| |
| |||||||
Log-Analyse und Auswertung: PC hängt immer wieder und stürzt im IE und FF ab...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.11.2012, 22:03
| #1 |
 |  PC hängt immer wieder und stürzt im IE und FF ab... Hallo in die Runde, nachdem Ihr mir schon so wunderbar beim Säubern meines Laptops geholfen habt, möchte ich Euch gerne nochmal um Hilfe bitten. Der Laptop meiner Nachbarin hängt sich immer wieder auf... manchmal hilft einfach nur warten (alles zwischen 1 und 20 Minuten), manchmal geht gar nichts mehr. Einen Virus habe ich nicht gefunden, auch sonst bin ich mit meinem Laien-Latein am Ende... Würdet Ihr bitte mal drüberschauen, ob vielleicht nicht doch irgendwelche Daten drauf sind, die da nicht hingehören (oder aber welche fehlen)? Ich habe den Laptop jetzt erstmal mitgenommen... Vielen Dank dafür! Beste Grüße, Véronique defogger meldet nichts Code:
ATTFilter OTL logfile created on: 27.11.2012 19:10:43 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christa\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 765,45 Mb Total Physical Memory | 193,80 Mb Available Physical Memory | 25,32% Memory free 1,76 Gb Paging File | 0,98 Gb Available in Paging File | 55,73% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 50,79 Gb Total Space | 11,44 Gb Free Space | 22,53% Space Free | Partition Type: NTFS Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.11.27 19:08:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christa\Downloads\OTL.exe PRC - [2012.11.10 17:50:24 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007.02.07 05:18:02 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2007.02.05 19:48:14 | 000,692,224 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2007.01.25 02:01:34 | 001,362,432 | ---- | M] () -- C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe PRC - [2007.01.24 21:05:20 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2007.01.05 20:31:20 | 000,049,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006.11.21 23:12:42 | 000,719,664 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006.10.05 21:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe ========== Modules (No Company Name) ========== MOD - [2012.11.10 17:50:24 | 002,295,264 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2007.02.08 09:13:40 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007.01.25 02:01:34 | 001,362,432 | ---- | M] () -- C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe MOD - [2007.01.15 15:01:38 | 000,122,880 | ---- | M] () -- C:\Windows\System32\spacklsp.dll MOD - [2006.11.21 23:03:50 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2006.11.21 22:43:46 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll MOD - [2006.11.09 01:18:46 | 000,065,536 | ---- | M] () -- C:\Programme\Samsung\EBM\ChkSec.dll MOD - [2006.09.19 18:52:46 | 000,028,672 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\WinMove.dll MOD - [2006.08.12 21:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll MOD - [2006.08.12 21:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll MOD - [2006.08.12 21:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ========== Services (SafeList) ========== SRV - [2012.11.16 17:13:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.11.10 17:50:24 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.12.10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SRV - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2010.12.10 18:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007.06.28 18:54:42 | 000,073,728 | ---- | M] () [Auto | Stopped] -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2007.01.17 12:01:54 | 000,212,992 | ---- | M] (T-Systems International GmbH) [On_Demand | Stopped] -- C:\Programme\T-Online\DSL-Manager\TODslSvc.exe -- (TODslService) SRV - [2006.10.26 23:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.10.05 21:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\vvftUVC.sys -- (vvftUVC) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VMUVC.sys -- (VMUVC) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.09.05 13:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007.02.28 19:17:05 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2007.02.08 09:22:28 | 002,315,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2007.01.24 04:18:32 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.24 02:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.01.24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006.12.20 02:01:00 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006.11.28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 08:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32) DRV - [2006.10.09 13:03:56 | 000,017,152 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX) DRV - [2006.10.09 12:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX) DRV - [2006.05.15 14:35:56 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se27unic.sys -- (se27unic) DRV - [2006.05.15 14:35:48 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27obex.sys -- (SE27obex) DRV - [2006.05.15 14:35:48 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se27nd5.sys -- (se27nd5) DRV - [2006.05.15 14:35:46 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27mgmt.sys -- (SE27mgmt) DRV - [2006.05.15 14:35:42 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27mdm.sys -- (SE27mdm) DRV - [2006.05.15 14:35:42 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27mdfl.sys -- (SE27mdfl) DRV - [2006.05.15 14:35:36 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27bus.sys -- (SE27bus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://email.t-online.de/kc/index.php?ctl=message_list&p[folder]=INBOX IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms} IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms} IE - HKCU\..\SearchScopes\{CA680281-B784-4FE0-8DC8-8E5256EC23AF}: "URL" = hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_de&p={searchTerms} IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://email.t-online.de/index.php?ctl=write_email" FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474 FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.16 18:31:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.10 17:50:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.09 16:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Extensions [2012.10.23 17:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions [2010.09.12 16:27:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.25 17:08:00 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf} [2012.11.10 17:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.11.16 18:31:22 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012.11.10 17:50:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.22 17:08:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.15 16:44:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.22 17:08:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.22 17:08:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.22 17:08:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.22 17:08:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKCU..\Run: [] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\spacklsp.dll () O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{082264E5-35B3-4F48-B8BF-CEB85C74F920}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C73B4F7C-7AA5-4121-87EF-C68A412D2C29}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.11.16 18:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.11.16 18:32:59 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Local\Google [2012.11.16 18:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012.11.16 18:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.11.16 18:32:49 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.11.16 18:32:49 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.11.16 18:32:44 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012.11.16 18:32:43 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.11.16 18:32:39 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.11.16 18:32:34 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.11.16 18:30:58 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.11.16 18:30:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012.11.16 18:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.11.16 18:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.11.16 18:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.11.16 17:30:49 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Roaming\Malwarebytes [2012.11.16 17:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.11.16 17:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.11.16 17:29:08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.11.16 17:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.11.10 17:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.27 19:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.27 19:03:41 | 000,000,000 | ---- | M] () -- C:\Users\Christa\defogger_reenable [2012.11.27 18:50:34 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.27 18:50:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.27 18:16:11 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.11.27 17:31:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.27 17:31:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.27 17:30:41 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.27 17:27:26 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012.11.25 18:42:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.11.17 18:09:04 | 000,696,598 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.17 18:09:04 | 000,651,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.17 18:09:04 | 000,155,074 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.17 18:09:04 | 000,126,162 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.11.16 20:09:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.11.16 18:32:50 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.11.16 18:32:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.11.16 18:17:18 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.11.16 17:15:01 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.27 19:03:41 | 000,000,000 | ---- | C] () -- C:\Users\Christa\defogger_reenable [2012.11.16 18:37:02 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.11.16 18:33:19 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.16 18:33:16 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.16 18:32:50 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.11.16 18:17:18 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.11.16 18:17:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.09.16 16:10:14 | 000,000,903 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.15.rtf [2011.08.23 15:46:20 | 000,001,152 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.14.rtf [2011.02.25 18:03:31 | 000,000,888 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.13.rtf [2010.11.27 18:29:59 | 000,000,723 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.12.rtf [2010.11.01 17:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Christa\AppData\Local\d3d9caps.dat [2010.10.13 17:09:52 | 000,000,881 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.11.rtf [2010.09.14 16:27:53 | 000,000,694 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.10.rtf [2010.08.06 16:33:52 | 000,000,760 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.9.rtf [2010.07.05 11:40:53 | 000,000,611 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr 6.rtf [2010.06.11 16:14:32 | 000,001,036 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.8.rtf [2010.05.21 17:27:42 | 000,000,877 | ---- | C] () -- C:\Users\Christa\Tagebuch.rtf [2010.05.07 16:56:28 | 000,000,964 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.7.rtf [2010.03.21 17:08:06 | 000,031,007 | ---- | C] () -- C:\Users\Christa\AppData\Roaming\UserTile.png [2009.05.10 15:04:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.12.27 11:35:42 | 000,710,144 | -HS- | C] () -- C:\Users\Christa\ehthumbs_vista.db [2007.10.31 15:59:18 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.10.22 14:36:12 | 000,022,528 | ---- | C] () -- C:\Users\Christa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.09.03 11:17:02 | 000,000,095 | ---- | C] () -- C:\Users\Christa\AppData\Local\fusioncache.dat ========== ZeroAccess Check ========== [2010.01.05 12:55:24 | 000,005,044 | ---- | M] () -- C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}\skin\L.png [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011.03.28 16:40:32 | 000,000,000 | ---D | M] -- C:\Users\Christa\AppData\Roaming\PeerNetworking [2007.09.03 11:09:52 | 000,000,000 | ---D | M] -- C:\Users\Christa\AppData\Roaming\T-Online [2010.09.09 16:20:27 | 000,000,000 | ---D | M] -- C:\Users\Christa\AppData\Roaming\TuneUp Software ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 885 bytes -> C:\Users\Christa\Documents\Tagebuch Nr.16.eml:OECustomProperty < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.11.2012 19:10:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
765,45 Mb Total Physical Memory | 193,80 Mb Available Physical Memory | 25,32% Memory free
1,76 Gb Paging File | 0,98 Gb Available in Paging File | 55,73% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 11,44 Gb Free Space | 22,53% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1688565363-3877067027-1528832066-1003]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{164A68E2-493F-4308-8F08-84491949D2D9}" = lport=445 | protocol=6 | dir=in | app=system |
"{17835511-E8D2-44D6-84F1-05C1D94ED9F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2110C180-636A-49A8-999D-C0590C71D248}" = lport=138 | protocol=17 | dir=in | app=system |
"{241F1282-FE85-44AC-A1CD-282C6713809D}" = lport=137 | protocol=17 | dir=in | app=system |
"{3F4109A9-E99E-4973-B8F9-629006779EC6}" = rport=137 | protocol=17 | dir=out | app=system |
"{77427A9D-75D5-4F52-9915-0F34512C3D80}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{909E4A5F-8BFB-4F1E-A7DA-D4A312C0F63B}" = lport=139 | protocol=6 | dir=in | app=system |
"{9744DDFE-C742-44D0-868F-904DE91E9AB7}" = rport=445 | protocol=6 | dir=out | app=system |
"{E41F1530-EAC7-4BDE-97BF-DF27D6975E27}" = rport=139 | protocol=6 | dir=out | app=system |
"{F7A20E7E-0676-4624-A195-0F214C16F85F}" = rport=138 | protocol=17 | dir=out | app=system |
"{FF95205D-CDB6-4187-AAF8-94DBD2A3871F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0861DEE8-1E70-4298-98BD-72DA8E267D93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4067263A-C653-4772-B88E-3C915E97E74B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AA77BCD3-8FBC-40C5-9C20-316F0FC60701}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BDE9E5E8-72E8-4791-B0CE-D4DB68E48381}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0212BFBB-50BA-C4FA-D700-DFBB40A9F1AF}" = Catalyst Control Center Localization Arabic
"{0219FD21-8B2E-240B-3D35-997EE0E3F81B}" = Catalyst Control Center Localization Arabic
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047ACAF8-7642-4940-8EC6-4694E0E60B40}" = CCC Help French
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F42C96-A96C-F579-B0FA-F44BBA118C51}" = ccc-core-static
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0BB96994-EA3F-D659-6A3B-D2D73FEBD8E4}" = ccc-utility
"{0C1D06CD-D5D1-A718-5C8F-27D089C5C39C}" = Catalyst Control Center Localization Finnish
"{0DF36AB1-1B4C-CAEC-A23E-EFA25738B60A}" = CCC Help Greek
"{110D7DC8-9237-47D3-AB39-50651A10304C}" = SamsungScreensaver
"{12080F61-1225-BCDE-EFE2-3452E826D9AD}" = Catalyst Control Center Graphics Light
"{143539DF-6F6E-9E25-3EDF-0906C7F533B7}" = CCC Help Korean
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution II
"{148806DB-3E2E-4A2E-D7F8-223EFA43C350}" = Catalyst Control Center Graphics Full New
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20CD8D4B-74ED-BED9-805C-6F4FBE6B4F01}" = ccc-localization-da
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31ACBC65-C234-BD71-3FCE-520EC0138635}" = CCC Help Norwegian
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"{3AB54293-0366-7D73-D97E-3DB689A72E4A}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DC4A72C-B683-5733-8A2C-136FBB5619D6}" = Catalyst Control Center Localization German
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{47EDD638-F882-A248-FBA5-B0CCBB9175D8}" = CCC Help Spanish
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D6125BF-2586-9175-24FE-854DD6F6F08F}" = CCC Help Hungarian
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52FE8F38-057E-26C5-DF29-935DE6E218E0}" = Catalyst Control Center Localization Japanese
"{5579A7B8-F48A-C2F5-75D0-F67CDFD68461}" = Catalyst Control Center Core Implementation
"{5A4BB8B6-8BE7-A8AF-528C-55A50DD18497}" = Catalyst Control Center Localization Arabic
"{5AA05616-21D6-63D5-CA68-73200B161599}" = CCC Help Czech
"{5E99C53A-D37E-CEA5-0398-329F15494618}" = Catalyst Control Center Graphics Full Existing
"{64536DB8-3247-4489-6BC3-BCD0DCC74810}" = Catalyst Control Center Localization Spanish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6BD4EDE4-053E-FC85-AFC2-58306952BDBD}" = Catalyst Control Center Localization French
"{6F6D2DE6-44FA-EAF4-0028-7FAE37A76B4C}" = CCC Help Turkish
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78E2F10D-4A74-A354-3D41-CF439A501AE5}" = CCC Help Italian
"{8448A09D-0E2A-4EFA-6A16-AFA374AE088F}" = Catalyst Control Center Graphics Previews Vista
"{87858FF1-3D1C-301A-0C62-62F977659969}" = Catalyst Control Center Localization Italian
"{8799B11A-0E01-1729-B527-802A3513BEE7}" = CCC Help Polish
"{8A51FE4C-7DC6-8C9B-67D7-8536B7413BFE}" = Catalyst Control Center Localization Korean
"{8A92CE03-CEEB-145D-1F8D-FBC0DDE0CDEF}" = CCC Help Finnish
"{8ED71B2B-8228-EFF8-B566-890D771A6A98}" = CCC Help Swedish
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903194A5-E1E4-E56B-8B3C-C52664CD6A65}" = CCC Help Japanese
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = T-Online DSL-Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{95CCAA64-028C-FF26-B553-3401EA3B137B}" = CCC Help Chinese Standard
"{98C0E007-7225-550C-BD4D-16A53171FA5B}" = CCC Help Chinese Traditional
"{99825ADC-3BAC-40C6-3FA1-A80496C5FE4D}" = CCC Help German
"{99FBF341-96A4-6E6B-F098-F5318F74FD8B}" = Catalyst Control Center Localization Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AEE384F-4CEB-9FD4-0ECA-5A2A5FF3FC65}" = Catalyst Control Center Localization Arabic
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A703E5-975D-8426-B654-A3C86EEA771F}" = Catalyst Control Center Localization Greek
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3400
"{A2E2B102-C07F-2D6A-F826-FBE911583029}" = Catalyst Control Center Localization Arabic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB8465B2-8971-83AA-72AC-08C870CAB14B}" = CCC Help English
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B57D54D5-BE8F-152A-3DDA-2CCC34916ABB}" = Catalyst Control Center Localization Czech
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C2F84222-A797-3ADB-F73F-F9FEA356365E}" = Catalyst Control Center Localization Chinese Standard
"{C5DC24CC-98D8-3714-20DE-F3154692CAC1}" = CCC Help Portuguese
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D6339BC5-BD2E-580C-0A9E-EF09B768C891}" = CCC Help Thai
"{DDFA8768-E4A8-4EFA-637B-DF23DC3EFD04}" = Catalyst Control Center Localization Chinese Traditional
"{DF1F4246-C7DF-7C15-6BBD-211E768EB715}" = Catalyst Control Center Localization Arabic
"{E481BC06-6BBB-093B-728A-C8EEB98E1E47}" = Catalyst Control Center Localization Arabic
"{E5BED6AE-BEF7-8504-38DB-F881A526F5C2}" = Skins
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC69E8A3-A20F-E735-968A-CE6D4E1FA857}" = CCC Help Russian
"{ED8EACD0-3B35-AA21-DA10-6372AB6D19CA}" = CCC Help Dutch
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF602681-E2E7-9FFF-9752-3B0F8E7D38F1}" = Catalyst Control Center Localization Arabic
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Uninstaller" = ATI Uninstaller
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Google Chrome" = Google Chrome
"InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"SynTPDeinstKey" = Synaptics Pointing Device Driver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:42:29 | Computer Name = Christa-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 24.11.2012 13:20:55 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 24.11.2012 13:52:20 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description =
Error - 25.11.2012 12:43:39 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 25.11.2012 12:49:17 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 17:43:26 unerwartet heruntergefahren.
