| |
| |||||||
Log-Analyse und Auswertung: Laptop stürzt immer plötzlich abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.09.2012, 11:58
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Laptop stürzt immer plötzlich ab Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.09.2012, 12:51
| #17 |
 | Laptop stürzt immer plötzlich abCode:
ATTFilter 13:49:53.0984 2856 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:49:54.0140 2856 ============================================================
13:49:54.0140 2856 Current date / time: 2012/09/01 13:49:54.0140
13:49:54.0140 2856 SystemInfo:
13:49:54.0140 2856
13:49:54.0140 2856 OS Version: 6.1.7601 ServicePack: 1.0
13:49:54.0140 2856 Product type: Workstation
13:49:54.0140 2856 ComputerName: FERDI-PC
13:49:54.0140 2856 UserName: Ferdi
13:49:54.0140 2856 Windows directory: C:\Windows
13:49:54.0140 2856 System windows directory: C:\Windows
13:49:54.0140 2856 Running under WOW64
13:49:54.0140 2856 Processor architecture: Intel x64
13:49:54.0140 2856 Number of processors: 4
13:49:54.0140 2856 Page size: 0x1000
13:49:54.0140 2856 Boot type: Normal boot
13:49:54.0140 2856 ============================================================
13:49:55.0856 2856 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:49:55.0856 2856 ============================================================
13:49:55.0856 2856 \Device\Harddisk0\DR0:
13:49:55.0856 2856 MBR partitions:
13:49:55.0856 2856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
13:49:55.0856 2856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x38BE3030
13:49:55.0856 2856 ============================================================
13:49:55.0887 2856 C: <-> \Device\Harddisk0\DR0\Partition2
13:49:55.0887 2856 ============================================================
13:49:55.0887 2856 Initialize success
13:49:55.0887 2856 ============================================================
13:50:37.0416 4876 ============================================================
13:50:37.0416 4876 Scan started
13:50:37.0416 4876 Mode: Manual; SigCheck; TDLFS;
13:50:37.0416 4876 ============================================================
13:50:38.0446 4876 ================ Scan services =============================
13:50:38.0664 4876 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:50:38.0820 4876 1394ohci - ok
13:50:38.0867 4876 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:50:38.0898 4876 ACPI - ok
13:50:38.0945 4876 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:50:39.0023 4876 AcpiPmi - ok
13:50:39.0101 4876 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:50:39.0132 4876 adp94xx - ok
13:50:39.0210 4876 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:50:39.0242 4876 adpahci - ok
13:50:39.0288 4876 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:50:39.0304 4876 adpu320 - ok
13:50:39.0335 4876 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:50:39.0476 4876 AeLookupSvc - ok
13:50:39.0522 4876 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:50:39.0600 4876 AFD - ok
13:50:39.0663 4876 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
13:50:39.0725 4876 AgereModemAudio - ok
13:50:39.0788 4876 [ A6AB6F0ACE87DA76B4C401813D18BE95 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
13:50:39.0834 4876 AgereSoftModem - ok
13:50:39.0881 4876 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:50:39.0897 4876 agp440 - ok
13:50:39.0928 4876 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:50:39.0990 4876 ALG - ok
13:50:40.0053 4876 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:50:40.0084 4876 aliide - ok
13:50:40.0100 4876 [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:50:40.0178 4876 AMD External Events Utility - ok
13:50:40.0240 4876 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:50:40.0271 4876 amdide - ok
13:50:40.0287 4876 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:50:40.0334 4876 AmdK8 - ok
13:50:40.0365 4876 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:50:40.0396 4876 AmdPPM - ok
13:50:40.0427 4876 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:50:40.0443 4876 amdsata - ok
13:50:40.0474 4876 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:50:40.0490 4876 amdsbs - ok
13:50:40.0521 4876 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:50:40.0536 4876 amdxata - ok
13:50:40.0583 4876 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
13:50:40.0646 4876 AmUStor - ok
13:50:40.0739 4876 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:50:40.0755 4876 AntiVirSchedulerService - ok
13:50:40.0817 4876 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:50:40.0833 4876 AntiVirService - ok
13:50:40.0880 4876 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:50:41.0051 4876 AppID - ok
13:50:41.0067 4876 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:50:41.0145 4876 AppIDSvc - ok
13:50:41.0192 4876 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:50:41.0254 4876 Appinfo - ok
13:50:41.0332 4876 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:50:41.0363 4876 Apple Mobile Device - ok
13:50:41.0379 4876 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:50:41.0394 4876 arc - ok
13:50:41.0410 4876 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:50:41.0410 4876 arcsas - ok
13:50:41.0472 4876 ArcSec - ok
13:50:41.0488 4876 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:50:41.0566 4876 AsyncMac - ok
13:50:41.0613 4876 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:50:41.0628 4876 atapi - ok
13:50:41.0675 4876 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:50:41.0753 4876 athr - ok
13:50:41.0894 4876 [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:50:42.0096 4876 atikmdag - ok
13:50:42.0143 4876 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:50:42.0237 4876 AudioEndpointBuilder - ok
13:50:42.0252 4876 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:50:42.0299 4876 AudioSrv - ok
13:50:42.0346 4876 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:50:42.0377 4876 avgntflt - ok
13:50:42.0408 4876 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:50:42.0424 4876 avipbb - ok
13:50:42.0440 4876 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:50:42.0455 4876 avkmgr - ok
13:50:42.0486 4876 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:50:42.0627 4876 AxInstSV - ok
13:50:42.0674 4876 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:50:42.0720 4876 b06bdrv - ok
13:50:42.0767 4876 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:50:42.0798 4876 b57nd60a - ok
13:50:42.0861 4876 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:50:42.0970 4876 BCM43XX - ok
13:50:43.0001 4876 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:50:43.0095 4876 BDESVC - ok
13:50:43.0110 4876 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:50:43.0188 4876 Beep - ok
13:50:43.0266 4876 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:50:43.0360 4876 BFE - ok
13:50:43.0407 4876 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:50:43.0485 4876 BITS - ok
13:50:43.0516 4876 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:50:43.0547 4876 blbdrive - ok
13:50:43.0672 4876 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:50:43.0703 4876 Bonjour Service - ok
13:50:43.0734 4876 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:50:43.0781 4876 bowser - ok
13:50:43.0812 4876 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:50:43.0859 4876 BrFiltLo - ok
13:50:43.0890 4876 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:50:43.0906 4876 BrFiltUp - ok
13:50:43.0937 4876 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:50:44.0000 4876 Browser - ok
13:50:44.0031 4876 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:50:44.0093 4876 Brserid - ok
13:50:44.0124 4876 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:50:44.0156 4876 BrSerWdm - ok
13:50:44.0171 4876 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:50:44.0234 4876 BrUsbMdm - ok
13:50:44.0249 4876 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:50:44.0296 4876 BrUsbSer - ok
13:50:44.0327 4876 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:50:44.0374 4876 BTHMODEM - ok
13:50:44.0421 4876 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:50:44.0499 4876 bthserv - ok
13:50:44.0530 4876 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:50:44.0592 4876 cdfs - ok
13:50:44.0655 4876 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:50:44.0686 4876 cdrom - ok
13:50:44.0733 4876 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:50:44.0795 4876 CertPropSvc - ok
13:50:44.0842 4876 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:50:44.0873 4876 circlass - ok
13:50:44.0904 4876 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:50:44.0936 4876 CLFS - ok
13:50:45.0045 4876 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_DB37F995 C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe
13:50:45.0060 4876 CLKMSVC10_DB37F995 - ok
