| |
| |||||||
Log-Analyse und Auswertung: Firefox hat hohe CPU-AuslastungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.02.2013, 02:00
| #1 |
 |  Firefox hat hohe CPU-Auslastung Hallo Community, ich habe das Problem, dass Firefox oft eine sehr hohe CPU-Auslastung verursacht, auch dann, wenn ich ihn nur minimiert habe und gerade etwas anderes mache. Wenn ich dann im Taskmanager die CPU-Auslastung der einzelnen Prozesse anzeigen lasse, ist es zuerst wie beschrieben bei Firefox sehr hoch sinkt dann aber plötzlich wieder! Also wenn ich den Taskmanager aufrufe sinkt die CPU plötzlich, minimiere ich den Taskmanger wieder, steigt die CPU-Auslastung durch Firefox wieder. Das finde ich sehr merkwürdig!:/ Ich hatte auch schonmal vor nen halben Jahr sonen GVU-Virus drauf, dann hatte ich einfach ne Systemwiederherstellung gemacht und dann war das wieder weg. Ich frag mich jetzt natürlich, ob ich irgendwas schädliches auf dem Rechner hab, wäre nett wenn ihr mir helfen könnt!  Mit freundlichen Grüßen Anhang 49745 Anhang 49746 Anhang 49747 |
|
04.02.2013, 11:18
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox hat hohe CPU-Auslastung Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
04.02.2013, 13:04
| #3 |
| | Firefox hat hohe CPU-Auslastung Nein, weitere Logs habe ich leider nicht.
__________________Ich weiß nicht, ob es relevant ist, aber vor einen halben Jahr hatte ich vom Studentenwerk mal eine Email bekommen: "Auf dem System scheint eine Bot-Software betrieben zu werden, die versucht, einen HTTP- oder IRC-basierten Bot-Netz Control-Server zu erreichen." Darauf hin habe ich dann nen Virenscan gemacht und auch 3 was gelöscht. Leider weiß ich aber nicht mehr was das war... Erwähnen wollte ich es trotzdem. Mit freundlichen Grüßen |
|
04.02.2013, 13:16
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox hat hohe CPU-Auslastung Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.02.2013, 14:20
| #5 |
| | Firefox hat hohe CPU-Auslastung Also beim ersten Scan kom folgendes raus: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org
Database version: v2013.02.04.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [administrator]
04.02.2013 13:42:24
mbar-log-2013-02-04 (13-42-24).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28407
Time elapsed: 12 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
c:\Users\***\Desktop\Desktop\aglotze3\flv.exe (Riskware.NetTool) -> Delete on reboot.
c:\Users\***\Desktop\Desktop\w810i modding\SETool2 Lite v1.11\setool2lt.exe (Malware.Packer.T) -> Delete on reboot.
c:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Delete on reboot.
(end)
Und was das 3. ist, habe ich keine Ahnung.. |
|
04.02.2013, 14:47
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox hat hohe CPU-Auslastung 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> Firefox hat hohe CPU-Auslastung |
|
04.02.2013, 15:25
| #7 |
| | Firefox hat hohe CPU-Auslastung Beim 1. Mal ist das Programm abgestürzt, daher habe ich dann wie beschrieben "AV scan" auf none gestellt! Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-04 15:12:02
-----------------------------
15:12:02.526 OS Version: Windows 6.1.7601 Service Pack 1
15:12:02.526 Number of processors: 1 586 0x170A
15:12:02.526 ComputerName: ***-PC UserName: ***
15:12:03.105 Initialize success
15:12:03.202 AVAST engine defs: 13020201
15:12:14.506 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:12:14.506 Disk 0 Vendor: WDC_WD1600BEVT-22ZCT0 11.01A11 Size: 152627MB BusType: 11
15:12:14.560 Disk 0 MBR read successfully
15:12:14.570 Disk 0 MBR scan
15:12:14.570 Disk 0 unknown MBR code
15:12:14.630 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:12:14.640 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 66787 MB offset 206848
15:12:14.670 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 52625 MB offset 204802048
15:12:14.670 Disk 0 Partition - 00 05 Extended 33112 MB offset 136988670
15:12:14.700 Disk 0 Partition 4 00 83 Linux 30111 MB offset 136988672
15:12:14.700 Disk 0 Partition - 00 05 Extended 3001 MB offset 198656000
15:12:14.760 Disk 0 scanning sectors +312578048
15:12:14.830 Disk 0 scanning C:\Windows\system32\drivers
15:12:30.165 Service scanning
15:12:57.578 Modules scanning
15:13:06.701 Disk 0 trace - called modules:
15:13:06.735 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys dxgkrnl.sys igdkmd32.sys dxgmms1.sys
15:13:06.742 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8651b7c8]
15:13:06.743 3 CLASSPNP.SYS[8ba8259e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8605f340]
15:13:06.753 Scan finished successfully
15:13:23.204 Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
15:13:23.211 The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
Code:
ATTFilter 15:17:03.0785 2568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:17:03.0863 2568 ============================================================
15:17:03.0863 2568 Current date / time: 2013/02/04 15:17:03.0863
15:17:03.0863 2568 SystemInfo:
15:17:03.0863 2568