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.11.2012 13:04:18 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:02:07 unerwartet heruntergefahren.
Error - 25.11.2012 13:25:55 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:23:09 unerwartet heruntergefahren.
Error - 25.11.2012 13:42:27 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description =
Error - 27.11.2012 12:43:44 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
28.11.2012, 13:39
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC hängt immer wieder und stürzt im IE und FF ab... Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Zitat:
Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520
__________________ |
|
29.11.2012, 16:11
| #3 |
| | PC hängt immer wieder und stürzt im IE und FF ab... Hallo Cosinus,
__________________danke für Deine Hilfe! Seitdem man mich um Rat gefragt hat, gab es keine Funde von Virenscannern. Lasse gerade nochmal einen erweiterten Scan von Malwarebytes laufen... Meine Nachbarin sagte mir, vor ca. einem halben Jahr habe Avira wohl mal einen Trojaner gefunden, den sie dann in Quarantäne geschickt hätte. Nun ist aber Avira deinstalliert worden... komme ich trotzdem noch irgendwie an die alte Logdatei? Viele Grüße, Véronique |
|
29.11.2012, 16:22
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt immer wieder und stürzt im IE und FF ab... Es geht darum, dass man die Logs mit den Funden sehen muss! Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.11.2012, 18:25
| #5 |
| | PC hängt immer wieder und stürzt im IE und FF ab... Na, wie gesagt, es gibt keinen Fund... nur diese ewigen Verzögerungen, manchmal mit "Totalausfall", so dass eben gar nichts weiter geht und sich der Cursor nicht mehr bewegen lässt. Im Internet am häufigsten, aber auch offline... Der Laptop ist ja jetzt in meiner Wohnung und hier benutze ich mein WLAN... das funktioniert bei meinem eigenen PC einwandfrei und ist schnell... daran kann es also nicht liegen. Das Problem scheint sich zu erhöhen, je länger ich im Internet bin. Momentan braucht es bei jedem Klick ca. 20-30 Sekunden, bis der Rechner reagiert. |
|
29.11.2012, 20:30
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt immer wieder und stürzt im IE und FF ab...Code:
ATTFilter Windows Vista Home Premium Edition Service Pack 2
765,45 Mb Total Physical Memory
  War Vista schon vorinstalliert? Stimmt die Angabe des Speichers so überhaupt? Ich find das ist ein recht ungewöhnlicher Wert!
__________________ --> PC hängt immer wieder und stürzt im IE und FF ab... |
|
29.11.2012, 20:47
| #7 |
| | PC hängt immer wieder und stürzt im IE und FF ab... Meine Nachbarin ist 70 und kennt sich mit Computern so gut wie gar nicht aus (noch weniger als ich)... außerdem ist ein Vista-Aufkleber auf dem Laptop... ziemlich sicher war Vista vorinstalliert. Sie benutzt den Laptop aber auch nur, um ein paar Mails zu schreiben, ab und an eine Überweisung zu tätigen oder eine Flug zu buchen, einige Fotos zu speichern und einige wenige Textdateien zu verfassen. Am Anfang gab es die Probleme mit der Langsamkeit wohl nicht... In der Systeminfo steht folgendes: Installierter physikalischer Speicher (RAM) 1,00 GB Gesamter realer Speicher 765 MB Verfügbarer realer Speicher 156 MB Gesamter virtueller Speicher 1,75 GB Verfügbarer virtueller Speicher 873 MB Größe der Auslagerungsdatei 1,04 GB Auslagerungsdatei C:\pagefile.sys Kann man was machen, dass er wieder etwas schneller wird, oder brauchen wir ein neues Betriebssystem? Oder besser einen neuen Computer?! :-) PS: Momentan reagiert er aber auch wieder - anders als noch vor zwei Stunden - ganz schnell... woran liegen denn diese Schwankungen? |
|
29.11.2012, 22:20
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt immer wieder und stürzt im IE und FF ab... Für Vista ist das DEUTLICH zu wenig RAM...selbst bei XP kann 1 GB bzw. 765 MB verfügbarer RAM zu wenig sein.... 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.11.2012, 00:53
| #9 |
| | PC hängt immer wieder und stürzt im IE und FF ab... Was schlägst Du bezüglich des Betriebssystems vor? Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-30 00:30:26
-----------------------------
00:30:26.053 OS Version: Windows 6.0.6002 Service Pack 2
00:30:26.053 Number of processors: 1 586 0xE0C
00:30:26.053 ComputerName: CHRISTA-PC UserName: Christa
00:30:36.349 Initialize success
00:30:41.263 AVAST engine defs: 12112900
00:30:56.520 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:30:56.520 Disk 0 Vendor: FUJITSU_MHW2120BH 00000012 Size: 114473MB BusType: 3
00:30:56.551 Disk 0 MBR read successfully
00:30:56.551 Disk 0 MBR scan
00:30:56.582 Disk 0 unknown MBR code
00:30:56.598 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
00:30:56.613 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 52008 MB offset 20973568
00:30:56.644 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 52223 MB offset 127485952
00:30:56.644 Disk 0 scanning sectors +234438656
00:30:56.910 Disk 0 scanning C:\Windows\system32\drivers
00:31:20.185 Service scanning
00:31:52.446 Modules scanning
00:32:28.326 Disk 0 trace - called modules:
00:32:28.872 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
00:32:28.872 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84da4980]
00:32:28.887 3 CLASSPNP.SYS[868978b3] -> nt!IofCallDriver -> [0x846b0840]
00:32:28.887 5 acpi.sys[82e456bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84693528]
00:32:28.903 Scan finished successfully
00:32:40.790 Disk 0 MBR has been saved successfully to "C:\Users\Christa\Downloads\MBR.dat"
00:32:40.806 The log file has been saved successfully to "C:\Users\Christa\Downloads\aswMBR.txt"
Code:
ATTFilter 00:39:02.0196 3820 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:39:04.0126 3820 ============================================================
00:39:04.0126 3820 Current date / time: 2012/11/30 00:39:04.0126
00:39:04.0126 3820 SystemInfo:
00:39:04.0126 3820
00:39:04.0126 3820 OS Version: 6.0.6002 ServicePack: 2.0
00:39:04.0126 3820 Product type: Workstation
00:39:04.0126 3820 ComputerName: CHRISTA-PC
00:39:04.0126 3820 UserName: Christa
00:39:04.0126 3820 Windows directory: C:\Windows
00:39:04.0126 3820 System windows directory: C:\Windows
00:39:04.0126 3820 Processor architecture: Intel x86
00:39:04.0126 3820 Number of processors: 1
00:39:04.0126 3820 Page size: 0x1000
00:39:04.0126 3820 Boot type: Normal boot
00:39:04.0126 3820 ============================================================
00:39:08.0668 3820 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:39:08.0788 3820 ============================================================
00:39:08.0788 3820 \Device\Harddisk0\DR0:
00:39:08.0798 3820 MBR partitions:
00:39:08.0798 3820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x6594000
00:39:08.0798 3820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7994800, BlocksNum 0x65FF800
00:39:08.0798 3820 ============================================================
00:39:09.0028 3820 C: <-> \Device\Harddisk0\DR0\Partition1
00:39:09.0308 3820 D: <-> \Device\Harddisk0\DR0\Partition2
00:39:09.0308 3820 ============================================================
00:39:09.0308 3820 Initialize success
00:39:09.0308 3820 ============================================================
00:39:32.0390 2832 ============================================================
00:39:32.0390 2832 Scan started
00:39:32.0390 2832 Mode: Manual;
00:39:32.0390 2832 ============================================================
00:39:41.0360 2832 ================ Scan system memory ========================
00:39:41.0360 2832 System memory - ok
00:39:41.0360 2832 ================ Scan services =============================
00:39:41.0703 2832 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
00:39:41.0734 2832 ACPI - ok
00:39:41.0984 2832 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:39:41.0984 2832 AdobeARMservice - ok
00:39:42.0093 2832 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:39:42.0108 2832 AdobeFlashPlayerUpdateSvc - ok
00:39:42.0171 2832 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:39:42.0186 2832 adp94xx - ok
00:39:42.0218 2832 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:39:42.0218 2832 adpahci - ok
00:39:42.0249 2832 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
00:39:42.0249 2832 adpu160m - ok
00:39:42.0264 2832 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:39:42.0280 2832 adpu320 - ok
00:39:42.0311 2832 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:39:42.0327 2832 AeLookupSvc - ok
00:39:42.0374 2832 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
00:39:42.0374 2832 AFD - ok
00:39:42.0436 2832 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
00:39:42.0436 2832 AgereModemAudio - ok
00:39:42.0514 2832 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
00:39:42.0561 2832 AgereSoftModem - ok
00:39:42.0592 2832 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:39:42.0592 2832 agp440 - ok
00:39:42.0639 2832 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
00:39:42.0670 2832 aic78xx - ok
00:39:42.0717 2832 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
00:39:42.0717 2832 ALG - ok
00:39:42.0748 2832 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
00:39:42.0748 2832 aliide - ok
00:39:42.0779 2832 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:39:42.0779 2832 amdagp - ok
00:39:42.0795 2832 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
00:39:42.0795 2832 amdide - ok
00:39:42.0826 2832 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
00:39:42.0826 2832 AmdK7 - ok
00:39:42.0842 2832 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:39:42.0842 2832 AmdK8 - ok
00:39:42.0904 2832 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
00:39:42.0920 2832 Appinfo - ok
00:39:42.0951 2832 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
00:39:42.0951 2832 arc - ok
00:39:42.0966 2832 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:39:42.0982 2832 arcsas - ok
00:39:43.0029 2832 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
00:39:43.0029 2832 aswFsBlk - ok
00:39:43.0060 2832 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:39:43.0091 2832 aswMonFlt - ok
00:39:43.0107 2832 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
00:39:43.0107 2832 AswRdr - ok
00:39:43.0154 2832 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:39:43.0185 2832 aswSnx - ok
00:39:43.0216 2832 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:39:43.0232 2832 aswSP - ok
00:39:43.0278 2832 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:39:43.0278 2832 aswTdi - ok
00:39:43.0310 2832 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:39:43.0310 2832 AsyncMac - ok
00:39:43.0341 2832 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
00:39:43.0341 2832 atapi - ok
00:39:43.0512 2832 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
00:39:43.0606 2832 athr - ok
00:39:43.0653 2832 [ D1F2726E89D4BD96F8314B9E303E633D ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
00:39:43.0684 2832 Ati External Event Utility - ok
00:39:43.0746 2832 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:39:43.0746 2832 AudioEndpointBuilder - ok
00:39:43.0762 2832 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:39:43.0762 2832 Audiosrv - ok
00:39:43.0980 2832 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:39:43.0980 2832 avast! Antivirus - ok
00:39:44.0136 2832 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
00:39:44.0183 2832 BcmSqlStartupSvc - ok
00:39:44.0214 2832 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
00:39:44.0230 2832 Beep - ok
00:39:44.0277 2832 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
00:39:44.0292 2832 BFE - ok
00:39:44.0355 2832 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
00:39:44.0402 2832 BITS - ok
00:39:44.0417 2832 blbdrive - ok
00:39:44.0464 2832 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:39:44.0480 2832 bowser - ok
00:39:44.0511 2832 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
00:39:44.0526 2832 BrFiltLo - ok
00:39:44.0542 2832 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
00:39:44.0542 2832 BrFiltUp - ok
00:39:44.0589 2832 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
00:39:44.0589 2832 Browser - ok
00:39:44.0604 2832 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
00:39:44.0620 2832 Brserid - ok
00:39:44.0636 2832 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
00:39:44.0636 2832 BrSerWdm - ok
00:39:44.0667 2832 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
00:39:44.0667 2832 BrUsbMdm - ok
00:39:44.0682 2832 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
00:39:44.0682 2832 BrUsbSer - ok
00:39:44.0729 2832 [ 064FBC56921051DE1075495D628B815F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:39:44.0729 2832 BthEnum - ok
00:39:44.0760 2832 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:39:44.0760 2832 BTHMODEM - ok
00:39:44.0792 2832 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:39:44.0854 2832 BthPan - ok
00:39:44.0870 2832 [ B24757D9154CCA035E1BBD3DB92966D7 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:39:44.0885 2832 BTHPORT - ok
00:39:44.0932 2832 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
00:39:44.0932 2832 BthServ - ok
00:39:44.0948 2832 [ D42CF5F0C7635B3F1578810FE34D9E41 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:39:44.0963 2832 BTHUSB - ok
00:39:44.0979 2832 [ 0CF62C498D60253A4FC3B2AFF0E6373E ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:39:44.0994 2832 btwaudio - ok
00:39:45.0010 2832 [ D094142ADE0DA18463609AE656B1F3ED ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
00:39:45.0010 2832 btwavdt - ok
00:39:45.0072 2832 [ 840439331FF1A72B3A18ED59D27676D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
00:39:45.0135 2832 btwdins - ok
00:39:45.0150 2832 [ 511159FCB07FD7442E7F399C94A3B408 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:39:45.0150 2832 btwrchid - ok
00:39:45.0182 2832 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:39:45.0197 2832 cdfs - ok
00:39:45.0228 2832 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:39:45.0228 2832 cdrom - ok
00:39:45.0291 2832 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
00:39:45.0306 2832 CertPropSvc - ok
00:39:45.0338 2832 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
00:39:45.0338 2832 circlass - ok
00:39:45.0431 2832 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
00:39:45.0478 2832 CLFS - ok
00:39:45.0540 2832 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:39:45.0556 2832 clr_optimization_v2.0.50727_32 - ok
00:39:45.0650 2832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:39:45.0712 2832 clr_optimization_v4.0.30319_32 - ok
00:39:45.0759 2832 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:39:45.0759 2832 CmBatt - ok
00:39:45.0790 2832 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:39:45.0806 2832 cmdide - ok
00:39:45.0837 2832 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:39:45.0837 2832 Compbatt - ok
00:39:45.0852 2832 COMSysApp - ok
00:39:45.0868 2832 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:39:45.0868 2832 crcdisk - ok
00:39:45.0884 2832 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
00:39:45.0884 2832 Crusoe - ok
00:39:45.0930 2832 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:39:45.0946 2832 CryptSvc - ok
00:39:46.0008 2832 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:39:46.0071 2832 DcomLaunch - ok
00:39:46.0086 2832 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:39:46.0102 2832 DfsC - ok
00:39:46.0289 2832 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
00:39:46.0398 2832 DFSR - ok
00:39:46.0492 2832 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
00:39:46.0492 2832 Dhcp - ok
00:39:46.0523 2832 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
00:39:46.0523 2832 disk - ok
00:39:46.0570 2832 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:39:46.0570 2832 Dnscache - ok
00:39:46.0632 2832 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:39:46.0648 2832 dot3svc - ok
00:39:46.0679 2832 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
00:39:46.0695 2832 DPS - ok
00:39:46.0726 2832 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:39:46.0726 2832 drmkaud - ok
00:39:46.0820 2832 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:39:46.0851 2832 DXGKrnl - ok
00:39:46.0882 2832 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
00:39:46.0898 2832 E1G60 - ok
00:39:46.0929 2832 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
00:39:46.0944 2832 EapHost - ok
00:39:46.0991 2832 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
00:39:46.0991 2832 Ecache - ok
00:39:47.0085 2832 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:39:47.0116 2832 ehRecvr - ok
00:39:47.0147 2832 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
00:39:47.0147 2832 ehSched - ok
00:39:47.0163 2832 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
00:39:47.0178 2832 ehstart - ok
00:39:47.0210 2832 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:39:47.0210 2832 elxstor - ok