13:50:45.0123 4876 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:50:45.0138 4876 clr_optimization_v2.0.50727_32 - ok
13:50:45.0170 4876 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:50:45.0185 4876 clr_optimization_v2.0.50727_64 - ok
13:50:45.0263 4876 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:50:45.0294 4876 clr_optimization_v4.0.30319_32 - ok
13:50:45.0357 4876 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:50:45.0372 4876 clr_optimization_v4.0.30319_64 - ok
13:50:45.0404 4876 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:50:45.0450 4876 CmBatt - ok
13:50:45.0466 4876 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:50:45.0482 4876 cmdide - ok
13:50:45.0513 4876 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:50:45.0528 4876 CNG - ok
13:50:45.0560 4876 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:50:45.0575 4876 Compbatt - ok
13:50:45.0606 4876 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:50:45.0653 4876 CompositeBus - ok
13:50:45.0669 4876 COMSysApp - ok
13:50:45.0700 4876 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:50:45.0716 4876 crcdisk - ok
13:50:45.0747 4876 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:50:45.0809 4876 CryptSvc - ok
13:50:45.0840 4876 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:50:45.0934 4876 DcomLaunch - ok
13:50:45.0965 4876 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:50:46.0059 4876 defragsvc - ok
13:50:46.0090 4876 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:50:46.0168 4876 DfsC - ok
13:50:46.0199 4876 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:50:46.0262 4876 Dhcp - ok
13:50:46.0293 4876 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:50:46.0324 4876 discache - ok
13:50:46.0371 4876 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:50:46.0386 4876 Disk - ok
13:50:46.0464 4876 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
13:50:46.0480 4876 DKbFltr - ok
13:50:46.0511 4876 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:50:46.0558 4876 Dnscache - ok
13:50:46.0589 4876 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:50:46.0667 4876 dot3svc - ok
13:50:46.0698 4876 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:50:46.0745 4876 DPS - ok
13:50:46.0776 4876 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:50:46.0808 4876 drmkaud - ok
13:50:46.0854 4876 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:50:46.0886 4876 DXGKrnl - ok
13:50:46.0932 4876 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:50:46.0995 4876 EapHost - ok
13:50:47.0104 4876 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:50:47.0229 4876 ebdrv - ok
13:50:47.0276 4876 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:50:47.0322 4876 EFS - ok
13:50:47.0385 4876 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:50:47.0463 4876 ehRecvr - ok
13:50:47.0478 4876 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:50:47.0556 4876 ehSched - ok
13:50:47.0619 4876 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:50:47.0650 4876 elxstor - ok
13:50:47.0728 4876 [ FB67AA8AC61B9365ADD546139A21BED6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
13:50:47.0759 4876 ePowerSvc - ok
13:50:47.0822 4876 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
13:50:47.0853 4876 EPSON_EB_RPCV4_01 - ok
13:50:47.0884 4876 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
13:50:47.0915 4876 EPSON_PM_RPCV4_01 - ok
13:50:47.0946 4876 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:50:47.0978 4876 ErrDev - ok
13:50:48.0040 4876 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:50:48.0118 4876 EventSystem - ok
13:50:48.0134 4876 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:50:48.0212 4876 exfat - ok
13:50:48.0227 4876 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:50:48.0274 4876 fastfat - ok
13:50:48.0321 4876 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:50:48.0368 4876 Fax - ok
13:50:48.0399 4876 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:50:48.0430 4876 fdc - ok
13:50:48.0477 4876 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:50:48.0539 4876 fdPHost - ok
13:50:48.0555 4876 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:50:48.0633 4876 FDResPub - ok
13:50:48.0664 4876 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:50:48.0664 4876 FileInfo - ok
13:50:48.0680 4876 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:50:48.0773 4876 Filetrace - ok
13:50:48.0789 4876 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:50:48.0820 4876 flpydisk - ok
13:50:48.0867 4876 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:50:48.0882 4876 FltMgr - ok
13:50:48.0929 4876 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:50:48.0992 4876 FontCache - ok
13:50:49.0038 4876 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:50:49.0054 4876 FontCache3.0.0.0 - ok
13:50:49.0085 4876 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:50:49.0101 4876 FsDepends - ok
13:50:49.0148 4876 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:50:49.0163 4876 Fs_Rec - ok
13:50:49.0194 4876 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:50:49.0226 4876 fvevol - ok
13:50:49.0241 4876 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:50:49.0257 4876 gagp30kx - ok
13:50:49.0272 4876 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:50:49.0288 4876 GEARAspiWDM - ok
13:50:49.0319 4876 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:50:49.0397 4876 gpsvc - ok
13:50:49.0460 4876 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
13:50:49.0506 4876 Greg_Service - ok
13:50:49.0616 4876 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:50:49.0631 4876 gupdate - ok
13:50:49.0662 4876 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:50:49.0678 4876 gupdatem - ok
13:50:49.0709 4876 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:50:49.0709 4876 gusvc - ok
13:50:49.0756 4876 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:50:49.0787 4876 hcw85cir - ok
13:50:49.0834 4876 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:50:49.0865 4876 HdAudAddService - ok
13:50:49.0896 4876 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:50:49.0928 4876 HDAudBus - ok
13:50:49.0959 4876 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:50:49.0974 4876 HECIx64 - ok
13:50:49.0990 4876 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:50:50.0021 4876 HidBatt - ok
13:50:50.0037 4876 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:50:50.0084 4876 HidBth - ok
13:50:50.0115 4876 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:50:50.0146 4876 HidIr - ok
13:50:50.0177 4876 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:50:50.0240 4876 hidserv - ok
13:50:50.0286 4876 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:50:50.0318 4876 HidUsb - ok
13:50:50.0349 4876 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:50:50.0427 4876 hkmsvc - ok
13:50:50.0474 4876 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:50:50.0536 4876 HomeGroupListener - ok
13:50:50.0567 4876 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:50:50.0598 4876 HomeGroupProvider - ok
13:50:50.0630 4876 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:50:50.0645 4876 HpSAMD - ok
13:50:50.0708 4876 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:50:50.0786 4876 HTTP - ok
13:50:50.0817 4876 hwdatacard - ok
13:50:50.0864 4876 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:50:50.0879 4876 hwpolicy - ok
13:50:50.0942 4876 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:50:50.0942 4876 i8042prt - ok
13:50:51.0020 4876 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:50:51.0035 4876 IAANTMON - ok
13:50:51.0082 4876 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:50:51.0113 4876 iaStor - ok
13:50:51.0176 4876 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:50:51.0207 4876 iaStorV - ok
13:50:51.0300 4876 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:50:51.0347 4876 idsvc - ok
13:50:52.0002 4876 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:50:52.0205 4876 igfx - ok
13:50:52.0268 4876 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:50:52.0268 4876 iirsp - ok
13:50:52.0346 4876 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:50:52.0424 4876 IKEEXT - ok
13:50:52.0470 4876 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
13:50:52.0502 4876 Impcd - ok
13:50:52.0626 4876 [ 42943BB3AB7A405B30EFF7C8283CC129 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:50:52.0673 4876 IntcAzAudAddService - ok
13:50:52.0736 4876 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:50:52.0767 4876 intelide - ok
13:50:52.0829 4876 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:50:52.0860 4876 intelppm - ok
13:50:52.0923 4876 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:50:52.0970 4876 IPBusEnum - ok
13:50:53.0016 4876 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:50:53.0048 4876 IpFilterDriver - ok