15:17:03.0863 2568 OS Version: 6.1.7601 ServicePack: 1.0
15:17:03.0863 2568 Product type: Workstation
15:17:03.0863 2568 ComputerName: ***-PC
15:17:03.0863 2568 UserName: ***
15:17:03.0863 2568 Windows directory: C:\Windows
15:17:03.0863 2568 System windows directory: C:\Windows
15:17:03.0863 2568 Processor architecture: Intel x86
15:17:03.0863 2568 Number of processors: 1
15:17:03.0863 2568 Page size: 0x1000
15:17:03.0863 2568 Boot type: Normal boot
15:17:03.0863 2568 ============================================================
15:17:05.0610 2568 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:17:05.0610 2568 ============================================================
15:17:05.0610 2568 \Device\Harddisk0\DR0:
15:17:05.0610 2568 MBR partitions:
15:17:05.0610 2568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:17:05.0610 2568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8271EF7
15:17:05.0610 2568 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x66C8800
15:17:05.0642 2568 ============================================================
15:17:05.0688 2568 C: <-> \Device\Harddisk0\DR0\Partition3
15:17:05.0704 2568 D: <-> \Device\Harddisk0\DR0\Partition2
15:17:05.0704 2568 ============================================================
15:17:05.0704 2568 Initialize success
15:17:05.0704 2568 ============================================================
15:17:33.0222 2256 ============================================================
15:17:33.0222 2256 Scan started
15:17:33.0222 2256 Mode: Manual; SigCheck; TDLFS;
15:17:33.0222 2256 ============================================================
15:17:33.0706 2256 ================ Scan services =============================
15:17:33.0940 2256 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:17:34.0049 2256 1394ohci - ok
15:17:34.0112 2256 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:17:34.0143 2256 ACPI - ok
15:17:34.0205 2256 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:17:34.0252 2256 AcpiPmi - ok
15:17:34.0361 2256 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:17:34.0377 2256 AdobeFlashPlayerUpdateSvc - ok
15:17:34.0439 2256 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:17:34.0455 2256 adp94xx - ok
15:17:34.0486 2256 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:17:34.0517 2256 adpahci - ok
15:17:34.0533 2256 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:17:34.0548 2256 adpu320 - ok
15:17:34.0580 2256 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:17:34.0751 2256 AeLookupSvc - ok
15:17:34.0814 2256 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:17:34.0876 2256 AFD - ok
15:17:34.0923 2256 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:17:34.0938 2256 agp440 - ok
15:17:34.0985 2256 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:17:35.0001 2256 aic78xx - ok
15:17:35.0063 2256 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:17:35.0126 2256 ALG - ok
15:17:35.0188 2256 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:17:35.0188 2256 aliide - ok
15:17:35.0235 2256 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:17:35.0250 2256 amdagp - ok
15:17:35.0266 2256 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:17:35.0282 2256 amdide - ok
15:17:35.0328 2256 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:17:35.0375 2256 AmdK8 - ok
15:17:35.0406 2256 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:17:35.0438 2256 AmdPPM - ok
15:17:35.0484 2256 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:17:35.0484 2256 amdsata - ok
15:17:35.0531 2256 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:17:35.0547 2256 amdsbs - ok
15:17:35.0578 2256 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:17:35.0594 2256 amdxata - ok
15:17:35.0687 2256 [ FB20F6220BCBBD6A4F870D4BF83BC12B ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
15:17:35.0703 2256 AnyDVD - ok
15:17:35.0765 2256 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:17:35.0796 2256 AppID - ok
15:17:35.0828 2256 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:17:35.0890 2256 AppIDSvc - ok
15:17:35.0952 2256 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:17:35.0999 2256 Appinfo - ok
15:17:36.0046 2256 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:17:36.0093 2256 AppMgmt - ok
15:17:36.0155 2256 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:17:36.0171 2256 arc - ok
15:17:36.0202 2256 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:17:36.0218 2256 arcsas - ok
15:17:36.0358 2256 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:17:36.0374 2256 aspnet_state - ok
15:17:36.0467 2256 ASSMEAEJI - ok
15:17:36.0514 2256 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:17:36.0530 2256 aswFsBlk - ok
15:17:36.0608 2256 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
15:17:36.0623 2256 aswKbd - ok
15:17:36.0654 2256 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:17:36.0670 2256 aswMonFlt - ok
15:17:36.0701 2256 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:17:36.0701 2256 aswRdr - ok