00:39:47.0334 2832 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
00:39:47.0350 2832 EMDMgmt - ok
00:39:47.0397 2832 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
00:39:47.0412 2832 EventSystem - ok
00:39:47.0444 2832 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
00:39:47.0444 2832 exfat - ok
00:39:47.0475 2832 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:39:47.0490 2832 fastfat - ok
00:39:47.0522 2832 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:39:47.0522 2832 fdc - ok
00:39:47.0553 2832 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
00:39:47.0553 2832 fdPHost - ok
00:39:47.0615 2832 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
00:39:47.0631 2832 FDResPub - ok
00:39:47.0678 2832 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:39:47.0678 2832 FileInfo - ok
00:39:47.0709 2832 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:39:47.0709 2832 Filetrace - ok
00:39:47.0724 2832 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:39:47.0724 2832 flpydisk - ok
00:39:47.0771 2832 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:39:47.0771 2832 FltMgr - ok
00:39:47.0880 2832 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
00:39:48.0021 2832 FontCache - ok
00:39:48.0068 2832 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:39:48.0083 2832 FontCache3.0.0.0 - ok
00:39:48.0130 2832 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:39:48.0161 2832 Fs_Rec - ok
00:39:48.0192 2832 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:39:48.0192 2832 gagp30kx - ok
00:39:48.0239 2832 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
00:39:48.0270 2832 gpsvc - ok
00:39:48.0380 2832 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:39:48.0395 2832 gupdate - ok
00:39:48.0395 2832 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:39:48.0395 2832 gupdatem - ok
00:39:48.0520 2832 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:39:48.0551 2832 HdAudAddService - ok
00:39:48.0614 2832 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:39:48.0645 2832 HDAudBus - ok
00:39:48.0660 2832 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:39:48.0660 2832 HidBth - ok
00:39:48.0692 2832 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
00:39:48.0692 2832 HidIr - ok
00:39:48.0723 2832 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
00:39:48.0723 2832 hidserv - ok
00:39:48.0770 2832 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:39:48.0785 2832 HidUsb - ok
00:39:48.0816 2832 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:39:48.0816 2832 hkmsvc - ok
00:39:48.0832 2832 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
00:39:48.0848 2832 HpCISSs - ok
00:39:48.0910 2832 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:39:48.0941 2832 HTTP - ok
00:39:48.0988 2832 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
00:39:49.0019 2832 i2omp - ok
00:39:49.0082 2832 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:39:49.0082 2832 i8042prt - ok
00:39:49.0113 2832 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
00:39:49.0113 2832 iaStorV - ok
00:39:49.0206 2832 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:39:49.0284 2832 IDriverT - ok
00:39:49.0456 2832 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:39:49.0487 2832 idsvc - ok
00:39:49.0534 2832 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:39:49.0534 2832 iirsp - ok
00:39:49.0581 2832 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
00:39:49.0612 2832 IKEEXT - ok
00:39:49.0752 2832 [ A47B2875680AD67B35C6150BD0203056 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:39:49.0830 2832 IntcAzAudAddService - ok
00:39:49.0846 2832 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
00:39:49.0846 2832 intelide - ok
00:39:49.0877 2832 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:39:49.0877 2832 intelppm - ok
00:39:49.0924 2832 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:39:49.0940 2832 IPBusEnum - ok
00:39:49.0971 2832 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:39:49.0971 2832 IpFilterDriver - ok
00:39:50.0002 2832 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:39:50.0002 2832 iphlpsvc - ok
00:39:50.0018 2832 IpInIp - ok
00:39:50.0064 2832 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
00:39:50.0064 2832 IPMIDRV - ok
00:39:50.0111 2832 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
00:39:50.0111 2832 IPNAT - ok
00:39:50.0142 2832 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:39:50.0158 2832 IRENUM - ok
00:39:50.0189 2832 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:39:50.0205 2832 isapnp - ok
00:39:50.0236 2832 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:39:50.0252 2832 iScsiPrt - ok
00:39:50.0267 2832 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
00:39:50.0267 2832 iteatapi - ok
00:39:50.0283 2832 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
00:39:50.0298 2832 iteraid - ok
00:39:50.0330 2832 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:39:50.0330 2832 kbdclass - ok
00:39:50.0345 2832 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:39:50.0361 2832 kbdhid - ok
00:39:50.0392 2832 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
00:39:50.0392 2832 KeyIso - ok
00:39:50.0439 2832 [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
00:39:50.0454 2832 KMDFMEMIO - ok
00:39:50.0564 2832 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:39:50.0579 2832 KSecDD - ok
00:39:50.0626 2832 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:39:50.0642 2832 KtmRm - ok
00:39:50.0766 2832 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
00:39:50.0782 2832 LanmanServer - ok
00:39:50.0813 2832 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:39:50.0829 2832 LanmanWorkstation - ok
00:39:50.0860 2832 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:39:50.0876 2832 lltdio - ok
00:39:50.0907 2832 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:39:50.0938 2832 lltdsvc - ok
00:39:50.0969 2832 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:39:50.0969 2832 lmhosts - ok
00:39:51.0016 2832 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:39:51.0016 2832 LSI_FC - ok
00:39:51.0063 2832 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:39:51.0063 2832 LSI_SAS - ok
00:39:51.0094 2832 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:39:51.0094 2832 LSI_SCSI - ok
00:39:51.0141 2832 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
00:39:51.0141 2832 luafv - ok
00:39:51.0172 2832 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:39:51.0172 2832 Mcx2Svc - ok
00:39:51.0203 2832 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
00:39:51.0203 2832 megasas - ok
00:39:51.0250 2832 [ 5E5024D9E2351DB2563B30912B4C4146 ] MIINPazX C:\PROGRA~1\COMMON~1\MARMIK~1\MInfraIS\MIINPazX.SYS
00:39:51.0250 2832 MIINPazX - ok
00:39:51.0281 2832 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
00:39:51.0281 2832 MMCSS - ok
00:39:51.0328 2832 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
00:39:51.0344 2832 Modem - ok
00:39:51.0375 2832 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:39:51.0375 2832 monitor - ok
00:39:51.0390 2832 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:39:51.0390 2832 mouclass - ok
00:39:51.0422 2832 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:39:51.0422 2832 mouhid - ok
00:39:51.0453 2832 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
00:39:51.0453 2832 MountMgr - ok
00:39:51.0515 2832 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:39:51.0578 2832 MozillaMaintenance - ok
00:39:51.0624 2832 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
00:39:51.0624 2832 mpio - ok
00:39:51.0671 2832 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:39:51.0671 2832 mpsdrv - ok
00:39:51.0718 2832 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:39:51.0749 2832 MpsSvc - ok
00:39:51.0765 2832 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
00:39:51.0780 2832 Mraid35x - ok
00:39:51.0827 2832 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:39:51.0827 2832 MRxDAV - ok
00:39:51.0890 2832 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:39:51.0968 2832 mrxsmb - ok
00:39:52.0030 2832 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:39:52.0108 2832 mrxsmb10 - ok
00:39:52.0139 2832 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:39:52.0170 2832 mrxsmb20 - ok
00:39:52.0326 2832 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
00:39:52.0342 2832 msahci - ok
00:39:52.0373 2832 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:39:52.0420 2832 msdsm - ok
00:39:52.0467 2832 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
00:39:52.0467 2832 MSDTC - ok
00:39:52.0529 2832 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:39:52.0560 2832 Msfs - ok
00:39:52.0607 2832 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:39:52.0607 2832 msisadrv - ok
00:39:52.0638 2832 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:39:52.0654 2832 MSiSCSI - ok
00:39:52.0654 2832 msiserver - ok
00:39:52.0685 2832 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:39:52.0685 2832 MSKSSRV - ok
00:39:52.0732 2832 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:39:52.0732 2832 MSPCLOCK - ok
00:39:52.0748 2832 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:39:52.0763 2832 MSPQM - ok
00:39:52.0794 2832 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:39:52.0794 2832 MsRPC - ok
00:39:52.0826 2832 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:39:52.0857 2832 mssmbios - ok
00:39:52.0935 2832 MSSQL$MSSMLBIZ - ok
00:39:53.0028 2832 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:39:53.0028 2832 MSSQLServerADHelper - ok
00:39:53.0075 2832 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:39:53.0075 2832 MSTEE - ok
00:39:53.0138 2832 [ 493138C4F4119E938427DA02486F09CB ] MTOnlPktAlyX C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
00:39:53.0153 2832 MTOnlPktAlyX - ok
00:39:53.0169 2832 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
00:39:53.0184 2832 Mup - ok
00:39:53.0216 2832 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
00:39:53.0231 2832 napagent - ok
00:39:53.0278 2832 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:39:53.0278 2832 NativeWifiP - ok
00:39:53.0340 2832 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:39:53.0356 2832 NDIS - ok
00:39:53.0387 2832 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:39:53.0387 2832 NdisTapi - ok
00:39:53.0403 2832 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:39:53.0418 2832 Ndisuio - ok
00:39:53.0450 2832 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:39:53.0450 2832 NdisWan - ok
00:39:53.0496 2832 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:39:53.0496 2832 NDProxy - ok
00:39:53.0512 2832 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:39:53.0512 2832 NetBIOS - ok
00:39:53.0574 2832 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
00:39:53.0606 2832 netbt - ok
00:39:53.0621 2832 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
00:39:53.0637 2832 Netlogon - ok
00:39:53.0668 2832 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
00:39:53.0684 2832 Netman - ok
00:39:53.0730 2832 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
00:39:53.0746 2832 netprofm - ok
00:39:53.0777 2832 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:39:53.0793 2832 NetTcpPortSharing - ok
00:39:53.0996 2832 [ 6E9EDC1020B319E7676387B8CDF2398C ] NETw2v32 C:\Windows\system32\DRIVERS\NETw2v32.sys
00:39:54.0105 2832 NETw2v32 - ok
00:39:54.0136 2832 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:39:54.0136 2832 nfrd960 - ok
00:39:54.0198 2832 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:39:54.0214 2832 NlaSvc - ok
00:39:54.0261 2832 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:39:54.0261 2832 Npfs - ok
00:39:54.0292 2832 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
00:39:54.0292 2832 nsi - ok
00:39:54.0323 2832 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:39:54.0323 2832 nsiproxy - ok
00:39:54.0495 2832 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:39:54.0526 2832 Ntfs - ok
00:39:54.0557 2832 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
00:39:54.0573 2832 ntrigdigi - ok
00:39:54.0604 2832 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
00:39:54.0604 2832 Null - ok
00:39:54.0635 2832 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:39:54.0635 2832 nvraid - ok
00:39:54.0651 2832 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:39:54.0651 2832 nvstor - ok
00:39:54.0666 2832 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:39:54.0682 2832 nv_agp - ok
00:39:54.0682 2832 NwlnkFlt - ok
00:39:54.0698 2832 NwlnkFwd - ok
00:39:54.0978 2832 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:39:54.0994 2832 odserv - ok
00:39:55.0025 2832 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:39:55.0025 2832 ohci1394 - ok
00:39:55.0072 2832 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:39:55.0072 2832 ose - ok
00:39:55.0212 2832 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
00:39:55.0228 2832 p2pimsvc - ok
00:39:55.0244 2832 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
00:39:55.0244 2832 p2psvc - ok
00:39:55.0275 2832 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
00:39:55.0306 2832 Parport - ok
00:39:55.0337 2832 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:39:55.0337 2832 partmgr - ok
00:39:55.0368 2832 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
00:39:55.0368 2832 Parvdm - ok
00:39:55.0400 2832 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
00:39:55.0400 2832 PcaSvc - ok
00:39:55.0431 2832 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
00:39:55.0431 2832 pci - ok
00:39:55.0462 2832 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
00:39:55.0462 2832 pciide - ok
00:39:55.0478 2832 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:39:55.0493 2832 pcmcia - ok
00:39:55.0556 2832 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:39:55.0602 2832 PEAUTH - ok
00:39:55.0930 2832 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
00:39:55.0992 2832 pla - ok
00:39:56.0039 2832 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:39:56.0055 2832 PlugPlay - ok
00:39:56.0102 2832 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
00:39:56.0117 2832 PNRPAutoReg - ok
00:39:56.0148 2832 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
00:39:56.0164 2832 PNRPsvc - ok
00:39:56.0226 2832 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:39:56.0242 2832 PolicyAgent - ok
00:39:56.0289 2832 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:39:56.0304 2832 PptpMiniport - ok
00:39:56.0351 2832 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
00:39:56.0367 2832 Processor - ok
00:39:56.0460 2832 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
00:39:56.0476 2832 ProfSvc - ok
00:39:56.0507 2832 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:39:56.0507 2832 ProtectedStorage - ok
00:39:56.0554 2832 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
00:39:56.0570 2832 PSched - ok
00:39:56.0648 2832 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:39:56.0710 2832 ql2300 - ok
00:39:56.0726 2832 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:39:56.0741 2832 ql40xx - ok
00:39:56.0772 2832 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
00:39:56.0788 2832 QWAVE - ok
00:39:56.0804 2832 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:39:56.0819 2832 QWAVEdrv - ok
00:39:57.0272 2832 [ 1FD94B167A03C4E9909F6E28A6320019 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
00:39:57.0381 2832 R300 - ok
00:39:57.0428 2832 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:39:57.0443 2832 RasAcd - ok
00:39:57.0490 2832 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
00:39:57.0506 2832 RasAuto - ok
00:39:57.0537 2832 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:39:57.0568 2832 Rasl2tp - ok
00:39:57.0615 2832 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
00:39:57.0630 2832 RasMan - ok
00:39:57.0677 2832 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:39:57.0677 2832 RasPppoe - ok
00:39:57.0708 2832 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:39:57.0740 2832 RasSstp - ok
00:39:57.0786 2832 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:39:57.0786 2832 rdbss - ok
00:39:57.0833 2832 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:39:57.0849 2832 RDPCDD - ok
00:39:57.0974 2832 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
00:39:58.0020 2832 rdpdr - ok
00:39:58.0020 2832 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:39:58.0020 2832 RDPENCDD - ok
00:39:58.0098 2832 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:39:58.0114 2832 RDPWD - ok
00:39:58.0161 2832 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:39:58.0161 2832 RemoteAccess - ok
00:39:58.0208 2832 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:39:58.0208 2832 RemoteRegistry - ok
00:39:58.0239 2832 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:39:58.0254 2832 RFCOMM - ok