13:50:53.0079 4876 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:50:53.0157 4876 iphlpsvc - ok
13:50:53.0204 4876 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:50:53.0250 4876 IPMIDRV - ok
13:50:53.0282 4876 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:50:53.0344 4876 IPNAT - ok
13:50:53.0500 4876 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:50:53.0562 4876 iPod Service - ok
13:50:53.0594 4876 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:50:53.0625 4876 IRENUM - ok
13:50:53.0656 4876 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:50:53.0656 4876 isapnp - ok
13:50:53.0672 4876 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:50:53.0687 4876 iScsiPrt - ok
13:50:53.0734 4876 [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
13:50:53.0750 4876 k57nd60a - ok
13:50:53.0765 4876 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:50:53.0781 4876 kbdclass - ok
13:50:53.0796 4876 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:50:53.0812 4876 kbdhid - ok
13:50:53.0828 4876 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:50:53.0843 4876 KeyIso - ok
13:50:53.0874 4876 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:50:53.0890 4876 KSecDD - ok
13:50:53.0937 4876 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:50:53.0968 4876 KSecPkg - ok
13:50:53.0999 4876 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:50:54.0077 4876 ksthunk - ok
13:50:54.0124 4876 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:50:54.0233 4876 KtmRm - ok
13:50:54.0280 4876 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
13:50:54.0342 4876 L1E - ok
13:50:54.0389 4876 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:50:54.0467 4876 LanmanServer - ok
13:50:54.0514 4876 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:50:54.0592 4876 LanmanWorkstation - ok
13:50:54.0639 4876 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:50:54.0732 4876 lltdio - ok
13:50:54.0795 4876 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:50:54.0857 4876 lltdsvc - ok
13:50:54.0888 4876 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:50:54.0935 4876 lmhosts - ok
13:50:55.0029 4876 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:50:55.0044 4876 LMS - ok
13:50:55.0107 4876 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:50:55.0122 4876 LSI_FC - ok
13:50:55.0138 4876 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:50:55.0154 4876 LSI_SAS - ok
13:50:55.0169 4876 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:50:55.0169 4876 LSI_SAS2 - ok
13:50:55.0185 4876 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:50:55.0200 4876 LSI_SCSI - ok
13:50:55.0216 4876 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:50:55.0263 4876 luafv - ok
13:50:55.0325 4876 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:50:55.0341 4876 MBAMProtector - ok
13:50:55.0481 4876 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:50:55.0512 4876 MBAMService - ok
13:50:55.0544 4876 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:50:55.0622 4876 Mcx2Svc - ok
13:50:55.0637 4876 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:50:55.0668 4876 megasas - ok
13:50:55.0700 4876 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:50:55.0731 4876 MegaSR - ok
13:50:55.0824 4876 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:50:55.0871 4876 Microsoft Office Groove Audit Service - ok
13:50:55.0918 4876 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:50:55.0996 4876 MMCSS - ok
13:50:56.0043 4876 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:50:56.0121 4876 Modem - ok
13:50:56.0152 4876 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:50:56.0199 4876 monitor - ok
13:50:56.0230 4876 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:50:56.0246 4876 mouclass - ok
13:50:56.0261 4876 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:50:56.0292 4876 mouhid - ok
13:50:56.0324 4876 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:50:56.0339 4876 mountmgr - ok
13:50:56.0433 4876 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:50:56.0448 4876 MozillaMaintenance - ok
13:50:56.0511 4876 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:50:56.0542 4876 mpio - ok
13:50:56.0573 4876 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:50:56.0620 4876 mpsdrv - ok
13:50:56.0729 4876 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:50:56.0838 4876 MpsSvc - ok
13:50:56.0885 4876 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:50:56.0932 4876 MRxDAV - ok
13:50:56.0994 4876 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:50:57.0072 4876 mrxsmb - ok
13:50:57.0104 4876 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:50:57.0150 4876 mrxsmb10 - ok
13:50:57.0166 4876 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:50:57.0197 4876 mrxsmb20 - ok
13:50:57.0244 4876 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:50:57.0260 4876 msahci - ok
13:50:57.0275 4876 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:50:57.0291 4876 msdsm - ok
13:50:57.0338 4876 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:50:57.0400 4876 MSDTC - ok
13:50:57.0431 4876 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:50:57.0478 4876 Msfs - ok
13:50:57.0494 4876 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:50:57.0540 4876 mshidkmdf - ok
13:50:57.0572 4876 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:50:57.0587 4876 msisadrv - ok
13:50:57.0650 4876 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:50:57.0743 4876 MSiSCSI - ok
13:50:57.0743 4876 msiserver - ok
13:50:57.0790 4876 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:50:57.0821 4876 MSKSSRV - ok
13:50:57.0868 4876 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:50:57.0977 4876 MSPCLOCK - ok
13:50:58.0024 4876 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:50:58.0086 4876 MSPQM - ok
13:50:58.0289 4876 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:50:58.0336 4876 MsRPC - ok
13:50:58.0383 4876 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:50:58.0383 4876 mssmbios - ok
13:50:58.0445 4876 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:50:58.0508 4876 MSTEE - ok
13:50:58.0523 4876 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:50:58.0570 4876 MTConfig - ok
13:50:58.0601 4876 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:50:58.0632 4876 Mup - ok
13:50:58.0679 4876 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
13:50:58.0695 4876 mwlPSDFilter - ok
13:50:58.0742 4876 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
13:50:58.0757 4876 mwlPSDNServ - ok
13:50:58.0773 4876 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
13:50:58.0788 4876 mwlPSDVDisk - ok
13:50:58.0882 4876 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
13:50:58.0913 4876 MWLService - ok
13:50:59.0007 4876 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:50:59.0100 4876 napagent - ok
13:50:59.0147 4876 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:50:59.0194 4876 NativeWifiP - ok
13:50:59.0241 4876 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:50:59.0272 4876 NDIS - ok
13:50:59.0303 4876 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:50:59.0381 4876 NdisCap - ok
13:50:59.0428 4876 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:50:59.0537 4876 NdisTapi - ok
13:50:59.0631 4876 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:50:59.0693 4876 Ndisuio - ok
13:50:59.0740 4876 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:50:59.0802 4876 NdisWan - ok
13:50:59.0849 4876 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:50:59.0943 4876 NDProxy - ok
13:50:59.0990 4876 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
13:51:00.0021 4876 Netaapl - ok
13:51:00.0052 4876 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:51:00.0130 4876 NetBIOS - ok
13:51:00.0208 4876 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:51:00.0286 4876 NetBT - ok
13:51:00.0317 4876 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:51:00.0333 4876 Netlogon - ok
13:51:00.0364 4876 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:51:00.0426 4876 Netman - ok
13:51:00.0458 4876 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:51:00.0536 4876 netprofm - ok
13:51:00.0567 4876 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:51:00.0598 4876 NetTcpPortSharing - ok
13:51:00.0614 4876 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:51:00.0629 4876 nfrd960 - ok
13:51:00.0676 4876 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:51:00.0754 4876 NlaSvc - ok
13:51:00.0785 4876 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:51:00.0848 4876 Npfs - ok
13:51:00.0910 4876 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:51:00.0972 4876 nsi - ok
13:51:00.0988 4876 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:51:01.0066 4876 nsiproxy - ok
13:51:01.0144 4876 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:51:01.0206 4876 Ntfs - ok
13:51:01.0300 4876 [ 14E66F603FB187713AEB02AD3B0390CF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
