm.sys (File not found) "Huawei DataCard USB PNP Device" (hwusbdev) - ? - C:\Windows\System32\DRIVERS\ewusbdev.sys (File not found) "HUAWEI USB-NDIS miniport" (ewusbnet) - ? - C:\Windows\System32\DRIVERS\ewusbnet.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "PxHlpa64" (PxHlpa64) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHlpa64.sys "rtport" (rtport) - "Windows (R) 2003 DDK 3790 provider" - C:\Windows\SysWOW64\drivers\rtport.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL {F764812A-132C-4013-9960-5CBBEB408A0E} "NeroShellExt Class" - "Nero AG" - C:\Program Files (x86)\Common Files\Nero\NeroShellExt\NeroShellExt.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~2\SPYBOT~1\SDHelper.dll "ICQ7.5" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.5\ICQ.exe {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Contribute Toolbar" - "Adobe Systems, Inc." - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {074C1DC5-9320-4A9A-947D-C042949C6216} "ContributeBHO Class" - "Adobe Systems, Inc." - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~2\SPYBOT~1\SDHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Rainlendar2" - ? - C:\Program Files\Rainlendar2\Rainlendar2.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "BambooCore" - ? - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "pdfcmon" - "pdfforge GbR" - C:\Windows\system32\pdfcmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200" (NAUpdate) - "Nero AG" - C:\Program Files (x86)\Nero\Update\NASvc.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "BrYNSvc" (BrYNSvc) - "Brother Industries, Ltd." - C:\Program Files (x86)\Browny02\BrYNSvc.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Updater Service" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "Intel(R) Turbo Boost Technology Monitor" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "TabletServicePen" (TabletServicePen) - "Wacom Technology, Corp." - C:\Program Files\Tablet\Pen\Pen_Tablet.exe "Wacom Consumer Touch Service" (TouchServicePen) - "Wacom Technology, Corp." - C:\Program Files\Tablet\Pen\Pen_TouchService.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-13 01:51:05
-----------------------------
01:51:05.198 OS Version: Windows x64 6.1.7601 Service Pack 1
01:51:05.198 Number of processors: 4 586 0x2505
01:51:05.198 ComputerName: BIGT UserName:
01:51:06.243 Initialize success
01:51:16.992 AVAST engine defs: 12091201
01:51:27.615 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:51:27.631 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
01:51:27.662 Disk 0 MBR read successfully
01:51:27.662 Disk 0 MBR scan
01:51:27.678 Disk 0 unknown MBR code
01:51:27.678 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 20480 MB offset 2048
01:51:27.709 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 41945088
01:51:27.724 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 251904 MB offset 42149888
01:51:27.740 Disk 0 Partition - 00 0F Extended LBA 204454 MB offset 558049280
01:51:27.787 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 204453 MB offset 558051328
01:51:27.834 Disk 0 scanning C:\Windows\system32\drivers
01:51:45.446 Service scanning
01:52:21.498 Modules scanning
01:52:22.013 Disk 0 trace - called modules:
01:52:22.044 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
01:52:22.044 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045e1060]
01:52:22.059 3 CLASSPNP.SYS[fffff88001b3943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004332050]
01:52:22.059 Scan finished successfully
01:53:20.793 Disk 0 MBR has been saved successfully to "C:\Users\******\Desktop\MBR.dat"
01:53:20.809 The log file has been saved successfully to "C:\Users\******\Desktop\aswMBR.txt"
|
|
13.09.2012, 15:55
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine Rückmeldung Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.10.2012, 16:38
| #25 |
| | Langsamer PC, oft Keine RückmeldungCode:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-02 17:34:38
-----------------------------
17:34:38.635 OS Version: Windows x64 6.1.7601 Service Pack 1
17:34:38.635 Number of processors: 4 586 0x2505
17:34:38.635 ComputerName: BIGT UserName:
17:34:39.259 Initialize success
17:34:44.688 AVAST engine defs: 12100200
17:35:20.461 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:35:20.476 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
17:35:20.492 Disk 0 MBR read successfully
17:35:20.492 Disk 0 MBR scan
17:35:20.507 Disk 0 Windows 7 default MBR code
17:35:20.507 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 20480 MB offset 2048
17:35:20.539 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 41945088
17:35:20.554 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 251904 MB offset 42149888
17:35:20.554 Disk 0 Partition - 00 0F Extended LBA 204454 MB offset 558049280
17:35:20.585 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 204453 MB offset 558051328
17:35:20.632 Disk 0 scanning C:\Windows\system32\drivers
17:35:35.764 Service scanning
17:36:09.398 Modules scanning
17:36:09.913 Disk 0 trace - called modules:
17:36:09.944 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:36:09.944 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045fe060]
17:36:09.960 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80043a4050]
17:36:09.960 Scan finished successfully
17:37:02.135 Disk 0 MBR has been saved successfully to "C:\Users\******\Desktop\MBR.dat"
17:37:02.135 The log file has been saved successfully to "C:\Users\******\Desktop\aswMBR.txt"
|
|
02.10.2012, 19:40
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine Rückmeldung Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.10.2012, 08:39
| #27 |
| | Langsamer PC, oft Keine RückmeldungCode:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.07.13 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ****** :: BIGT [Administrator] 03.10.2012 09:32:10 mbam-log-2012-10-03 (13-02-43).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 524161 Laufzeit: 3 Stunde(n), 9 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/03/2012 at 02:34 PM
Application Version : 5.5.1022
Core Rules Database Version : 9328
Trace Rules Database Version: 7140
Scan type : Complete Scan
Total Scan Time : 05:00:55
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 728
Memory threats detected : 0
Registry items scanned : 67671
Registry threats detected : 0
File items scanned : 319577
File threats detected : 59
Adware.Tracking Cookie
ia.media-imdb.com [ C:\USERS\******\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JNV2QASU ]
accounts.youtube.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
server.lon.liveperson.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.counter.inkfrog.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.kqv.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.dailymotionpoc.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
|
|
04.10.2012, 09:32
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine RückmeldungCode:
ATTFilter UAC On - Limited User
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 09:22
| #29 |
| | Langsamer PC, oft Keine Rückmeldung Oh sorry, habe ich ganz vergessen: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/06/2012 at 05:37 PM
Application Version : 5.5.1022
Core Rules Database Version : 9292
Trace Rules Database Version: 7104
Scan type : Complete Scan
Total Scan Time : 04:11:52
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 807
Memory threats detected : 0
Registry items scanned : 67920
Registry threats detected : 0
File items scanned : 325551
File threats detected : 63
Adware.Tracking Cookie
ia.media-imdb.com [ C:\USERS\******\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JNV2QASU ]
media.kyte.tv [ C:\USERS\******\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JNV2QASU ]
accounts.youtube.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
server.lon.liveperson.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.counter.inkfrog.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.kqv.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.dailymotionpoc.112.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
www.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GA61UPRU.DEFAULT\COOKIES.SQLITE ]
|
|
08.10.2012, 12:52
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Langsamer PC, oft Keine Rückmeldung Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Langsamer PC, oft Keine Rückmeldung |
| acrobat update, antivir, audacity, avira, bho, bonjour, browser, converter, cubase, desktop, document, error, festplatte, firefox, flash player, google, google earth, hijack, hijackthis, home, install.exe, jdownloader, langsam, locker, logfile, mp3, plug-in, realtek, registry, safer networking, security, senden, sketchup, software, svchost.exe, windows, wscript.exe, zugemüllt |
Linear-Darstellung