00:39:58.0395 2832 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:39:58.0426 2832 RichVideo - ok
00:39:58.0488 2832 [ B39F1BD472E4992382875BAF0B645C6D ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
00:39:58.0488 2832 rimmptsk - ok
00:39:58.0520 2832 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
00:39:58.0535 2832 rimsptsk - ok
00:39:58.0551 2832 [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
00:39:58.0551 2832 rismxdp - ok
00:39:58.0598 2832 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
00:39:58.0613 2832 RpcLocator - ok
00:39:58.0644 2832 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
00:39:58.0660 2832 RpcSs - ok
00:39:58.0738 2832 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:39:58.0769 2832 rspndr - ok
00:39:58.0785 2832 [ F7A8C9024E82534CEC50613D87E88645 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
00:39:58.0800 2832 RTL8023xp - ok
00:39:58.0800 2832 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
00:39:58.0816 2832 SamSs - ok
00:39:58.0847 2832 [ 4BFB51CDB25D4D4B9E8FCCAB635F262E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
00:39:58.0863 2832 Samsung Update Plus - ok
00:39:58.0878 2832 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:39:58.0894 2832 sbp2port - ok
00:39:58.0941 2832 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:39:58.0956 2832 SCardSvr - ok
00:39:59.0066 2832 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
00:39:59.0112 2832 Schedule - ok
00:39:59.0144 2832 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:39:59.0144 2832 SCPolicySvc - ok
00:39:59.0253 2832 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
00:39:59.0268 2832 sdbus - ok
00:39:59.0315 2832 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:39:59.0315 2832 SDRSVC - ok
00:39:59.0362 2832 [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus C:\Windows\system32\DRIVERS\SE27bus.sys
00:39:59.0362 2832 SE27bus - ok
00:39:59.0393 2832 [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl C:\Windows\system32\DRIVERS\SE27mdfl.sys
00:39:59.0393 2832 SE27mdfl - ok
00:39:59.0424 2832 [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm C:\Windows\system32\DRIVERS\SE27mdm.sys
00:39:59.0424 2832 SE27mdm - ok
00:39:59.0471 2832 [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt C:\Windows\system32\DRIVERS\SE27mgmt.sys
00:39:59.0471 2832 SE27mgmt - ok
00:39:59.0518 2832 [ BB30139683BBF3EE89EC931393D9335C ] se27nd5 C:\Windows\system32\DRIVERS\se27nd5.sys
00:39:59.0518 2832 se27nd5 - ok
00:39:59.0565 2832 [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex C:\Windows\system32\DRIVERS\SE27obex.sys
00:39:59.0565 2832 SE27obex - ok
00:39:59.0596 2832 [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic C:\Windows\system32\DRIVERS\se27unic.sys
00:39:59.0596 2832 se27unic - ok
00:39:59.0627 2832 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:39:59.0627 2832 secdrv - ok
00:39:59.0674 2832 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
00:39:59.0690 2832 seclogon - ok
00:39:59.0705 2832 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
00:39:59.0721 2832 SENS - ok
00:39:59.0736 2832 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:39:59.0736 2832 Serenum - ok
00:39:59.0768 2832 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
00:39:59.0783 2832 Serial - ok
00:39:59.0783 2832 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:39:59.0783 2832 sermouse - ok
00:39:59.0892 2832 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
00:39:59.0924 2832 SessionEnv - ok
00:39:59.0955 2832 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:39:59.0955 2832 sffdisk - ok
00:39:59.0970 2832 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:39:59.0970 2832 sffp_mmc - ok
00:40:00.0002 2832 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:40:00.0002 2832 sffp_sd - ok
00:40:00.0017 2832 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:40:00.0017 2832 sfloppy - ok
00:40:00.0048 2832 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:40:00.0064 2832 SharedAccess - ok
00:40:00.0095 2832 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:40:00.0111 2832 ShellHWDetection - ok
00:40:00.0126 2832 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:40:00.0158 2832 sisagp - ok
00:40:00.0236 2832 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
00:40:00.0251 2832 SiSRaid2 - ok
00:40:00.0267 2832 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:40:00.0282 2832 SiSRaid4 - ok
00:40:01.0156 2832 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
00:40:01.0281 2832 slsvc - ok
00:40:01.0328 2832 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
00:40:01.0343 2832 SLUINotify - ok
00:40:01.0374 2832 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:40:01.0374 2832 Smb - ok
00:40:01.0421 2832 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:40:01.0437 2832 SNMPTRAP - ok
00:40:01.0468 2832 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
00:40:01.0468 2832 spldr - ok
00:40:01.0515 2832 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
00:40:01.0530 2832 Spooler - ok
00:40:01.0593 2832 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:40:01.0640 2832 SQLBrowser - ok
00:40:01.0671 2832 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:40:01.0671 2832 SQLWriter - ok
00:40:01.0733 2832 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:40:01.0749 2832 srv - ok
00:40:01.0796 2832 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:40:01.0811 2832 srv2 - ok
00:40:01.0827 2832 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:40:01.0827 2832 srvnet - ok
00:40:01.0889 2832 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:40:01.0936 2832 SSDPSRV - ok
00:40:01.0983 2832 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
00:40:01.0983 2832 ssmdrv - ok
00:40:02.0061 2832 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:40:02.0061 2832 SstpSvc - ok
00:40:02.0201 2832 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
00:40:02.0264 2832 stisvc - ok
00:40:02.0295 2832 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:40:02.0295 2832 swenum - ok
00:40:02.0357 2832 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
00:40:02.0404 2832 swprv - ok
00:40:02.0435 2832 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
00:40:02.0451 2832 Symc8xx - ok
00:40:02.0466 2832 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
00:40:02.0466 2832 Sym_hi - ok
00:40:02.0482 2832 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
00:40:02.0482 2832 Sym_u3 - ok
00:40:02.0529 2832 [ C7DD991423D364D06FC2DD1B00B53DCE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:40:02.0529 2832 SynTP - ok
00:40:02.0576 2832 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
00:40:02.0607 2832 SysMain - ok
00:40:02.0638 2832 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:40:02.0654 2832 TabletInputService - ok
00:40:02.0685 2832 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:40:02.0700 2832 TapiSrv - ok
00:40:02.0732 2832 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
00:40:02.0747 2832 TBS - ok
00:40:02.0997 2832 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:40:03.0028 2832 Tcpip - ok
00:40:03.0059 2832 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
00:40:03.0059 2832 Tcpip6 - ok
00:40:03.0090 2832 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:40:03.0106 2832 tcpipreg - ok
00:40:03.0153 2832 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:40:03.0153 2832 TDPIPE - ok
00:40:03.0184 2832 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:40:03.0184 2832 TDTCP - ok
00:40:03.0215 2832 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:40:03.0231 2832 tdx - ok
00:40:03.0246 2832 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:40:03.0246 2832 TermDD - ok
00:40:03.0293 2832 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
00:40:03.0356 2832 TermService - ok
00:40:03.0371 2832 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
00:40:03.0387 2832 Themes - ok
00:40:03.0402 2832 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
00:40:03.0402 2832 THREADORDER - ok
00:40:03.0465 2832 [ 8D69B21C0B71916B2018427A0087755F ] TODslService C:\Program Files\T-Online\DSL-Manager\TODslSvc.exe
00:40:03.0480 2832 TODslService - ok
00:40:03.0512 2832 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
00:40:03.0543 2832 TrkWks - ok
00:40:03.0636 2832 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:40:03.0652 2832 TrustedInstaller - ok
00:40:03.0699 2832 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:40:03.0699 2832 tssecsrv - ok
00:40:03.0746 2832 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
00:40:03.0746 2832 tunmp - ok
00:40:03.0792 2832 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:40:03.0792 2832 tunnel - ok
00:40:03.0824 2832 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:40:03.0839 2832 uagp35 - ok
00:40:03.0855 2832 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:40:03.0870 2832 udfs - ok
00:40:03.0917 2832 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:40:03.0933 2832 UI0Detect - ok
00:40:03.0948 2832 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:40:03.0964 2832 uliagpkx - ok
00:40:03.0995 2832 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
00:40:03.0995 2832 uliahci - ok
00:40:04.0026 2832 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
00:40:04.0026 2832 UlSata - ok
00:40:04.0042 2832 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
00:40:04.0058 2832 ulsata2 - ok
00:40:04.0089 2832 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:40:04.0089 2832 umbus - ok
00:40:04.0151 2832 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
00:40:04.0167 2832 upnphost - ok
00:40:04.0229 2832 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:40:04.0245 2832 usbaudio - ok
00:40:04.0276 2832 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:40:04.0292 2832 usbccgp - ok
00:40:04.0323 2832 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:40:04.0323 2832 usbcir - ok
00:40:04.0370 2832 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:40:04.0370 2832 usbehci - ok
00:40:04.0385 2832 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:40:04.0448 2832 usbhub - ok
00:40:04.0479 2832 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:40:04.0479 2832 usbohci - ok
00:40:04.0494 2832 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:40:04.0510 2832 usbprint - ok
00:40:04.0526 2832 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:40:04.0526 2832 USBSTOR - ok
00:40:04.0541 2832 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:40:04.0541 2832 usbuhci - ok
00:40:04.0619 2832 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:40:04.0650 2832 usbvideo - ok
00:40:04.0682 2832 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
00:40:04.0682 2832 UxSms - ok
00:40:04.0806 2832 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
00:40:04.0838 2832 vds - ok
00:40:04.0884 2832 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:40:04.0916 2832 vga - ok
00:40:04.0962 2832 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
00:40:04.0962 2832 VgaSave - ok
00:40:04.0978 2832 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:40:04.0978 2832 viaagp - ok
00:40:05.0009 2832 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
00:40:05.0009 2832 ViaC7 - ok
00:40:05.0025 2832 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
00:40:05.0025 2832 viaide - ok
00:40:05.0040 2832 VMUVC - ok
00:40:05.0072 2832 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:40:05.0072 2832 volmgr - ok
00:40:05.0118 2832 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:40:05.0150 2832 volmgrx - ok
00:40:05.0165 2832 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:40:05.0181 2832 volsnap - ok
00:40:05.0196 2832 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:40:05.0212 2832 vsmraid - ok
00:40:05.0274 2832 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
00:40:05.0337 2832 VSS - ok
00:40:05.0352 2832 vvftUVC - ok
00:40:05.0462 2832 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
00:40:05.0493 2832 W32Time - ok
00:40:05.0508 2832 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:40:05.0508 2832 WacomPen - ok
00:40:05.0540 2832 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
00:40:05.0540 2832 Wanarp - ok
00:40:05.0555 2832 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:40:05.0555 2832 Wanarpv6 - ok
00:40:05.0711 2832 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:40:05.0758 2832 wcncsvc - ok
00:40:05.0805 2832 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:40:05.0820 2832 WcsPlugInService - ok
00:40:05.0836 2832 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
00:40:05.0852 2832 Wd - ok
00:40:05.0898 2832 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:40:05.0976 2832 Wdf01000 - ok
00:40:06.0008 2832 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:40:06.0023 2832 WdiServiceHost - ok
00:40:06.0039 2832 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:40:06.0039 2832 WdiSystemHost - ok
00:40:06.0148 2832 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
00:40:06.0148 2832 WebClient - ok
00:40:06.0210 2832 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:40:06.0242 2832 Wecsvc - ok
00:40:06.0288 2832 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:40:06.0304 2832 wercplsupport - ok
00:40:06.0351 2832 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
00:40:06.0366 2832 WerSvc - ok
00:40:06.0538 2832 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:40:06.0554 2832 WinDefend - ok
00:40:06.0569 2832 WinHttpAutoProxySvc - ok
00:40:07.0380 2832 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:40:07.0396 2832 Winmgmt - ok
00:40:07.0614 2832 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
00:40:07.0833 2832 WinRM - ok
00:40:08.0004 2832 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:40:08.0051 2832 Wlansvc - ok
00:40:08.0098 2832 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:40:08.0114 2832 WmiAcpi - ok
00:40:08.0176 2832 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:40:08.0207 2832 wmiApSrv - ok
00:40:08.0410 2832 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:40:08.0441 2832 WMPNetworkSvc - ok
00:40:08.0457 2832 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:40:08.0472 2832 WPCSvc - ok
00:40:08.0519 2832 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:40:08.0535 2832 WPDBusEnum - ok
00:40:09.0003 2832 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:40:09.0065 2832 WPFFontCache_v0400 - ok
00:40:09.0112 2832 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:40:09.0112 2832 ws2ifsl - ok
00:40:09.0159 2832 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
00:40:09.0174 2832 wscsvc - ok
00:40:09.0190 2832 WSearch - ok
00:40:09.0486 2832 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
00:40:09.0580 2832 wuauserv - ok
00:40:09.0627 2832 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:40:09.0658 2832 WUDFRd - ok
00:40:09.0689 2832 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:40:09.0705 2832 wudfsvc - ok
00:40:09.0736 2832 ================ Scan global ===============================
00:40:09.0783 2832 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
00:40:09.0908 2832 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:40:09.0970 2832 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:40:10.0032 2832 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
00:40:10.0032 2832 [Global] - ok
00:40:10.0048 2832 ================ Scan MBR ==================================
00:40:10.0064 2832 [ C31400769DEFC61154F08815BCB5E020 ] \Device\Harddisk0\DR0
00:40:13.0308 2832 \Device\Harddisk0\DR0 - ok
00:40:13.0308 2832 ================ Scan VBR ==================================
00:40:13.0340 2832 [ 43CB684343BBAF66E32113F526432CE7 ] \Device\Harddisk0\DR0\Partition1
00:40:13.0355 2832 \Device\Harddisk0\DR0\Partition1 - ok
00:40:13.0386 2832 [ 4B370665E2C95C4660A2748F17AF37CB ] \Device\Harddisk0\DR0\Partition2
00:40:13.0402 2832 \Device\Harddisk0\DR0\Partition2 - ok
00:40:13.0418 2832 ============================================================
00:40:13.0418 2832 Scan finished
00:40:13.0418 2832 ============================================================
00:40:13.0433 3028 Detected object count: 0
00:40:13.0433 3028 Actual detected object count: 0
00:43:41.0506 3392 ============================================================
00:43:41.0506 3392 Scan started
00:43:41.0506 3392 Mode: Manual; SigCheck; TDLFS;
00:43:41.0506 3392 ============================================================
|
|
30.11.2012, 00:54
| #10 |
| | PC hängt immer wieder und stürzt im IE und FF ab... TDSS Killer Teil II Code:
ATTFilter 43:43.0815 3392 ================ Scan system memory ========================
00:43:43.0815 3392 System memory - ok
00:43:43.0815 3392 ================ Scan services =============================
00:43:44.0236 3392 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
00:43:44.0720 3392 ACPI - ok
00:43:44.0985 3392 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:43:45.0016 3392 AdobeARMservice - ok