13:51:01.0316 4876 NTI IScheduleSvc - ok
13:51:01.0394 4876 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
13:51:01.0394 4876 NTIBackupSvc - ok
13:51:01.0440 4876 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
13:51:01.0456 4876 NTIDrvr - ok
13:51:01.0487 4876 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
13:51:01.0581 4876 NTISchedulerSvc - ok
13:51:01.0612 4876 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:51:01.0659 4876 Null - ok
13:51:01.0706 4876 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:51:01.0737 4876 nvraid - ok
13:51:01.0768 4876 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:51:01.0768 4876 nvstor - ok
13:51:01.0784 4876 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:51:01.0799 4876 nv_agp - ok
13:51:01.0986 4876 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:51:02.0018 4876 odserv - ok
13:51:02.0064 4876 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:51:02.0111 4876 ohci1394 - ok
13:51:02.0158 4876 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:51:02.0174 4876 ose - ok
13:51:02.0220 4876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:51:02.0283 4876 p2pimsvc - ok
13:51:02.0330 4876 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:51:02.0361 4876 p2psvc - ok
13:51:02.0392 4876 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:51:02.0408 4876 Parport - ok
13:51:02.0454 4876 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:51:02.0470 4876 partmgr - ok
13:51:02.0501 4876 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:51:02.0564 4876 PcaSvc - ok
13:51:02.0595 4876 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:51:02.0610 4876 pci - ok
13:51:02.0626 4876 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:51:02.0626 4876 pciide - ok
13:51:02.0673 4876 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:51:02.0720 4876 pcmcia - ok
13:51:02.0720 4876 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:51:02.0735 4876 pcw - ok
13:51:02.0766 4876 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:51:02.0829 4876 PEAUTH - ok
13:51:02.0938 4876 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:51:02.0985 4876 PerfHost - ok
13:51:03.0125 4876 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:51:03.0250 4876 pla - ok
13:51:03.0390 4876 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:51:03.0437 4876 PlugPlay - ok
13:51:03.0453 4876 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:51:03.0531 4876 PNRPAutoReg - ok
13:51:03.0578 4876 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:51:03.0593 4876 PNRPsvc - ok
13:51:03.0734 4876 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:51:03.0812 4876 PolicyAgent - ok
13:51:03.0890 4876 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:51:03.0968 4876 Power - ok
13:51:04.0046 4876 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:51:04.0108 4876 PptpMiniport - ok
13:51:04.0139 4876 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:51:04.0202 4876 Processor - ok
13:51:04.0248 4876 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:51:04.0326 4876 ProfSvc - ok
13:51:04.0326 4876 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:51:04.0342 4876 ProtectedStorage - ok
13:51:04.0389 4876 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:51:04.0467 4876 Psched - ok
13:51:04.0638 4876 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:51:04.0716 4876 ql2300 - ok
13:51:04.0748 4876 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:51:04.0779 4876 ql40xx - ok
13:51:04.0826 4876 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:51:04.0872 4876 QWAVE - ok
13:51:04.0888 4876 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:51:04.0935 4876 QWAVEdrv - ok
13:51:04.0966 4876 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:51:05.0044 4876 RasAcd - ok
13:51:05.0075 4876 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:51:05.0138 4876 RasAgileVpn - ok
13:51:05.0184 4876 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:51:05.0231 4876 RasAuto - ok
13:51:05.0262 4876 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:51:05.0356 4876 Rasl2tp - ok
13:51:05.0418 4876 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:51:05.0512 4876 RasMan - ok
13:51:05.0543 4876 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:51:05.0606 4876 RasPppoe - ok
13:51:05.0637 4876 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:51:05.0684 4876 RasSstp - ok
13:51:05.0762 4876 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:51:05.0871 4876 rdbss - ok
13:51:05.0902 4876 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:51:05.0964 4876 rdpbus - ok
13:51:05.0996 4876 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:51:06.0058 4876 RDPCDD - ok
13:51:06.0074 4876 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:51:06.0120 4876 RDPENCDD - ok
13:51:06.0152 4876 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:51:06.0183 4876 RDPREFMP - ok
13:51:06.0245 4876 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:51:06.0323 4876 RDPWD - ok
13:51:06.0354 4876 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:51:06.0386 4876 rdyboost - ok
13:51:06.0417 4876 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:51:06.0495 4876 RemoteAccess - ok
13:51:06.0526 4876 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:51:06.0573 4876 RemoteRegistry - ok
13:51:06.0588 4876 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:51:06.0635 4876 RpcEptMapper - ok
13:51:06.0666 4876 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:51:06.0698 4876 RpcLocator - ok
13:51:06.0760 4876 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:51:06.0822 4876 RpcSs - ok
13:51:06.0854 4876 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:51:06.0900 4876 rspndr - ok
13:51:06.0947 4876 [ B5A4B7D779CF4070DF408DE18BD33B02 ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
13:51:06.0963 4876 RS_Service ( UnsignedFile.Multi.Generic ) - warning
13:51:06.0963 4876 RS_Service - detected UnsignedFile.Multi.Generic (1)
13:51:07.0010 4876 [ 7421A35C45484B95E83B5E9E107CEFC2 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
13:51:07.0025 4876 RTHDMIAzAudService - ok
13:51:07.0056 4876 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:51:07.0072 4876 SamSs - ok
13:51:07.0119 4876 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:51:07.0166 4876 sbp2port - ok
13:51:07.0197 4876 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:51:07.0259 4876 SCardSvr - ok
13:51:07.0306 4876 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:51:07.0353 4876 scfilter - ok
13:51:07.0524 4876 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:51:07.0587 4876 Schedule - ok
13:51:07.0634 4876 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:51:07.0680 4876 SCPolicySvc - ok
13:51:07.0712 4876 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:51:07.0790 4876 SDRSVC - ok
13:51:07.0821 4876 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:51:07.0883 4876 secdrv - ok
13:51:07.0914 4876 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:51:08.0008 4876 seclogon - ok
13:51:08.0055 4876 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:51:08.0117 4876 SENS - ok
13:51:08.0164 4876 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:51:08.0242 4876 SensrSvc - ok
13:51:08.0273 4876 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:51:08.0320 4876 Serenum - ok
13:51:08.0336 4876 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:51:08.0367 4876 Serial - ok
13:51:08.0414 4876 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:51:08.0445 4876 sermouse - ok
13:51:08.0507 4876 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:51:08.0585 4876 SessionEnv - ok
13:51:08.0632 4876 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:51:08.0694 4876 sffdisk - ok
13:51:08.0710 4876 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:51:08.0772 4876 sffp_mmc - ok
13:51:08.0788 4876 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:51:08.0835 4876 sffp_sd - ok
13:51:08.0866 4876 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:51:08.0897 4876 sfloppy - ok
13:51:08.0944 4876 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:51:09.0022 4876 SharedAccess - ok
13:51:09.0131 4876 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:51:09.0209 4876 ShellHWDetection - ok
13:51:09.0256 4876 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:51:09.0272 4876 SiSRaid2 - ok
13:51:09.0318 4876 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:51:09.0334 4876 SiSRaid4 - ok
13:51:09.0350 4876 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:51:09.0443 4876 Smb - ok
13:51:09.0490 4876 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:51:09.0521 4876 SNMPTRAP - ok
13:51:09.0552 4876 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:51:09.0552 4876 spldr - ok
13:51:09.0693 4876 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:51:09.0740 4876 Spooler - ok