15:17:36.0779 2256 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:17:36.0826 2256 aswSnx - ok
15:17:36.0857 2256 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:17:36.0873 2256 aswSP - ok
15:17:36.0888 2256 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:17:36.0904 2256 aswTdi - ok
15:17:36.0920 2256 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:17:36.0966 2256 AsyncMac - ok
15:17:37.0013 2256 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:17:37.0029 2256 atapi - ok
15:17:37.0122 2256 [ EE8EAF7C9C6243DE18ABC559C69BE8E9 ] athr C:\Windows\system32\DRIVERS\athr.sys
15:17:37.0263 2256 athr - ok
15:17:37.0341 2256 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:17:37.0388 2256 AudioEndpointBuilder - ok
15:17:37.0403 2256 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:17:37.0450 2256 Audiosrv - ok
15:17:37.0512 2256 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:17:37.0528 2256 avast! Antivirus - ok
15:17:37.0559 2256 avast! Firewall - ok
15:17:37.0622 2256 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:17:37.0684 2256 AxInstSV - ok
15:17:37.0746 2256 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:17:37.0793 2256 b06bdrv - ok
15:17:37.0824 2256 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:17:37.0871 2256 b57nd60x - ok
15:17:37.0918 2256 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:17:37.0965 2256 BDESVC - ok
15:17:37.0980 2256 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:17:38.0012 2256 Beep - ok
15:17:38.0074 2256 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:17:38.0121 2256 BFE - ok
15:17:38.0183 2256 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:17:38.0246 2256 BITS - ok
15:17:38.0261 2256 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:17:38.0308 2256 blbdrive - ok
15:17:38.0355 2256 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:17:38.0370 2256 bowser - ok
15:17:38.0402 2256 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:17:38.0464 2256 BrFiltLo - ok
15:17:38.0480 2256 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:17:38.0526 2256 BrFiltUp - ok
15:17:38.0558 2256 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:17:38.0604 2256 Browser - ok
15:17:38.0651 2256 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:17:38.0682 2256 Brserid - ok
15:17:38.0714 2256 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:17:38.0745 2256 BrSerWdm - ok
15:17:38.0760 2256 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:17:38.0776 2256 BrUsbMdm - ok
15:17:38.0792 2256 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:17:38.0823 2256 BrUsbSer - ok
15:17:38.0854 2256 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:17:38.0885 2256 BTHMODEM - ok
15:17:38.0916 2256 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:17:38.0963 2256 bthserv - ok
15:17:38.0994 2256 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:17:39.0026 2256 cdfs - ok
15:17:39.0088 2256 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:17:39.0166 2256 cdrom - ok
15:17:39.0228 2256 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:17:39.0275 2256 CertPropSvc - ok
15:17:39.0306 2256 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:17:39.0322 2256 circlass - ok
15:17:39.0369 2256 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:17:39.0384 2256 CLFS - ok
15:17:39.0759 2256 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:17:39.0774 2256 clr_optimization_v2.0.50727_32 - ok
15:17:39.0821 2256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:17:39.0837 2256 clr_optimization_v4.0.30319_32 - ok
15:17:39.0852 2256 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:17:39.0868 2256 CmBatt - ok
15:17:39.0899 2256 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:17:39.0915 2256 cmdide - ok
15:17:39.0946 2256 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
15:17:39.0977 2256 CNG - ok
15:17:40.0024 2256 [ 4EB6222BE3C3C8071F4A9CA076241D1D ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
15:17:40.0040 2256 cnnctfy2 - ok
15:17:40.0071 2256 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:17:40.0086 2256 Compbatt - ok
15:17:40.0149 2256 [ 9704B9C442E3EF2989746D08F80A3743 ] CompFilter C:\Windows\system32\DRIVERS\lvbusflt.sys
15:17:40.0164 2256 CompFilter - ok
15:17:40.0242 2256 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:17:40.0274 2256 CompositeBus - ok
15:17:40.0305 2256 COMSysApp - ok
15:17:40.0398 2256 [ B522559ED52A1A8AC28A5100166F1AEC ] Connectify C:\Program Files\Connectify\ConnectifyService.exe
15:17:40.0398 2256 Connectify ( UnsignedFile.Multi.Generic ) - warning
15:17:40.0398 2256 Connectify - detected UnsignedFile.Multi.Generic (1)
15:17:40.0430 2256 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:17:40.0445 2256 crcdisk - ok
15:17:40.0523 2256 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:17:40.0554 2256 CryptSvc - ok
15:17:40.0601 2256 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:17:40.0648 2256 CSC - ok