00:43:45.0079 3392 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:43:45.0110 3392 AdobeFlashPlayerUpdateSvc - ok
00:43:45.0157 3392 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:43:45.0204 3392 adp94xx - ok
00:43:45.0235 3392 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:43:45.0266 3392 adpahci - ok
00:43:45.0282 3392 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
00:43:45.0297 3392 adpu160m - ok
00:43:45.0328 3392 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:43:45.0344 3392 adpu320 - ok
00:43:45.0406 3392 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:43:45.0906 3392 AeLookupSvc - ok
00:43:46.0015 3392 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
00:43:46.0171 3392 AFD - ok
00:43:46.0218 3392 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
00:43:46.0264 3392 AgereModemAudio - ok
00:43:46.0732 3392 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
00:43:46.0888 3392 AgereSoftModem - ok
00:43:46.0904 3392 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:43:46.0935 3392 agp440 - ok
00:43:46.0966 3392 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
00:43:46.0998 3392 aic78xx - ok
00:43:47.0044 3392 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
00:43:47.0216 3392 ALG - ok
00:43:47.0247 3392 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
00:43:47.0278 3392 aliide - ok
00:43:47.0310 3392 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:43:47.0356 3392 amdagp - ok
00:43:47.0372 3392 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
00:43:47.0388 3392 amdide - ok
00:43:47.0403 3392 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
00:43:47.0653 3392 AmdK7 - ok
00:43:47.0762 3392 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:43:47.0934 3392 AmdK8 - ok
00:43:48.0027 3392 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
00:43:48.0105 3392 Appinfo - ok
00:43:48.0121 3392 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
00:43:48.0136 3392 arc - ok
00:43:48.0183 3392 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:43:48.0199 3392 arcsas - ok
00:43:48.0246 3392 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
00:43:48.0292 3392 aswFsBlk - ok
00:43:48.0339 3392 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:43:48.0370 3392 aswMonFlt - ok
00:43:48.0402 3392 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
00:43:48.0417 3392 AswRdr - ok
00:43:48.0511 3392 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:43:48.0667 3392 aswSnx - ok
00:43:48.0792 3392 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:43:48.0870 3392 aswSP - ok
00:43:48.0963 3392 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:43:48.0979 3392 aswTdi - ok
00:43:49.0026 3392 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:43:49.0072 3392 AsyncMac - ok
00:43:49.0104 3392 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
00:43:49.0119 3392 atapi - ok
00:43:49.0275 3392 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
00:43:49.0478 3392 athr - ok
00:43:49.0634 3392 [ D1F2726E89D4BD96F8314B9E303E633D ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
00:43:49.0899 3392 Ati External Event Utility - ok
00:43:49.0962 3392 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:43:49.0993 3392 AudioEndpointBuilder - ok
00:43:50.0040 3392 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:43:50.0086 3392 Audiosrv - ok
00:43:50.0601 3392 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:43:50.0617 3392 avast! Antivirus - ok
00:43:50.0773 3392 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
00:43:50.0804 3392 BcmSqlStartupSvc - ok
00:43:50.0866 3392 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
00:43:51.0022 3392 Beep - ok
00:43:51.0085 3392 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
00:43:51.0132 3392 BFE - ok
00:43:51.0210 3392 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
00:43:51.0397 3392 BITS - ok
00:43:51.0412 3392 blbdrive - ok
00:43:51.0506 3392 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:43:51.0568 3392 bowser - ok
00:43:51.0615 3392 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
00:43:51.0662 3392 BrFiltLo - ok
00:43:51.0678 3392 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
00:43:51.0724 3392 BrFiltUp - ok
00:43:51.0771 3392 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
00:43:51.0865 3392 Browser - ok
00:43:51.0896 3392 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
00:43:51.0974 3392 Brserid - ok
00:43:52.0005 3392 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
00:43:52.0099 3392 BrSerWdm - ok
00:43:52.0177 3392 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
00:43:52.0286 3392 BrUsbMdm - ok
00:43:52.0348 3392 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
00:43:52.0458 3392 BrUsbSer - ok
00:43:52.0520 3392 [ 064FBC56921051DE1075495D628B815F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:43:52.0738 3392 BthEnum - ok
00:43:52.0770 3392 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:43:52.0848 3392 BTHMODEM - ok
00:43:52.0894 3392 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:43:52.0972 3392 BthPan - ok
00:43:53.0050 3392 [ B24757D9154CCA035E1BBD3DB92966D7 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:43:53.0097 3392 BTHPORT - ok
00:43:53.0144 3392 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
00:43:53.0206 3392 BthServ - ok
00:43:53.0222 3392 [ D42CF5F0C7635B3F1578810FE34D9E41 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:43:53.0269 3392 BTHUSB - ok
00:43:53.0378 3392 [ 0CF62C498D60253A4FC3B2AFF0E6373E ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:43:53.0409 3392 btwaudio - ok
00:43:53.0440 3392 [ D094142ADE0DA18463609AE656B1F3ED ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
00:43:53.0456 3392 btwavdt - ok
00:43:53.0659 3392 [ 840439331FF1A72B3A18ED59D27676D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
00:43:53.0768 3392 btwdins - ok
00:43:53.0815 3392 [ 511159FCB07FD7442E7F399C94A3B408 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:43:53.0830 3392 btwrchid - ok
00:43:53.0862 3392 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:43:53.0908 3392 cdfs - ok
00:43:53.0971 3392 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:43:54.0033 3392 cdrom - ok
00:43:54.0080 3392 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
00:43:54.0127 3392 CertPropSvc - ok
00:43:54.0189 3392 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
00:43:54.0283 3392 circlass - ok
00:43:54.0361 3392 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
00:43:54.0392 3392 CLFS - ok
00:43:54.0673 3392 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:43:54.0688 3392 clr_optimization_v2.0.50727_32 - ok
00:43:55.0422 3392 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:43:55.0515 3392 clr_optimization_v4.0.30319_32 - ok
00:43:55.0593 3392 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:43:55.0640 3392 CmBatt - ok
00:43:55.0671 3392 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:43:55.0702 3392 cmdide - ok
00:43:55.0734 3392 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:43:55.0765 3392 Compbatt - ok
00:43:55.0780 3392 COMSysApp - ok
00:43:55.0812 3392 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:43:55.0843 3392 crcdisk - ok
00:43:55.0874 3392 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
00:43:55.0968 3392 Crusoe - ok
00:43:56.0014 3392 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:43:56.0092 3392 CryptSvc - ok
00:43:56.0436 3392 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:43:56.0638 3392 DcomLaunch - ok
00:43:56.0670 3392 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:43:56.0732 3392 DfsC - ok
00:43:57.0637 3392 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
00:43:57.0918 3392 DFSR - ok
00:43:57.0980 3392 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
00:43:58.0027 3392 Dhcp - ok
00:43:58.0074 3392 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
00:43:58.0089 3392 disk - ok
00:43:58.0152 3392 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:43:58.0214 3392 Dnscache - ok
00:43:58.0245 3392 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:43:58.0292 3392 dot3svc - ok
00:43:58.0354 3392 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
00:43:58.0448 3392 DPS - ok
00:43:58.0510 3392 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:43:58.0604 3392 drmkaud - ok
00:43:58.0698 3392 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:43:58.0744 3392 DXGKrnl - ok
00:43:58.0807 3392 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
00:43:58.0885 3392 E1G60 - ok
00:43:58.0963 3392 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
00:43:58.0994 3392 EapHost - ok
00:43:59.0056 3392 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
00:43:59.0088 3392 Ecache - ok
00:43:59.0244 3392 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:43:59.0353 3392 ehRecvr - ok
00:43:59.0400 3392 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
00:43:59.0493 3392 ehSched - ok
00:43:59.0524 3392 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
00:43:59.0571 3392 ehstart - ok
00:43:59.0618 3392 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:43:59.0649 3392 elxstor - ok
00:43:59.0821 3392 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
00:43:59.0946 3392 EMDMgmt - ok
00:44:00.0024 3392 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
00:44:00.0070 3392 EventSystem - ok
00:44:00.0117 3392 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
00:44:00.0195 3392 exfat - ok
00:44:00.0258 3392 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:44:00.0304 3392 fastfat - ok
00:44:00.0351 3392 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:44:00.0445 3392 fdc - ok
00:44:00.0507 3392 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
00:44:00.0538 3392 fdPHost - ok
00:44:00.0585 3392 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
00:44:00.0694 3392 FDResPub - ok
00:44:00.0772 3392 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:44:00.0788 3392 FileInfo - ok
00:44:00.0819 3392 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:44:00.0866 3392 Filetrace - ok
00:44:00.0913 3392 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:44:00.0991 3392 flpydisk - ok
00:44:01.0053 3392 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:44:01.0084 3392 FltMgr - ok
00:44:01.0256 3392 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
00:44:01.0428 3392 FontCache - ok
00:44:01.0646 3392 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:44:01.0662 3392 FontCache3.0.0.0 - ok
00:44:01.0693 3392 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:44:01.0740 3392 Fs_Rec - ok
00:44:01.0786 3392 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:44:01.0818 3392 gagp30kx - ok
00:44:01.0974 3392 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
00:44:02.0083 3392 gpsvc - ok
00:44:02.0208 3392 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:44:02.0239 3392 gupdate - ok
00:44:02.0254 3392 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:44:02.0270 3392 gupdatem - ok
00:44:02.0410 3392 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:44:02.0535 3392 HdAudAddService - ok
00:44:02.0629 3392 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:44:02.0769 3392 HDAudBus - ok
00:44:02.0800 3392 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:44:02.0878 3392 HidBth - ok
00:44:02.0941 3392 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
00:44:03.0050 3392 HidIr - ok
00:44:03.0144 3392 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
00:44:03.0206 3392 hidserv - ok
00:44:03.0253 3392 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:44:03.0315 3392 HidUsb - ok
00:44:03.0378 3392 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:44:03.0424 3392 hkmsvc - ok
00:44:03.0487 3392 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
00:44:03.0518 3392 HpCISSs - ok
00:44:03.0627 3392 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:44:03.0721 3392 HTTP - ok
00:44:03.0736 3392 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
00:44:03.0752 3392 i2omp - ok
00:44:03.0799 3392 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:44:03.0846 3392 i8042prt - ok
00:44:03.0970 3392 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
00:44:04.0017 3392 iaStorV - ok
00:44:04.0173 3392 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:44:04.0204 3392 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:44:04.0204 3392 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:44:04.0485 3392 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:44:04.0610 3392 idsvc - ok
00:44:04.0704 3392 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:44:04.0719 3392 iirsp - ok
00:44:04.0766 3392 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
00:44:04.0906 3392 IKEEXT - ok
00:44:05.0265 3392 [ A47B2875680AD67B35C6150BD0203056 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:44:05.0530 3392 IntcAzAudAddService - ok
00:44:05.0546 3392 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
00:44:05.0577 3392 intelide - ok
00:44:05.0624 3392 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:44:05.0718 3392 intelppm - ok
00:44:05.0827 3392 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:44:05.0905 3392 IPBusEnum - ok
00:44:05.0967 3392 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:44:06.0030 3392 IpFilterDriver - ok
00:44:06.0123 3392 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:44:06.0201 3392 iphlpsvc - ok
00:44:06.0217 3392 IpInIp - ok
00:44:06.0264 3392 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
00:44:06.0357 3392 IPMIDRV - ok
00:44:06.0420 3392 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
00:44:06.0544 3392 IPNAT - ok
00:44:06.0591 3392 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:44:06.0669 3392 IRENUM - ok
00:44:06.0732 3392 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:44:06.0763 3392 isapnp - ok
00:44:06.0888 3392 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:44:06.0903 3392 iScsiPrt - ok
00:44:06.0981 3392 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
00:44:07.0028 3392 iteatapi - ok
00:44:07.0059 3392 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
00:44:07.0122 3392 iteraid - ok
00:44:07.0153 3392 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:44:07.0200 3392 kbdclass - ok
00:44:07.0231 3392 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:44:07.0293 3392 kbdhid - ok
00:44:07.0371 3392 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
00:44:07.0480 3392 KeyIso - ok
00:44:07.0543 3392 [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
00:44:07.0621 3392 KMDFMEMIO - ok
00:44:07.0699 3392 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:44:07.0730 3392 KSecDD - ok
00:44:07.0824 3392 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:44:07.0933 3392 KtmRm - ok
00:44:07.0980 3392 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
00:44:08.0058 3392 LanmanServer - ok
00:44:08.0120 3392 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:44:08.0245 3392 LanmanWorkstation - ok
00:44:08.0292 3392 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:44:08.0370 3392 lltdio - ok
00:44:08.0479 3392 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:44:08.0572 3392 lltdsvc - ok
00:44:08.0604 3392 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:44:08.0713 3392 lmhosts - ok
00:44:08.0822 3392 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:44:08.0916 3392 LSI_FC - ok
00:44:08.0947 3392 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:44:08.0994 3392 LSI_SAS - ok
00:44:09.0040 3392 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:44:09.0056 3392 LSI_SCSI - ok
00:44:09.0087 3392 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
00:44:09.0134 3392 luafv - ok
00:44:09.0212 3392 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:44:09.0274 3392 Mcx2Svc - ok
00:44:09.0306 3392 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
00:44:09.0321 3392 megasas - ok
00:44:09.0384 3392 [ 5E5024D9E2351DB2563B30912B4C4146 ] MIINPazX C:\PROGRA~1\COMMON~1\MARMIK~1\MInfraIS\MIINPazX.SYS
00:44:09.0399 3392 MIINPazX ( UnsignedFile.Multi.Generic ) - warning
00:44:09.0399 3392 MIINPazX - detected UnsignedFile.Multi.Generic (1)
00:44:09.0446 3392 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
00:44:09.0493 3392 MMCSS - ok
00:44:09.0602 3392 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
00:44:09.0680 3392 Modem - ok
00:44:09.0727 3392 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:44:09.0789 3392 monitor - ok
00:44:09.0820 3392 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:44:09.0852 3392 mouclass - ok
00:44:09.0883 3392 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:44:09.0961 3392 mouhid - ok
00:44:10.0054 3392 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
00:44:10.0101 3392 MountMgr - ok
00:44:10.0164 3392 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:44:10.0179 3392 MozillaMaintenance - ok
00:44:10.0242 3392 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