13:51:09.0927 4876 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:51:10.0083 4876 sppsvc - ok
13:51:10.0130 4876 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:51:10.0208 4876 sppuinotify - ok
13:51:10.0239 4876 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:51:10.0286 4876 srv - ok
13:51:10.0301 4876 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:51:10.0348 4876 srv2 - ok
13:51:10.0410 4876 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:51:10.0457 4876 srvnet - ok
13:51:10.0551 4876 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:51:10.0598 4876 SSDPSRV - ok
13:51:10.0644 4876 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:51:10.0722 4876 SstpSvc - ok
13:51:10.0754 4876 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:51:10.0769 4876 stexstor - ok
13:51:10.0816 4876 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:51:10.0894 4876 stisvc - ok
13:51:10.0925 4876 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:51:10.0925 4876 swenum - ok
13:51:11.0003 4876 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:51:11.0112 4876 swprv - ok
13:51:11.0190 4876 [ ED6D1424E5B0C21A57B28DD8508D6843 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:51:11.0206 4876 SynTP - ok
13:51:11.0268 4876 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:51:11.0331 4876 SysMain - ok
13:51:11.0362 4876 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:51:11.0393 4876 TabletInputService - ok
13:51:11.0409 4876 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:51:11.0471 4876 TapiSrv - ok
13:51:11.0502 4876 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:51:11.0627 4876 TBS - ok
13:51:11.0783 4876 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:51:11.0877 4876 Tcpip - ok
13:51:12.0033 4876 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:51:12.0080 4876 TCPIP6 - ok
13:51:12.0111 4876 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:51:12.0189 4876 tcpipreg - ok
13:51:12.0220 4876 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:51:12.0251 4876 TDPIPE - ok
13:51:12.0267 4876 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:51:12.0314 4876 TDTCP - ok
13:51:12.0360 4876 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:51:12.0454 4876 tdx - ok
13:51:12.0470 4876 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:51:12.0485 4876 TermDD - ok
13:51:12.0516 4876 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:51:12.0579 4876 TermService - ok
13:51:12.0610 4876 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:51:12.0672 4876 Themes - ok
13:51:12.0719 4876 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:51:12.0750 4876 THREADORDER - ok
13:51:12.0782 4876 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:51:12.0844 4876 TrkWks - ok
13:51:12.0922 4876 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:51:13.0016 4876 TrustedInstaller - ok
13:51:13.0047 4876 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:51:13.0078 4876 tssecsrv - ok
13:51:13.0109 4876 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:51:13.0156 4876 TsUsbFlt - ok
13:51:13.0390 4876 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
13:51:13.0452 4876 TuneUp.UtilitiesSvc - ok
13:51:13.0499 4876 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
13:51:13.0515 4876 TuneUpUtilitiesDrv - ok
13:51:13.0562 4876 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:51:13.0608 4876 tunnel - ok
13:51:13.0686 4876 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
13:51:13.0702 4876 TurboB - ok
13:51:13.0780 4876 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:51:13.0811 4876 TurboBoost - ok
13:51:13.0842 4876 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:51:13.0874 4876 uagp35 - ok
13:51:13.0920 4876 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
13:51:13.0936 4876 UBHelper - ok
13:51:13.0983 4876 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:51:14.0076 4876 udfs - ok
13:51:14.0092 4876 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:51:14.0108 4876 UI0Detect - ok
13:51:14.0123 4876 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:51:14.0139 4876 uliagpkx - ok
13:51:14.0170 4876 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:51:14.0201 4876 umbus - ok
13:51:14.0248 4876 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:51:14.0279 4876 UmPass - ok
13:51:14.0591 4876 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:51:14.0700 4876 UNS - ok
13:51:14.0856 4876 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
13:51:14.0872 4876 Updater Service - ok
13:51:14.0903 4876 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:51:15.0012 4876 upnphost - ok
13:51:15.0059 4876 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:51:15.0137 4876 USBAAPL64 - ok
13:51:15.0168 4876 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:51:15.0246 4876 usbccgp - ok
13:51:15.0278 4876 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:51:15.0293 4876 usbcir - ok
13:51:15.0324 4876 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:51:15.0356 4876 usbehci - ok
13:51:15.0418 4876 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:51:15.0449 4876 usbhub - ok
13:51:15.0496 4876 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:51:15.0527 4876 usbohci - ok
13:51:15.0558 4876 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:51:15.0590 4876 usbprint - ok
13:51:15.0652 4876 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:51:15.0683 4876 usbscan - ok
13:51:15.0730 4876 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:51:15.0792 4876 USBSTOR - ok
13:51:15.0808 4876 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:51:15.0839 4876 usbuhci - ok
13:51:15.0902 4876 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:51:15.0933 4876 usbvideo - ok
13:51:15.0964 4876 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:51:16.0026 4876 UxSms - ok
13:51:16.0120 4876 [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp C:\Windows\System32\uxtuneup.dll
13:51:16.0136 4876 UxTuneUp - ok
13:51:16.0151 4876 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:51:16.0167 4876 VaultSvc - ok
13:51:16.0198 4876 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:51:16.0214 4876 vdrvroot - ok
13:51:16.0260 4876 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:51:16.0323 4876 vds - ok
13:51:16.0354 4876 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:51:16.0385 4876 vga - ok
13:51:16.0416 4876 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:51:16.0463 4876 VgaSave - ok
13:51:16.0541 4876 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:51:16.0588 4876 vhdmp - ok
13:51:16.0604 4876 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:51:16.0619 4876 viaide - ok
13:51:16.0635 4876 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:51:16.0650 4876 volmgr - ok
13:51:16.0682 4876 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:51:16.0697 4876 volmgrx - ok
13:51:16.0697 4876 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:51:16.0713 4876 volsnap - ok
13:51:16.0760 4876 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:51:16.0775 4876 vsmraid - ok
13:51:17.0072 4876 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:51:17.0165 4876 VSS - ok
13:51:17.0212 4876 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:51:17.0259 4876 vwifibus - ok
13:51:17.0290 4876 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:51:17.0321 4876 vwififlt - ok
13:51:17.0337 4876 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:51:17.0368 4876 vwifimp - ok
13:51:17.0430 4876 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:51:17.0477 4876 W32Time - ok
13:51:17.0508 4876 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:51:17.0524 4876 WacomPen - ok
13:51:17.0586 4876 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:51:17.0633 4876 WANARP - ok
13:51:17.0633 4876 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:51:17.0664 4876 Wanarpv6 - ok
13:51:17.0742 4876 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:51:17.0820 4876 wbengine - ok
13:51:17.0852 4876 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:51:17.0883 4876 WbioSrvc - ok
13:51:17.0930 4876 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:51:17.0992 4876 wcncsvc - ok
13:51:18.0008 4876 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:51:18.0054 4876 WcsPlugInService - ok
13:51:18.0070 4876 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:51:18.0086 4876 Wd - ok
13:51:18.0132 4876 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:51:18.0164 4876 Wdf01000 - ok
13:51:18.0195 4876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:51:18.0288 4876 WdiServiceHost - ok
13:51:18.0304 4876 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:51:18.0335 4876 WdiSystemHost - ok
13:51:18.0366 4876 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:51:18.0398 4876 WebClient - ok
13:51:18.0444 4876 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:51:18.0507 4876 Wecsvc - ok
13:51:18.0538 4876 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:51:18.0632 4876 wercplsupport - ok
13:51:18.0678 4876 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:51:18.0741 4876 WerSvc - ok
13:51:18.0772 4876 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:51:18.0819 4876 WfpLwf - ok
13:51:18.0834 4876 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:51:18.0834 4876 WIMMount - ok
13:51:18.0866 4876 WinDefend - ok
13:51:18.0866 4876 WinHttpAutoProxySvc - ok
13:51:18.0928 4876 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:51:19.0006 4876 Winmgmt - ok
13:51:19.0131 4876 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:51:19.0240 4876 WinRM - ok
13:51:19.0287 4876 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:51:19.0318 4876 WinUsb - ok
13:51:19.0380 4876 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:51:19.0443 4876 Wlansvc - ok
13:51:19.0490 4876 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:51:19.0536 4876 WmiAcpi - ok
13:51:19.0583 4876 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:51:19.0614 4876 wmiApSrv - ok
13:51:19.0677 4876 WMPNetworkSvc - ok
13:51:19.0724 4876 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:51:19.0739 4876 WPCSvc - ok
13:51:19.0770 4876 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:51:19.0802 4876 WPDBusEnum - ok
13:51:19.0833 4876 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:51:19.0911 4876 ws2ifsl - ok
13:51:19.0942 4876 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:51:19.0973 4876 wscsvc - ok
13:51:19.0973 4876 WSearch - ok
13:51:20.0051 4876 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:51:20.0160 4876 wuauserv - ok
13:51:20.0207 4876 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:51:20.0285 4876 WudfPf - ok
13:51:20.0332 4876 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:51:20.0394 4876 WUDFRd - ok
13:51:20.0441 4876 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:51:20.0488 4876 wudfsvc - ok
13:51:20.0519 4876 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:51:20.0566 4876 WwanSvc - ok
13:51:20.0644 4876 [ 74983ADDCA2D9618512C088D856D6615 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl
13:51:20.0660 4876 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
13:51:20.0691 4876 ================ Scan global ===============================
13:51:20.0722 4876 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:51:20.0753 4876 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:51:20.0769 4876 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:51:20.0784 4876 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:51:20.0831 4876 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:51:20.0847 4876 [Global] - ok
13:51:20.0847 4876 ================ Scan MBR ==================================
13:51:20.0847 4876 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:51:22.0064 4876 \Device\Harddisk0\DR0 - ok
13:51:22.0064 4876 ================ Scan VBR ==================================
13:51:22.0126 4876 [ 46272F4E617D20180EE636954A015810 ] \Device\Harddisk0\DR0\Partition1
13:51:22.0142 4876 \Device\Harddisk0\DR0\Partition1 - ok
13:51:22.0157 4876 [ 6B09196C46370288A627A3A7DDD570BB ] \Device\Harddisk0\DR0\Partition2
13:51:22.0173 4876 \Device\Harddisk0\DR0\Partition2 - ok
13:51:22.0173 4876 ============================================================
13:51:22.0173 4876 Scan finished
13:51:22.0173 4876 ============================================================
13:51:22.0188 1220 Detected object count: 1
13:51:22.0188 1220 Actual detected object count: 1
13:51:25.0199 1220 RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:51:25.0199 1220 RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
01.09.2012, 12:57
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop stürzt immer plötzlich ab Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
01.09.2012, 13:45
| #19 |
| | Laptop stürzt immer plötzlich abCode:
ATTFilter ComboFix 12-08-31.08 - Ferdi 01.09.2012 14:18:13.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3956.2607 [GMT 2:00]
ausgeführt von:: c:\users\Ferdi\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\program files (x86)\StartNow Toolbar
c:\users\Ferdi\4.0
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-01 bis 2012-09-01 ))))))))))))))))))))))))))))))
.
.
2012-09-01 12:23 . 2012-09-01 12:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-31 22:45 . 2012-08-31 22:45 -------- d-----w- C:\_OTL
2012-08-31 19:21 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A5FBB55-2219-4102-A3FF-F7A754ACA6B6}\mpengine.dll
2012-08-19 16:17 . 2012-08-19 16:17 -------- d-----w- c:\program files (x86)\ESET
2012-08-19 08:02 . 2012-08-19 08:02 -------- d-----w- c:\users\Ferdi\AppData\Roaming\Malwarebytes
2012-08-19 08:02 . 2012-08-19 08:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-19 08:02 . 2012-08-19 08:02 -------- d-----w- c:\programdata\Malwarebytes
2012-08-19 08:02 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-16 19:29 . 2012-06-29 03:39 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-16 09:57 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 09:57 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 09:57 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 09:57 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 09:57 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-16 09:57 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 09:57 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 09:57 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 09:57 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 09:57 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 09:57 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 09:57 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 19:27 . 2010-08-19 12:38 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}]
2011-12-12 16:12 1600616 ----a-w- c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C424171E-592A-415a-9EB1-DFD6D95D3530}"= "c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll" [2011-12-12 1600616]
.
[HKEY_CLASSES_ROOT\clsid\{c424171e-592a-415a-9eb1-dfd6d95d3530}]
[HKEY_CLASSES_ROOT\uitb.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{99F77431-0658-476F-99CE-A05F35CDC7BA}]
[HKEY_CLASSES_ROOT\uitb.Toolbar]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-05 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-09 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2011-01-28 419112]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-12-04 665424]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-16 348664]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-3-1 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys [x]
R2 CLKMSVC10_DB37F995;CyberLink Product - 2011/10/07 18:05;c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe [2011-01-28 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-06 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-07-22 40448]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-06 135664]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/03/01 02:36];c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-11-12 18:29 146928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-10 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-13 86224]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-24 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_DB37F995
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-06 12:35]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-06 12:35]
.
2012-08-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1794910090-1278289867-2085559020-1000Core.job
- c:\users\Ferdi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 16:55]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1794910090-1278289867-2085559020-1000UA.job
- c:\users\Ferdi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30 16:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}]
2011-12-12 16:12 1993832 ----a-w- c:\program files\WEB.DE Toolbar\IE\uitb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C424171E-592A-415a-9EB1-DFD6D95D3530}"= "c:\program files\WEB.DE Toolbar\IE\uitb.dll" [2011-12-12 1993832]
.
[HKEY_CLASSES_ROOT\CLSID\{C424171E-592A-415a-9EB1-DFD6D95D3530}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-11 349480]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-29 8312352]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-11-20 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360810d716l04f8z125t44m1e703
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.0.254
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll
FF - ProfilePath - c:\users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\g9qhxuzo.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-01 14:29:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-01 12:29
.
Vor Suchlauf: 11 Verzeichnis(se), 402.342.977.536 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 401.944.940.544 Bytes frei
.