00:44:10.0273 3392 mpio - ok
00:44:10.0320 3392 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:44:10.0382 3392 mpsdrv - ok
00:44:10.0522 3392 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:44:10.0616 3392 MpsSvc - ok
00:44:10.0647 3392 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
00:44:10.0678 3392 Mraid35x - ok
00:44:10.0725 3392 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:44:10.0788 3392 MRxDAV - ok
00:44:10.0819 3392 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:44:10.0897 3392 mrxsmb - ok
00:44:10.0975 3392 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:44:11.0037 3392 mrxsmb10 - ok
00:44:11.0053 3392 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:44:11.0100 3392 mrxsmb20 - ok
00:44:11.0146 3392 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
00:44:11.0162 3392 msahci - ok
00:44:11.0193 3392 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:44:11.0224 3392 msdsm - ok
00:44:11.0271 3392 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
00:44:11.0349 3392 MSDTC - ok
00:44:11.0536 3392 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:44:11.0630 3392 Msfs - ok
00:44:11.0677 3392 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:44:11.0692 3392 msisadrv - ok
00:44:11.0724 3392 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:44:11.0786 3392 MSiSCSI - ok
00:44:11.0802 3392 msiserver - ok
00:44:11.0895 3392 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:44:11.0973 3392 MSKSSRV - ok
00:44:12.0020 3392 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:44:12.0082 3392 MSPCLOCK - ok
00:44:12.0129 3392 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:44:12.0176 3392 MSPQM - ok
00:44:12.0207 3392 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:44:12.0238 3392 MsRPC - ok
00:44:12.0332 3392 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:44:12.0363 3392 mssmbios - ok
00:44:12.0535 3392 MSSQL$MSSMLBIZ - ok
00:44:12.0597 3392 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:44:12.0628 3392 MSSQLServerADHelper - ok
00:44:12.0706 3392 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:44:12.0769 3392 MSTEE - ok
00:44:13.0034 3392 [ 493138C4F4119E938427DA02486F09CB ] MTOnlPktAlyX C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
00:44:13.0065 3392 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - warning
00:44:13.0065 3392 MTOnlPktAlyX - detected UnsignedFile.Multi.Generic (1)
00:44:13.0112 3392 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
00:44:13.0128 3392 Mup - ok
00:44:13.0284 3392 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
00:44:13.0377 3392 napagent - ok
00:44:13.0752 3392 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:44:13.0830 3392 NativeWifiP - ok
00:44:13.0892 3392 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:44:13.0954 3392 NDIS - ok
00:44:13.0986 3392 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:44:14.0032 3392 NdisTapi - ok
00:44:14.0095 3392 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:44:14.0126 3392 Ndisuio - ok
00:44:14.0173 3392 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:44:14.0220 3392 NdisWan - ok
00:44:14.0266 3392 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:44:14.0313 3392 NDProxy - ok
00:44:14.0344 3392 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:44:14.0438 3392 NetBIOS - ok
00:44:14.0500 3392 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
00:44:14.0594 3392 netbt - ok
00:44:14.0625 3392 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
00:44:14.0641 3392 Netlogon - ok
00:44:14.0750 3392 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
00:44:14.0812 3392 Netman - ok
00:44:14.0906 3392 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
00:44:14.0984 3392 netprofm - ok
00:44:15.0046 3392 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:44:15.0078 3392 NetTcpPortSharing - ok
00:44:15.0795 3392 [ 6E9EDC1020B319E7676387B8CDF2398C ] NETw2v32 C:\Windows\system32\DRIVERS\NETw2v32.sys
00:44:16.0092 3392 NETw2v32 - ok
00:44:16.0123 3392 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:44:16.0170 3392 nfrd960 - ok
00:44:16.0216 3392 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:44:16.0279 3392 NlaSvc - ok
00:44:16.0326 3392 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:44:16.0450 3392 Npfs - ok
00:44:16.0482 3392 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
00:44:16.0575 3392 nsi - ok
00:44:16.0638 3392 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:44:16.0716 3392 nsiproxy - ok
00:44:17.0043 3392 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:44:17.0168 3392 Ntfs - ok
00:44:17.0230 3392 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
00:44:17.0293 3392 ntrigdigi - ok
00:44:17.0371 3392 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
00:44:17.0464 3392 Null - ok
00:44:17.0511 3392 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:44:17.0527 3392 nvraid - ok
00:44:17.0558 3392 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:44:17.0574 3392 nvstor - ok
00:44:17.0605 3392 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:44:17.0620 3392 nv_agp - ok
00:44:17.0636 3392 NwlnkFlt - ok
00:44:17.0652 3392 NwlnkFwd - ok
00:44:17.0886 3392 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:44:17.0932 3392 odserv - ok
00:44:17.0979 3392 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:44:18.0073 3392 ohci1394 - ok
00:44:18.0198 3392 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:44:18.0244 3392 ose - ok
00:44:18.0307 3392 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
00:44:18.0447 3392 p2pimsvc - ok
00:44:18.0494 3392 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
00:44:18.0541 3392 p2psvc - ok
00:44:18.0603 3392 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
00:44:18.0666 3392 Parport - ok
00:44:18.0728 3392 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:44:18.0775 3392 partmgr - ok
00:44:18.0790 3392 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
00:44:18.0853 3392 Parvdm - ok
00:44:18.0900 3392 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
00:44:18.0978 3392 PcaSvc - ok
00:44:19.0009 3392 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
00:44:19.0024 3392 pci - ok
00:44:19.0056 3392 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
00:44:19.0102 3392 pciide - ok
00:44:19.0149 3392 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:44:19.0180 3392 pcmcia - ok
00:44:19.0243 3392 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:44:19.0368 3392 PEAUTH - ok
00:44:19.0680 3392 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
00:44:19.0851 3392 pla - ok
00:44:19.0898 3392 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:44:19.0945 3392 PlugPlay - ok
00:44:19.0992 3392 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
00:44:20.0038 3392 PNRPAutoReg - ok
00:44:20.0116 3392 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
00:44:20.0163 3392 PNRPsvc - ok
00:44:20.0210 3392 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:44:20.0272 3392 PolicyAgent - ok
00:44:20.0319 3392 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:44:20.0397 3392 PptpMiniport - ok
00:44:20.0444 3392 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
00:44:20.0522 3392 Processor - ok
00:44:20.0600 3392 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
00:44:20.0647 3392 ProfSvc - ok
00:44:20.0662 3392 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:44:20.0678 3392 ProtectedStorage - ok
00:44:20.0740 3392 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
00:44:20.0787 3392 PSched - ok
00:44:20.0865 3392 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:44:20.0990 3392 ql2300 - ok
00:44:21.0021 3392 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:44:21.0052 3392 ql40xx - ok
00:44:21.0084 3392 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
00:44:21.0130 3392 QWAVE - ok
00:44:21.0177 3392 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:44:21.0193 3392 QWAVEdrv - ok
00:44:21.0692 3392 [ 1FD94B167A03C4E9909F6E28A6320019 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
00:44:21.0895 3392 R300 - ok
00:44:21.0942 3392 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:44:21.0988 3392 RasAcd - ok
00:44:22.0051 3392 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
00:44:22.0098 3392 RasAuto - ok
00:44:22.0176 3392 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:44:22.0269 3392 Rasl2tp - ok
00:44:22.0300 3392 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
00:44:22.0347 3392 RasMan - ok
00:44:22.0363 3392 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:44:22.0394 3392 RasPppoe - ok
00:44:22.0441 3392 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:44:22.0472 3392 RasSstp - ok
00:44:22.0628 3392 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:44:22.0706 3392 rdbss - ok
00:44:22.0800 3392 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:44:22.0893 3392 RDPCDD - ok
00:44:22.0971 3392 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
00:44:23.0065 3392 rdpdr - ok
00:44:23.0080 3392 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:44:23.0174 3392 RDPENCDD - ok
00:44:23.0236 3392 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:44:23.0330 3392 RDPWD - ok
00:44:23.0361 3392 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:44:23.0439 3392 RemoteAccess - ok
00:44:23.0486 3392 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:44:23.0533 3392 RemoteRegistry - ok
00:44:23.0580 3392 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:44:23.0689 3392 RFCOMM - ok
00:44:23.0938 3392 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:44:23.0970 3392 RichVideo ( UnsignedFile.Multi.Generic ) - warning
00:44:23.0970 3392 RichVideo - detected UnsignedFile.Multi.Generic (1)
00:44:24.0016 3392 [ B39F1BD472E4992382875BAF0B645C6D ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
00:44:24.0048 3392 rimmptsk - ok
00:44:24.0094 3392 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
00:44:24.0141 3392 rimsptsk - ok
00:44:24.0172 3392 [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
00:44:24.0219 3392 rismxdp - ok
00:44:24.0250 3392 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
00:44:24.0328 3392 RpcLocator - ok
00:44:24.0360 3392 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
00:44:24.0453 3392 RpcSs - ok
00:44:24.0562 3392 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:44:24.0609 3392 rspndr - ok
00:44:24.0640 3392 [ F7A8C9024E82534CEC50613D87E88645 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
00:44:24.0718 3392 RTL8023xp - ok
00:44:24.0750 3392 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
00:44:24.0765 3392 SamSs - ok
00:44:24.0843 3392 [ 4BFB51CDB25D4D4B9E8FCCAB635F262E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
00:44:24.0859 3392 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
00:44:24.0859 3392 Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
00:44:24.0890 3392 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:44:24.0906 3392 sbp2port - ok
00:44:24.0952 3392 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:44:25.0030 3392 SCardSvr - ok
00:44:25.0296 3392 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
00:44:25.0452 3392 Schedule - ok
00:44:25.0483 3392 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:44:25.0514 3392 SCPolicySvc - ok
00:44:25.0576 3392 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
00:44:25.0670 3392 sdbus - ok
00:44:25.0701 3392 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:44:25.0795 3392 SDRSVC - ok
00:44:25.0842 3392 [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus C:\Windows\system32\DRIVERS\SE27bus.sys
00:44:25.0857 3392 SE27bus ( UnsignedFile.Multi.Generic ) - warning
00:44:25.0857 3392 SE27bus - detected UnsignedFile.Multi.Generic (1)
00:44:25.0888 3392 [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl C:\Windows\system32\DRIVERS\SE27mdfl.sys
00:44:25.0935 3392 SE27mdfl ( UnsignedFile.Multi.Generic ) - warning
00:44:25.0935 3392 SE27mdfl - detected UnsignedFile.Multi.Generic (1)
00:44:25.0966 3392 [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm C:\Windows\system32\DRIVERS\SE27mdm.sys
00:44:25.0998 3392 SE27mdm ( UnsignedFile.Multi.Generic ) - warning
00:44:25.0998 3392 SE27mdm - detected UnsignedFile.Multi.Generic (1)
00:44:26.0044 3392 [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt C:\Windows\system32\DRIVERS\SE27mgmt.sys
00:44:26.0044 3392 SE27mgmt ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0044 3392 SE27mgmt - detected UnsignedFile.Multi.Generic (1)
00:44:26.0076 3392 [ BB30139683BBF3EE89EC931393D9335C ] se27nd5 C:\Windows\system32\DRIVERS\se27nd5.sys
00:44:26.0107 3392 se27nd5 ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0107 3392 se27nd5 - detected UnsignedFile.Multi.Generic (1)
00:44:26.0154 3392 [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex C:\Windows\system32\DRIVERS\SE27obex.sys
00:44:26.0185 3392 SE27obex ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0185 3392 SE27obex - detected UnsignedFile.Multi.Generic (1)
00:44:26.0263 3392 [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic C:\Windows\system32\DRIVERS\se27unic.sys
00:44:26.0278 3392 se27unic ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0278 3392 se27unic - detected UnsignedFile.Multi.Generic (1)
00:44:26.0325 3392 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:44:26.0403 3392 secdrv - ok
00:44:26.0466 3392 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
00:44:26.0512 3392 seclogon - ok
00:44:26.0559 3392 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
00:44:26.0622 3392 SENS - ok
00:44:26.0653 3392 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:44:26.0731 3392 Serenum - ok
00:44:26.0762 3392 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
00:44:26.0856 3392 Serial - ok
00:44:26.0902 3392 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:44:26.0965 3392 sermouse - ok
00:44:27.0090 3392 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
00:44:27.0168 3392 SessionEnv - ok
00:44:27.0214 3392 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:44:27.0308 3392 sffdisk - ok
00:44:27.0339 3392 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:44:27.0433 3392 sffp_mmc - ok
00:44:27.0480 3392 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:44:27.0558 3392 sffp_sd - ok
00:44:27.0573 3392 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:44:27.0682 3392 sfloppy - ok
00:44:27.0776 3392 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:44:27.0854 3392 SharedAccess - ok
00:44:27.0948 3392 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:44:28.0119 3392 ShellHWDetection - ok
00:44:28.0166 3392 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:44:28.0182 3392 sisagp - ok
00:44:28.0213 3392 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
00:44:28.0244 3392 SiSRaid2 - ok
00:44:28.0291 3392 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:44:28.0338 3392 SiSRaid4 - ok
00:44:29.0040 3392 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
00:44:29.0414 3392 slsvc - ok
00:44:29.0445 3392 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
00:44:29.0492 3392 SLUINotify - ok
00:44:29.0523 3392 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:44:29.0554 3392 Smb - ok
00:44:29.0632 3392 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:44:29.0664 3392 SNMPTRAP - ok
00:44:29.0695 3392 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
00:44:29.0710 3392 spldr - ok
00:44:29.0773 3392 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
00:44:29.0835 3392 Spooler - ok
00:44:29.0898 3392 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:44:29.0929 3392 SQLBrowser - ok
00:44:29.0991 3392 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:44:30.0022 3392 SQLWriter - ok
00:44:30.0085 3392 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:44:30.0178 3392 srv - ok
00:44:30.0225 3392 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:44:30.0303 3392 srv2 - ok
00:44:30.0319 3392 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:44:30.0350 3392 srvnet - ok
00:44:30.0397 3392 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:44:30.0459 3392 SSDPSRV - ok
00:44:30.0490 3392 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
00:44:30.0537 3392 ssmdrv - ok
00:44:30.0600 3392 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:44:30.0615 3392 SstpSvc - ok
00:44:30.0678 3392 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
00:44:30.0740 3392 stisvc - ok
00:44:30.0771 3392 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:44:30.0802 3392 swenum - ok
00:44:30.0849 3392 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
00:44:30.0896 3392 swprv - ok
00:44:30.0958 3392 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
00:44:31.0005 3392 Symc8xx - ok
00:44:31.0036 3392 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
00:44:31.0068 3392 Sym_hi - ok
00:44:31.0083 3392 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
00:44:31.0099 3392 Sym_u3 - ok