- - End Of File - - B34CAB5E47460DD9D1C3CBF71813D13C
|
|
01.09.2012, 14:00
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop stürzt immer plötzlich ab Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.09.2012, 13:23
| #21 |
| | Laptop stürzt immer plötzlich ab GMER hat nichts gefunden und das Log war leer. OSAM Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 13:50:13 on 02.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-1794910090-1278289867-2085559020-1000Core.job" - "Google Inc." - C:\Users\Ferdi\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-1794910090-1278289867-2085559020-1000UA.job" - "Google Inc." - C:\Users\Ferdi\AppData\Local\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\Office12\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ArcSec" (ArcSec) - ? - C:\Windows\System32\drivers\ArcSec.sys (File not found) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\Windows\System32\DRIVERS\ewusbmdm.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "NTIDrvr" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\system32\drivers\NTIDrvr.sys "TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys "UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} "WEB.DE NewTab Protocol" - "1und1 Mail und Media GmbH" - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\Office12\OLKFSTUB.DLL {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\SDShelEx-win32.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) <binary data> "WEB.DE Toolbar" - "1und1 Mail und Media GmbH" - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {C345E174-3E87-4F41-A01C-B066A90A49B4} "WRC Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\wrc32.ocx / hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll Locked "Locked" - ? - (File not found | COM-object registry key not found) <binary data> "WEB.DE Toolbar" - "1und1 Mail und Media GmbH" - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} "WEB.DE Toolbar BHO" - "1und1 Mail und Media GmbH" - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Acer VCM.lnk" - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "swg" - "Google Inc." - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "ArcadeDeluxeAgent" - "CyberLink Corp." - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "BackupManagerTray" - "NewTech Infosystems, Inc." - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k "EEventManager" - "SEIKO EPSON CORPORATION" - C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "CyberLink Product - 2011/10/07 18:05:31" (CLKMSVC10_DB37F995) - "CyberLink" - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\NavFilter\kmsvc.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GRegService" (Greg_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe "Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "MyWinLocker Service" (MWLService) - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe "NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe "NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe "NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe "TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe "TurboBoost" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe "Updater Service" (Updater Service) - "Acer" - C:\Program Files\Acer\Acer Updater\UpdaterService.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru ansMBR Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-02 13:57:24
-----------------------------
13:57:24.485 OS Version: Windows x64 6.1.7601 Service Pack 1
13:57:24.485 Number of processors: 4 586 0x2502
13:57:24.485 ComputerName: FERDI-PC UserName: Ferdi
13:57:25.593 Initialize success
13:58:54.945 AVAST engine defs: 12090200
14:04:33.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:04:33.919 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
14:04:33.935 Disk 0 MBR read successfully
14:04:33.935 Disk 0 MBR scan
14:04:33.935 Disk 0 Windows VISTA default MBR code
14:04:33.950 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
14:04:33.981 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 24578048
14:04:33.981 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 464838 MB offset 24782848
14:04:34.028 Disk 0 scanning C:\Windows\system32\drivers
14:04:43.903 Service scanning
14:05:11.453 Modules scanning
14:05:11.453 Disk 0 trace - called modules:
14:05:11.499 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:05:11.499 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bcf060]
14:05:11.515 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004916050]
14:05:12.654 AVAST engine scan C:\Windows
14:05:17.287 AVAST engine scan C:\Windows\system32
14:08:00.184 AVAST engine scan C:\Windows\system32\drivers
14:08:12.898 AVAST engine scan C:\Users\Ferdi
14:17:32.595 AVAST engine scan C:\ProgramData
14:17:51.472 Scan finished successfully
14:21:18.407 Disk 0 MBR has been saved successfully to "C:\Users\Ferdi\Desktop\MBR.dat"
14:21:18.407 The log file has been saved successfully to "C:\Users\Ferdi\Desktop\aswMBR.txt"
|
|
03.09.2012, 19:13
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Laptop stürzt immer plötzlich ab Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2012, 14:35
| #23 |
| | Laptop stürzt immer plötzlich abCode:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.05.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Ferdi :: FERDI-PC [Administrator] Schutz: Aktiviert 05.09.2012 14:16:57 mbam-log-2012-09-05 (14-16-57).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 357985 Laufzeit: 1 Stunde(n), 16 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/05/2012 at 05:29 PM
Application Version : 5.5.1012
Core Rules Database Version : 9174
Trace Rules Database Version: 6986
Scan type : Complete Scan
Total Scan Time : 01:51:57
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 747
Memory threats detected : 0
Registry items scanned : 67200
Registry threats detected : 0
File items scanned : 166645
File threats detected : 154
Adware.Tracking Cookie
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\P9ZORVD9.txt [ /dyntracker.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\0B8HZA1E.txt [ /smartadserver.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\8HLT52XC.txt [ /eas.apm.emediate.eu ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\MBCP8RGL.txt [ /mediaplex.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\OMB21MGU.txt [ /apmebf.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\E0BSVBOZ.txt [ /track.adform.net ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\5G37TS76.txt [ /tracking.quisma.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\6PVQE0RQ.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\GZXML4C4.txt [ /fastclick.net ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\R1BIWLDV.txt [ /atdmt.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\7TOK8XJC.txt [ /ad.zanox.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\2OEGMAUM.txt [ /adform.net ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\MONOAO3D.txt [ /doubleclick.net ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\HOETYB4R.txt [ /imrworldwide.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\E6W723X4.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\G214O4EH.txt [ /adfarm1.adition.com ]
C:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Cookies\2W2ZCRVW.txt [ /zanox.com ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q4PFBA7R.txt [ Cookie:ferdi@stepstone.112.2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\L1157RWM.txt [ Cookie:ferdi@de.sitestat.com/wkd/arbeitssicherheit/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZL8M9V8.txt [ Cookie:ferdi@traffictrack.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\HUQTKZ4L.txt [ Cookie:ferdi@accounts.google.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5J7U10CI.txt [ Cookie:ferdi@clkads.com/adServe/banners ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\8GXXCIQS.txt [ Cookie:ferdi@lfstmedia.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\61OIMJIM.txt [ Cookie:ferdi@de.sitestat.com/idgcom-de/macwelt/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\AZWG2ISH.txt [ Cookie:ferdi@webmasterplan.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0INWEKJS.txt [ Cookie:ferdi@skydeutschland.122.2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\MABU14VI.txt [ Cookie:ferdi@paypal.112.2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\K9JMJPYP.txt [ Cookie:ferdi@smartadserver.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\4KZLL97V.txt [ Cookie:ferdi@eas.apm.emediate.eu/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\GEPW1VUD.txt [ Cookie:ferdi@112.2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\3IR67UE4.txt [ Cookie:ferdi@www.zanox-affiliate.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\6770XO49.txt [ Cookie:ferdi@server.lon.liveperson.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\TD6DF3OM.txt [ Cookie:ferdi@liveperson.net/hc/55779702 ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\PU9WN7FP.txt [ Cookie:ferdi@mediaplex.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\OE36CHOX.txt [ Cookie:ferdi@adtech.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\YDY643XP.txt [ Cookie:ferdi@de.sitestat.com/sportscheck/shop-de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\QNPBQU5A.txt [ Cookie:ferdi@adx.chip.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N4VF8VVD.txt [ Cookie:ferdi@e-2dj6wdmyemc5cbo.stats.esomniture.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\OL4GGW2U.txt [ Cookie:ferdi@tracking.mlsat02.de/tmobile/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0VWD9CLU.txt [ Cookie:ferdi@guj.122.2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\635KA2A0.txt [ Cookie:ferdi@tracking.quisma.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\6LDEH82Q.txt [ Cookie:ferdi@ad1.adfarm1.adition.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\65VSTDGH.txt [ Cookie:ferdi@clkads.com/adServe ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\06IZ0Z6F.txt [ Cookie:ferdi@e-2dj6wnlowldpilq.stats.esomniture.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\FVQ7JNVO.txt [ Cookie:ferdi@media6degrees.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\JJH31SIQ.txt [ Cookie:ferdi@invitemedia.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\RB6O6WPT.txt [ Cookie:ferdi@ad.zanox.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\42B9MXB4.txt [ Cookie:ferdi@ad.yieldmanager.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\OGYU53LT.txt [ Cookie:ferdi@ad3.adfarm1.adition.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\6LJ85JSY.txt [ Cookie:ferdi@at.atwola.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\G4FA6N5V.txt [ Cookie:ferdi@lucidmedia.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJV7WL7Q.txt [ Cookie:ferdi@ad.dyntracker.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\XEX2JQHY.txt [ Cookie:ferdi@e-2dj6wjk4qlazocq.stats.esomniture.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\CLS6LWTQ.txt [ Cookie:ferdi@pumpendiscounter.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\YHKXO933.txt [ Cookie:ferdi@ww251.smartadserver.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\UTDW4JBE.txt [ Cookie:ferdi@findling.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\39CED5R9.txt [ Cookie:ferdi@stats.paypal.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\VHOFX7FE.txt [ Cookie:ferdi@openx.jeetyetmedia.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LMP75SS3.txt [ Cookie:ferdi@revsci.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZYREL30.txt [ Cookie:ferdi@de.sitestat.com/ing-diba/de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\JPEDBPU9.txt [ Cookie:ferdi@amazon-adsystem.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\T9X00XJX.txt [ Cookie:ferdi@tracking.crealytics.com/185/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LO22855X.txt [ Cookie:ferdi@doubleclick.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\PXAC8JXR.txt [ Cookie:ferdi@www.pumpendiscounter.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\YDFH13YE.txt [ Cookie:ferdi@zanox-affiliate.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\SAHCZ4VW.txt [ Cookie:ferdi@imrworldwide.com/cgi-bin ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LXWS8A6B.txt [ Cookie:ferdi@liveperson.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\XBIDVXOI.txt [ Cookie:ferdi@vorlagen-finder.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\7XP85NW8.txt [ Cookie:ferdi@liveperson.net/hc/36005843 ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\EV9H6NHQ.txt [ Cookie:ferdi@ad2.adfarm1.adition.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\PM2CGPAM.txt [ Cookie:ferdi@www.fliesen-discount24.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\A8XS3PP3.txt [ Cookie:ferdi@unister-adservices.com/campaign/conversion/22 ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\M122PSJE.txt [ Cookie:ferdi@eyewonder.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\B82O3H79.txt [ Cookie:ferdi@adfarm1.adition.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N2NBD835.txt [ Cookie:ferdi@kontera.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\J02VVC2H.txt [ Cookie:ferdi@www.etracker.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LO2HPLPV.txt [ Cookie:ferdi@edge.jeetyetmedia.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\VFPKE1Q0.txt [ Cookie:ferdi@zanox.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\D02LJX04.txt [ Cookie:ferdi@adviva.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\2WUC6J31.txt [ Cookie:ferdi@c.atdmt.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\8I7HARYB.txt [ Cookie:ferdi@autoscout24.112.2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\4DDPZYGS.txt [ Cookie:ferdi@overture.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\PEPVY9YT.txt [ Cookie:ferdi@adinterax.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q7499SDF.txt [ Cookie:ferdi@questionmarket.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\CFKKELKH.txt [ Cookie:ferdi@clickfuse.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\E4JGTI62.txt [ Cookie:ferdi@2o7.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\AC6M6RJF.txt [ Cookie:ferdi@dealtime.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\TYRVV2TO.txt [ Cookie:ferdi@www.vorlagen-finder.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\KLQC5EYK.txt [ Cookie:ferdi@unister-adservices.com/services/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\G8S7JDZF.txt [ Cookie:ferdi@casalemedia.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\VO9B2TAR.txt [ Cookie:ferdi@tomtailor.dyntracker.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\A5L11HMP.txt [ Cookie:ferdi@track.adform.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\HA4H2Y6I.txt [ Cookie:ferdi@advertising.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\ML6CYZIX.txt [ Cookie:ferdi@tracking.mobile.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\U0QMI717.txt [ Cookie:ferdi@tracker.vinsight.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\NUJQORYT.txt [ Cookie:ferdi@ad4.adfarm1.adition.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N72K13KD.txt [ Cookie:ferdi@sales.liveperson.net/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LW9Y34JH.txt [ Cookie:ferdi@statcounter.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\JG9TKRN7.txt [ Cookie:ferdi@go.dynamic-tracking.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\VUMUKOLL.txt [ Cookie:ferdi@advertising.superweb.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\TD0XEMB0.txt [ Cookie:ferdi@e-2dj6wjliwhczehp.stats.esomniture.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0LHRGNP0.txt [ Cookie:ferdi@www.googleadservices.com/pagead/conversion/1072438157/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\MFQ53K4J.txt [ Cookie:ferdi@adbrite.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\I2GSLZ77.txt [ Cookie:ferdi@de.sitestat.com/wkd/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\C1AGT4W1.txt [ Cookie:ferdi@quartermedia.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\27KSQBKI.txt [ Cookie:ferdi@fliesen-discount24.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N2QEB6DB.txt [ Cookie:ferdi@im.banner.t-online.de/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\9O710ECX.txt [ Cookie:ferdi@statse.webtrendslive.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\PP4MMJTP.txt [ Cookie:ferdi@clicks.pangora.com/ ]
C:\USERS\FERDI\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z8OMBAE5.txt [ Cookie:ferdi@snapfish.112.2o7.net/ ]
C:\USERS\FERDI\Cookies\P9ZORVD9.txt [ Cookie:ferdi@dyntracker.com/ ]
C:\USERS\FERDI\Cookies\0B8HZA1E.txt [ Cookie:ferdi@smartadserver.com/ ]
C:\USERS\FERDI\Cookies\8HLT52XC.txt [ Cookie:ferdi@eas.apm.emediate.eu/ ]
C:\USERS\FERDI\Cookies\MBCP8RGL.txt [ Cookie:ferdi@mediaplex.com/ ]
C:\USERS\FERDI\Cookies\E0BSVBOZ.txt [ Cookie:ferdi@track.adform.net/ ]
C:\USERS\FERDI\Cookies\5G37TS76.txt [ Cookie:ferdi@tracking.quisma.com/ ]
C:\USERS\FERDI\Cookies\6PVQE0RQ.txt [ Cookie:ferdi@ad1.adfarm1.adition.com/ ]
C:\USERS\FERDI\Cookies\7TOK8XJC.txt [ Cookie:ferdi@ad.zanox.com/ ]
C:\USERS\FERDI\Cookies\MONOAO3D.txt [ Cookie:ferdi@doubleclick.net/ ]
C:\USERS\FERDI\Cookies\HOETYB4R.txt [ Cookie:ferdi@imrworldwide.com/cgi-bin ]
C:\USERS\FERDI\Cookies\E6W723X4.txt [ Cookie:ferdi@ad2.adfarm1.adition.com/ ]
C:\USERS\FERDI\Cookies\G214O4EH.txt [ Cookie:ferdi@adfarm1.adition.com/ ]
C:\USERS\FERDI\Cookies\2W2ZCRVW.txt [ Cookie:ferdi@zanox.com/ ]
.doubleclick.net [ C:\USERS\FERDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\FERDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\FERDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\FERDI\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FERDI@SERVER.LON.LIVEPERSON[2].TXT [ /SERVER.LON.LIVEPERSON ]
C:\USERS\FERDI\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FERDI@STATSE.WEBTRENDSLIVE[2].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\USERS\FERDI\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FERDI@LIVEPERSON[3].TXT [ /LIVEPERSON ]
C:\USERS\FERDI\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FERDI@WWW.GOOGLEADSERVICES[4].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FERDI\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FERDI@ROITRACKING[2].TXT [ /ROITRACKING ]
C:\USERS\FERDI\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FERDI@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
.smartadserver.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.ad1.adfarm1.adition.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.dyntracker.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G9QHXUZO.DEFAULT\COOKIES.SQLITE ]
|
|
| Themen zu Laptop stürzt immer plötzlich ab |
| 192.168.0.2, antivir, autorun, avg, avira, bho, bonjour, browser, error, fehler, firefox, flash player, format, home, install.exe, launch, locker, logfile, mozilla, mywinlocker, office 2007, origin, plug-in, realtek, registry, richtlinie, rundll, scan, security, software, svchost.exe, sweetim, udp, windows, yontoo |
Linear-Darstellung