00:44:31.0130 3392 [ C7DD991423D364D06FC2DD1B00B53DCE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:44:31.0161 3392 SynTP - ok
00:44:31.0270 3392 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
00:44:31.0348 3392 SysMain - ok
00:44:31.0395 3392 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:44:31.0458 3392 TabletInputService - ok
00:44:31.0520 3392 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:44:31.0582 3392 TapiSrv - ok
00:44:31.0645 3392 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
00:44:31.0707 3392 TBS - ok
00:44:31.0816 3392 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:44:31.0910 3392 Tcpip - ok
00:44:32.0113 3392 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
00:44:32.0191 3392 Tcpip6 - ok
00:44:32.0362 3392 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:44:32.0440 3392 tcpipreg - ok
00:44:32.0581 3392 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:44:32.0628 3392 TDPIPE - ok
00:44:32.0846 3392 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:44:32.0893 3392 TDTCP - ok
00:44:33.0064 3392 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:44:33.0111 3392 tdx - ok
00:44:33.0298 3392 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:44:33.0330 3392 TermDD - ok
00:44:33.0720 3392 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
00:44:33.0813 3392 TermService - ok
00:44:33.0844 3392 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
00:44:33.0876 3392 Themes - ok
00:44:33.0907 3392 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
00:44:33.0938 3392 THREADORDER - ok
00:44:34.0000 3392 [ 8D69B21C0B71916B2018427A0087755F ] TODslService C:\Program Files\T-Online\DSL-Manager\TODslSvc.exe
00:44:34.0016 3392 TODslService ( UnsignedFile.Multi.Generic ) - warning
00:44:34.0016 3392 TODslService - detected UnsignedFile.Multi.Generic (1)
00:44:34.0063 3392 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
00:44:34.0125 3392 TrkWks - ok
00:44:34.0312 3392 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:44:34.0375 3392 TrustedInstaller - ok
00:44:34.0531 3392 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:44:34.0578 3392 tssecsrv - ok
00:44:34.0640 3392 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
00:44:34.0687 3392 tunmp - ok
00:44:34.0718 3392 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:44:34.0734 3392 tunnel - ok
00:44:34.0827 3392 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:44:34.0858 3392 uagp35 - ok
00:44:34.0905 3392 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:44:34.0936 3392 udfs - ok
00:44:35.0030 3392 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:44:35.0077 3392 UI0Detect - ok
00:44:35.0108 3392 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:44:35.0124 3392 uliagpkx - ok
00:44:35.0186 3392 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
00:44:35.0217 3392 uliahci - ok
00:44:35.0264 3392 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
00:44:35.0280 3392 UlSata - ok
00:44:35.0342 3392 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
00:44:35.0358 3392 ulsata2 - ok
00:44:35.0404 3392 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:44:35.0467 3392 umbus - ok
00:44:35.0545 3392 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
00:44:35.0607 3392 upnphost - ok
00:44:35.0654 3392 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:44:35.0685 3392 usbaudio - ok
00:44:35.0763 3392 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:44:35.0841 3392 usbccgp - ok
00:44:35.0888 3392 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:44:35.0966 3392 usbcir - ok
00:44:36.0013 3392 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:44:36.0044 3392 usbehci - ok
00:44:36.0075 3392 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:44:36.0153 3392 usbhub - ok
00:44:36.0184 3392 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:44:36.0231 3392 usbohci - ok
00:44:36.0262 3392 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:44:36.0325 3392 usbprint - ok
00:44:36.0372 3392 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:44:36.0387 3392 USBSTOR - ok
00:44:36.0434 3392 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:44:36.0496 3392 usbuhci - ok
00:44:36.0637 3392 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:44:36.0699 3392 usbvideo - ok
00:44:36.0777 3392 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
00:44:36.0808 3392 UxSms - ok
00:44:36.0871 3392 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
00:44:36.0918 3392 vds - ok
00:44:36.0996 3392 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:44:37.0089 3392 vga - ok
00:44:37.0167 3392 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
00:44:37.0214 3392 VgaSave - ok
00:44:37.0245 3392 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:44:37.0261 3392 viaagp - ok
00:44:37.0292 3392 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
00:44:37.0354 3392 ViaC7 - ok
00:44:37.0386 3392 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
00:44:37.0401 3392 viaide - ok
00:44:37.0417 3392 VMUVC - ok
00:44:37.0448 3392 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:44:37.0479 3392 volmgr - ok
00:44:37.0526 3392 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:44:37.0573 3392 volmgrx - ok
00:44:37.0604 3392 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:44:37.0635 3392 volsnap - ok
00:44:37.0682 3392 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:44:37.0698 3392 vsmraid - ok
00:44:38.0010 3392 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
00:44:38.0134 3392 VSS - ok
00:44:38.0150 3392 vvftUVC - ok
00:44:38.0212 3392 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
00:44:38.0306 3392 W32Time - ok
00:44:38.0337 3392 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:44:38.0415 3392 WacomPen - ok
00:44:38.0509 3392 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
00:44:38.0618 3392 Wanarp - ok
00:44:38.0649 3392 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:44:38.0680 3392 Wanarpv6 - ok
00:44:38.0758 3392 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:44:38.0899 3392 wcncsvc - ok
00:44:38.0930 3392 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:44:38.0992 3392 WcsPlugInService - ok
00:44:39.0070 3392 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
00:44:39.0086 3392 Wd - ok
00:44:39.0460 3392 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:44:39.0523 3392 Wdf01000 - ok
00:44:39.0570 3392 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:44:39.0648 3392 WdiServiceHost - ok
00:44:39.0679 3392 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:44:39.0710 3392 WdiSystemHost - ok
00:44:39.0897 3392 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
00:44:39.0944 3392 WebClient - ok
00:44:39.0991 3392 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:44:40.0100 3392 Wecsvc - ok
00:44:40.0131 3392 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:44:40.0162 3392 wercplsupport - ok
00:44:40.0209 3392 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
00:44:40.0272 3392 WerSvc - ok
00:44:40.0537 3392 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:44:40.0646 3392 WinDefend - ok
00:44:40.0662 3392 WinHttpAutoProxySvc - ok
00:44:40.0849 3392 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:44:40.0911 3392 Winmgmt - ok
00:44:41.0208 3392 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
00:44:41.0301 3392 WinRM - ok
00:44:41.0379 3392 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:44:41.0504 3392 Wlansvc - ok
00:44:41.0566 3392 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:44:41.0644 3392 WmiAcpi - ok
00:44:41.0832 3392 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:44:41.0925 3392 wmiApSrv - ok
00:44:42.0300 3392 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:44:42.0409 3392 WMPNetworkSvc - ok
00:44:42.0456 3392 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:44:42.0518 3392 WPCSvc - ok
00:44:42.0580 3392 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:44:42.0643 3392 WPDBusEnum - ok
00:44:43.0033 3392 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:44:43.0111 3392 WPFFontCache_v0400 - ok
00:44:43.0158 3392 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:44:43.0189 3392 ws2ifsl - ok
00:44:43.0236 3392 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
00:44:43.0267 3392 wscsvc - ok
00:44:43.0282 3392 WSearch - ok
00:44:43.0719 3392 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
00:44:43.0906 3392 wuauserv - ok
00:44:43.0969 3392 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:44:44.0000 3392 WUDFRd - ok
00:44:44.0047 3392 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:44:44.0094 3392 wudfsvc - ok
00:44:44.0156 3392 ================ Scan global ===============================
00:44:44.0203 3392 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
00:44:44.0250 3392 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:44:44.0296 3392 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:44:44.0359 3392 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
00:44:44.0421 3392 [Global] - ok
00:44:44.0421 3392 ================ Scan MBR ==================================
00:44:44.0452 3392 [ C31400769DEFC61154F08815BCB5E020 ] \Device\Harddisk0\DR0
00:44:50.0427 3392 \Device\Harddisk0\DR0 - ok
00:44:50.0427 3392 ================ Scan VBR ==================================
00:44:50.0505 3392 [ 43CB684343BBAF66E32113F526432CE7 ] \Device\Harddisk0\DR0\Partition1
00:44:50.0536 3392 \Device\Harddisk0\DR0\Partition1 - ok
00:44:50.0599 3392 [ 4B370665E2C95C4660A2748F17AF37CB ] \Device\Harddisk0\DR0\Partition2
00:44:50.0724 3392 \Device\Harddisk0\DR0\Partition2 - ok
00:44:50.0724 3392 ============================================================
00:44:50.0724 3392 Scan finished
00:44:50.0724 3392 ============================================================
00:44:50.0739 2840 Detected object count: 13
00:44:50.0739 2840 Actual detected object count: 13
00:45:11.0347 2840 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0347 2840 MIINPazX ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840 MIINPazX ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0347 2840 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0347 2840 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0347 2840 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0362 2840 SE27bus ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840 SE27bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0362 2840 SE27mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840 SE27mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0362 2840 SE27mdm ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840 SE27mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0362 2840 SE27mgmt ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840 SE27mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0362 2840 se27nd5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840 se27nd5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0362 2840 SE27obex ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840 SE27obex ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0378 2840 se27unic ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0378 2840 se27unic ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:11.0378 2840 TODslService ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0378 2840 TODslService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.11.2012, 09:54
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt immer wieder und stürzt im IE und FF ab... adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.11.2012, 13:51
| #12 |
| | PC hängt immer wieder und stürzt im IE und FF ab...Code:
ATTFilter # AdwCleaner v2.010 - Datei am 30/11/2012 um 13:49:32 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Christa - CHRISTA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Christa\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://email.t-online.de/kc/index.php?ctl=message_list&p[folder]=INBOX
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\prefs.js
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", false);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.21+07.01.24-toolbar003iad-DE-QmVybGluLEdlcm1hbnk%3D");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "d2495548-819f-4567-b8ae-547884619b73");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1313762418750");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Berlin,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "3");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.version", "5.12.2.17486");
*************************
AdwCleaner[R1].txt - [2858 octets] - [30/11/2012 13:49:32]
########## EOF - C:\AdwCleaner[R1].txt - [2918 octets] ##########
|
|
30.11.2012, 14:00
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt immer wieder und stürzt im IE und FF ab... adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.11.2012, 20:17
| #14 |
| | PC hängt immer wieder und stürzt im IE und FF ab...Code:
ATTFilter # AdwCleaner v2.010 - Datei am 30/11/2012 um 14:27:51 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Christa - CHRISTA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Christa\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://email.t-online.de/kc/index.php?ctl=message_list&p[folder]=INBOX --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\prefs.js
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.cbid", "JM");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.crumb", "2011.07.21+07.01.24-toolbar003iad-DE-QmVybGluLEdlcm1hbnk%3D");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gelöscht : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "d2495548-819f-4567-b8ae-547884619b73");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1313762418750");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.location", "Berlin,Germany");
Gelöscht : user_pref("extensions.asktb.notification-shown", true);
Gelöscht : user_pref("extensions.asktb.o", "100000080");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "3");
Gelöscht : user_pref("extensions.asktb.sa", "NO");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.version", "5.12.2.17486");
*************************
AdwCleaner[R1].txt - [2987 octets] - [30/11/2012 13:49:32]
AdwCleaner[S1].txt - [2956 octets] - [30/11/2012 14:27:51]
########## EOF - C:\AdwCleaner[S1].txt - [3016 octets] ##########
Code:
ATTFilter OTL logfile created on: 30.11.2012 14:53:59 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christa\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 765,45 Mb Total Physical Memory | 125,75 Mb Available Physical Memory | 16,43% Memory free 1,76 Gb Paging File | 0,71 Gb Available in Paging File | 40,60% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 50,79 Gb Total Space | 11,57 Gb Free Space | 22,78% Space Free | Partition Type: NTFS Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Christa\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.) PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics) PRC - C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe () PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe () MOD - C:\Windows\System32\spacklsp.dll () MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\Windows\System32\btwhidcs.dll () MOD - C:\Programme\Samsung\EBM\ChkSec.dll () MOD - C:\Programme\Samsung\Easy Display Manager\WinMove.dll () MOD - C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll () MOD - C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll () MOD - C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (Samsung Update Plus) -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe () SRV - (TODslService) -- C:\Programme\T-Online\DSL-Manager\TODslSvc.exe (T-Systems International GmbH) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Driver Services (SafeList) ========== DRV - (vvftUVC) -- system32\drivers\vvftUVC.sys File not found DRV - (VMUVC) -- System32\Drivers\VMUVC.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.) DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (NETw2v32) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation) DRV - (MIINPazX) -- C:\Programme\Common Files\Marmiko Shared\MInfraIS\MIINPazx.sys (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (se27unic) -- C:\Windows\System32\drivers\se27unic.sys (MCCI) DRV - (SE27obex) -- C:\Windows\System32\drivers\SE27obex.sys (MCCI) DRV - (se27nd5) -- C:\Windows\System32\drivers\se27nd5.sys (MCCI) DRV - (SE27mgmt) -- C:\Windows\System32\drivers\SE27mgmt.sys (MCCI) DRV - (SE27mdm) -- C:\Windows\System32\drivers\SE27mdm.sys (MCCI) DRV - (SE27mdfl) -- C:\Windows\System32\drivers\SE27mdfl.sys (MCCI) DRV - (SE27bus) -- C:\Windows\System32\drivers\SE27bus.sys (MCCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{CA680281-B784-4FE0-8DC8-8E5256EC23AF}: "URL" = hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_de&p={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms} IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://email.t-online.de/index.php?ctl=write_email" FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474 FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.16 18:31:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.10 17:50:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.09 16:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Extensions [2012.10.23 17:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions [2010.09.12 16:27:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.25 17:08:00 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf} [2012.11.10 17:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.11.16 18:31:22 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012.11.10 17:50:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.22 17:08:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.15 16:44:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.22 17:08:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.22 17:08:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.22 17:08:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.22 17:08:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found. O3 - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\.DEFAULT..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com) O4 - HKU\S-1-5-18..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com) O4 - HKU\S-1-5-19..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003..\Run: [] File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (T-Systems International GmbH) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (T-Systems International GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\spacklsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\spacklsp.dll () O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{082264E5-35B3-4F48-B8BF-CEB85C74F920}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C73B4F7C-7AA5-4121-87EF-C68A412D2C29}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.11.27 19:59:05 | 000,100,864 | ---- | C] (GMER) -- C:\kgliafod.sys [2012.11.16 19:29:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.11.16 19:28:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.11.16 19:28:58 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.11.16 19:28:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.11.16 19:28:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.11.16 19:28:51 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.11.16 19:28:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.11.16 19:28:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.11.16 18:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.11.16 18:32:59 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Local\Google [2012.11.16 18:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012.11.16 18:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.11.16 18:32:49 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.11.16 18:32:49 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.11.16 18:32:44 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012.11.16 18:32:43 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.11.16 18:32:39 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.11.16 18:32:34 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.11.16 18:30:58 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.11.16 18:30:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012.11.16 18:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.11.16 18:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.11.16 18:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.11.16 17:30:49 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Roaming\Malwarebytes [2012.11.16 17:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.11.16 17:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.11.16 17:29:08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.11.16 17:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.11.16 17:09:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2012.11.16 17:00:20 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.11.10 17:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.30 15:09:48 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.30 14:46:27 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.30 14:44:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.30 14:41:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.30 14:41:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.30 14:41:24 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012.11.30 14:41:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.30 14:39:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.11.30 14:05:07 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.11.30 00:27:03 | 162,904,183 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.11.27 19:59:05 | 000,100,864 | ---- | M] (GMER) -- C:\kgliafod.sys [2012.11.27 19:03:41 | 000,000,000 | ---- | M] () -- C:\Users\Christa\defogger_reenable [2012.11.17 18:09:04 | 000,696,598 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.17 18:09:04 | 000,651,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.17 18:09:04 | 000,155,074 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.17 18:09:04 | 000,126,162 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.11.16 20:09:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.11.16 18:32:50 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.11.16 18:32:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.11.16 18:17:18 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.11.16 17:15:01 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2012.11.16 17:13:38 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.11.16 17:13:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.30 00:27:03 | 162,904,183 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.11.27 19:03:41 | 000,000,000 | ---- | C] () -- C:\Users\Christa\defogger_reenable [2012.11.16 18:37:02 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.11.16 18:33:19 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.16 18:33:16 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.16 18:32:50 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.11.16 18:17:18 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.11.16 18:17:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.09.16 16:10:14 | 000,000,903 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.15.rtf [2011.08.23 15:46:20 | 000,001,152 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.14.rtf [2011.02.25 18:03:31 | 000,000,888 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.13.rtf [2010.11.27 18:29:59 | 000,000,723 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.12.rtf [2010.11.01 17:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Christa\AppData\Local\d3d9caps.dat [2010.10.13 17:09:52 | 000,000,881 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.11.rtf [2010.09.14 16:27:53 | 000,000,694 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.10.rtf [2010.08.06 16:33:52 | 000,000,760 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.9.rtf [2010.07.05 11:40:53 | 000,000,611 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr 6.rtf [2010.06.11 16:14:32 | 000,001,036 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.8.rtf [2010.05.21 17:27:42 | 000,000,877 | ---- | C] () -- C:\Users\Christa\Tagebuch.rtf [2010.05.07 16:56:28 | 000,000,964 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.7.rtf [2010.03.21 17:08:06 | 000,031,007 | ---- | C] () -- C:\Users\Christa\AppData\Roaming\UserTile.png [2009.05.10 15:04:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.12.27 11:35:42 | 000,710,144 | -HS- | C] () -- C:\Users\Christa\ehthumbs_vista.db [2007.10.31 15:59:18 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.10.22 14:36:12 | 000,022,528 | ---- | C] () -- C:\Users\Christa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.09.03 11:17:02 | 000,000,095 | ---- | C] () -- C:\Users\Christa\AppData\Local\fusioncache.dat ========== ZeroAccess Check ========== [2010.01.05 12:55:24 | 000,005,044 | ---- | M] () -- C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}\skin\L.png [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 885 bytes -> C:\Users\Christa\Documents\Tagebuch Nr.16.eml:OECustomProperty < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.11.2012 14:53:59 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
765,45 Mb Total Physical Memory | 125,75 Mb Available Physical Memory | 16,43% Memory free
1,76 Gb Paging File | 0,71 Gb Available in Paging File | 40,60% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 11,57 Gb Free Space | 22,78% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1688565363-3877067027-1528832066-1003]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{164A68E2-493F-4308-8F08-84491949D2D9}" = lport=445 | protocol=6 | dir=in | app=system |
"{17835511-E8D2-44D6-84F1-05C1D94ED9F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2110C180-636A-49A8-999D-C0590C71D248}" = lport=138 | protocol=17 | dir=in | app=system |
"{241F1282-FE85-44AC-A1CD-282C6713809D}" = lport=137 | protocol=17 | dir=in | app=system |
"{3F4109A9-E99E-4973-B8F9-629006779EC6}" = rport=137 | protocol=17 | dir=out | app=system |
"{77427A9D-75D5-4F52-9915-0F34512C3D80}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{909E4A5F-8BFB-4F1E-A7DA-D4A312C0F63B}" = lport=139 | protocol=6 | dir=in | app=system |
"{9744DDFE-C742-44D0-868F-904DE91E9AB7}" = rport=445 | protocol=6 | dir=out | app=system |
"{E41F1530-EAC7-4BDE-97BF-DF27D6975E27}" = rport=139 | protocol=6 | dir=out | app=system |
"{F7A20E7E-0676-4624-A195-0F214C16F85F}" = rport=138 | protocol=17 | dir=out | app=system |
"{FF95205D-CDB6-4187-AAF8-94DBD2A3871F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0861DEE8-1E70-4298-98BD-72DA8E267D93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4067263A-C653-4772-B88E-3C915E97E74B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AA77BCD3-8FBC-40C5-9C20-316F0FC60701}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BDE9E5E8-72E8-4791-B0CE-D4DB68E48381}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0212BFBB-50BA-C4FA-D700-DFBB40A9F1AF}" = Catalyst Control Center Localization Arabic
"{0219FD21-8B2E-240B-3D35-997EE0E3F81B}" = Catalyst Control Center Localization Arabic
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047ACAF8-7642-4940-8EC6-4694E0E60B40}" = CCC Help French
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F42C96-A96C-F579-B0FA-F44BBA118C51}" = ccc-core-static
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0BB96994-EA3F-D659-6A3B-D2D73FEBD8E4}" = ccc-utility
"{0C1D06CD-D5D1-A718-5C8F-27D089C5C39C}" = Catalyst Control Center Localization Finnish
"{0DF36AB1-1B4C-CAEC-A23E-EFA25738B60A}" = CCC Help Greek
"{110D7DC8-9237-47D3-AB39-50651A10304C}" = SamsungScreensaver
"{12080F61-1225-BCDE-EFE2-3452E826D9AD}" = Catalyst Control Center Graphics Light
"{143539DF-6F6E-9E25-3EDF-0906C7F533B7}" = CCC Help Korean
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution II
"{148806DB-3E2E-4A2E-D7F8-223EFA43C350}" = Catalyst Control Center Graphics Full New
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20CD8D4B-74ED-BED9-805C-6F4FBE6B4F01}" = ccc-localization-da
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31ACBC65-C234-BD71-3FCE-520EC0138635}" = CCC Help Norwegian
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"{3AB54293-0366-7D73-D97E-3DB689A72E4A}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DC4A72C-B683-5733-8A2C-136FBB5619D6}" = Catalyst Control Center Localization German
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{47EDD638-F882-A248-FBA5-B0CCBB9175D8}" = CCC Help Spanish
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D6125BF-2586-9175-24FE-854DD6F6F08F}" = CCC Help Hungarian
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52FE8F38-057E-26C5-DF29-935DE6E218E0}" = Catalyst Control Center Localization Japanese
"{5579A7B8-F48A-C2F5-75D0-F67CDFD68461}" = Catalyst Control Center Core Implementation
"{5A4BB8B6-8BE7-A8AF-528C-55A50DD18497}" = Catalyst Control Center Localization Arabic
"{5AA05616-21D6-63D5-CA68-73200B161599}" = CCC Help Czech
"{5E99C53A-D37E-CEA5-0398-329F15494618}" = Catalyst Control Center Graphics Full Existing
"{64536DB8-3247-4489-6BC3-BCD0DCC74810}" = Catalyst Control Center Localization Spanish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6BD4EDE4-053E-FC85-AFC2-58306952BDBD}" = Catalyst Control Center Localization French
"{6F6D2DE6-44FA-EAF4-0028-7FAE37A76B4C}" = CCC Help Turkish
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78E2F10D-4A74-A354-3D41-CF439A501AE5}" = CCC Help Italian
"{8448A09D-0E2A-4EFA-6A16-AFA374AE088F}" = Catalyst Control Center Graphics Previews Vista
"{87858FF1-3D1C-301A-0C62-62F977659969}" = Catalyst Control Center Localization Italian
"{8799B11A-0E01-1729-B527-802A3513BEE7}" = CCC Help Polish
"{8A51FE4C-7DC6-8C9B-67D7-8536B7413BFE}" = Catalyst Control Center Localization Korean
"{8A92CE03-CEEB-145D-1F8D-FBC0DDE0CDEF}" = CCC Help Finnish
"{8ED71B2B-8228-EFF8-B566-890D771A6A98}" = CCC Help Swedish
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903194A5-E1E4-E56B-8B3C-C52664CD6A65}" = CCC Help Japanese
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = T-Online DSL-Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{95CCAA64-028C-FF26-B553-3401EA3B137B}" = CCC Help Chinese Standard
"{98C0E007-7225-550C-BD4D-16A53171FA5B}" = CCC Help Chinese Traditional
"{99825ADC-3BAC-40C6-3FA1-A80496C5FE4D}" = CCC Help German
"{99FBF341-96A4-6E6B-F098-F5318F74FD8B}" = Catalyst Control Center Localization Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AEE384F-4CEB-9FD4-0ECA-5A2A5FF3FC65}" = Catalyst Control Center Localization Arabic
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A703E5-975D-8426-B654-A3C86EEA771F}" = Catalyst Control Center Localization Greek
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3400
"{A2E2B102-C07F-2D6A-F826-FBE911583029}" = Catalyst Control Center Localization Arabic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB8465B2-8971-83AA-72AC-08C870CAB14B}" = CCC Help English
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B57D54D5-BE8F-152A-3DDA-2CCC34916ABB}" = Catalyst Control Center Localization Czech
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C2F84222-A797-3ADB-F73F-F9FEA356365E}" = Catalyst Control Center Localization Chinese Standard
"{C5DC24CC-98D8-3714-20DE-F3154692CAC1}" = CCC Help Portuguese
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D6339BC5-BD2E-580C-0A9E-EF09B768C891}" = CCC Help Thai
"{DDFA8768-E4A8-4EFA-637B-DF23DC3EFD04}" = Catalyst Control Center Localization Chinese Traditional
"{DF1F4246-C7DF-7C15-6BBD-211E768EB715}" = Catalyst Control Center Localization Arabic
"{E481BC06-6BBB-093B-728A-C8EEB98E1E47}" = Catalyst Control Center Localization Arabic
"{E5BED6AE-BEF7-8504-38DB-F881A526F5C2}" = Skins
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC69E8A3-A20F-E735-968A-CE6D4E1FA857}" = CCC Help Russian
"{ED8EACD0-3B35-AA21-DA10-6372AB6D19CA}" = CCC Help Dutch
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF602681-E2E7-9FFF-9752-3B0F8E7D38F1}" = Catalyst Control Center Localization Arabic
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Uninstaller" = ATI Uninstaller
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Google Chrome" = Google Chrome
"InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"SynTPDeinstKey" = Synaptics Pointing Device Driver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.11.2012 13:42:29 | Computer Name = Christa-PC | Source = EventSystem | ID = 4621
Description =
Error - 27.11.2012 15:01:46 | Computer Name = Christa-PC | Source = Perflib | ID = 1010
Description =
[ System Events ]
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.11.2012 13:04:18 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:02:07 unerwartet heruntergefahren.
Error - 25.11.2012 13:25:55 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:23:09 unerwartet heruntergefahren.
Error - 25.11.2012 13:42:27 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description =
Error - 27.11.2012 12:43:44 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description =
Error - 27.11.2012 14:39:27 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description =
Error - 29.11.2012 15:32:14 | Computer Name = Christa-PC | Source = bowser | ID = 8003
Description =
Error - 29.11.2012 19:27:12 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 30.11.2012 um 00:25:32 unerwartet heruntergefahren.
Error - 30.11.2012 08:45:56 | Computer Name = Christa-PC | Source = bowser | ID = 8003
Description =
< End of report >
|
|
30.11.2012, 21:40
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt immer wieder und stürzt im IE und FF ab... Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PC hängt immer wieder und stürzt im IE und FF ab... |
| antivirus, autorun, avira, bho, defender, desktop, error, firefox, flash player, format, home, hängt, install.exe, logfile, microsoft office 2003, mozilla, office 2007, realtek, registry, rundll, scan, security, server, software, virus, vista, wlan |
Linear-Darstellung