15:17:40.0710 2256 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:17:40.0773 2256 CscService - ok
15:17:40.0804 2256 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:17:40.0851 2256 DcomLaunch - ok
15:17:40.0882 2256 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:17:40.0929 2256 defragsvc - ok
15:17:40.0991 2256 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:17:41.0038 2256 DfsC - ok
15:17:41.0116 2256 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:17:41.0163 2256 Dhcp - ok
15:17:41.0194 2256 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:17:41.0241 2256 discache - ok
15:17:41.0303 2256 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:17:41.0319 2256 Disk - ok
15:17:41.0366 2256 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:17:41.0412 2256 Dnscache - ok
15:17:41.0475 2256 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:17:41.0522 2256 dot3svc - ok
15:17:41.0568 2256 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:17:41.0615 2256 DPS - ok
15:17:41.0662 2256 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:17:41.0678 2256 drmkaud - ok
15:17:41.0740 2256 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:17:41.0771 2256 DXGKrnl - ok
15:17:41.0834 2256 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:17:41.0880 2256 EapHost - ok
15:17:42.0036 2256 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:17:42.0192 2256 ebdrv - ok
15:17:42.0239 2256 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:17:42.0302 2256 EFS - ok
15:17:42.0380 2256 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:17:42.0411 2256 ehRecvr - ok
15:17:42.0442 2256 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:17:42.0458 2256 ehSched - ok
15:17:42.0520 2256 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:17:42.0536 2256 ElbyCDIO - ok
15:17:42.0614 2256 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:17:42.0629 2256 elxstor - ok
15:17:42.0660 2256 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:17:42.0692 2256 ErrDev - ok
15:17:42.0738 2256 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:17:42.0785 2256 EventSystem - ok
15:17:42.0801 2256 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:17:42.0848 2256 exfat - ok
15:17:42.0879 2256 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:17:42.0926 2256 fastfat - ok
15:17:42.0988 2256 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:17:43.0035 2256 Fax - ok
15:17:43.0066 2256 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:17:43.0097 2256 fdc - ok
15:17:43.0128 2256 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:17:43.0160 2256 fdPHost - ok
15:17:43.0191 2256 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:17:43.0222 2256 FDResPub - ok
15:17:43.0238 2256 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:17:43.0253 2256 FileInfo - ok
15:17:43.0269 2256 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:17:43.0316 2256 Filetrace - ok
15:17:43.0331 2256 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:17:43.0362 2256 flpydisk - ok
15:17:43.0394 2256 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:17:43.0409 2256 FltMgr - ok
15:17:43.0487 2256 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:17:43.0550 2256 FontCache - ok
15:17:43.0628 2256 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:17:43.0643 2256 FontCache3.0.0.0 - ok
15:17:43.0674 2256 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:17:43.0674 2256 FsDepends - ok
15:17:43.0737 2256 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:17:43.0737 2256 Fs_Rec - ok
15:17:43.0815 2256 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:17:43.0830 2256 fvevol - ok
15:17:43.0877 2256 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:17:43.0893 2256 gagp30kx - ok
15:17:43.0955 2256 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
15:17:43.0971 2256 ggflt - ok
15:17:44.0033 2256 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
15:17:44.0033 2256 ggsemc - ok
15:17:44.0080 2256 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:17:44.0142 2256 gpsvc - ok
15:17:44.0236 2256 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:17:44.0252 2256 gupdate - ok
15:17:44.0252 2256 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:17:44.0267 2256 gupdatem - ok
15:17:44.0283 2256 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:17:44.0330 2256 hcw85cir - ok
15:17:44.0392 2256 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:17:44.0423 2256 HdAudAddService - ok
15:17:44.0470 2256 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:17:44.0517 2256 HDAudBus - ok
15:17:44.0532 2256 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:17:44.0548 2256 HidBatt - ok
15:17:44.0579 2256 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:17:44.0610 2256 HidBth - ok
15:17:44.0642 2256 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:17:44.0673 2256 HidIr - ok
15:17:44.0704 2256 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:17:44.0751 2256 hidserv - ok
15:17:44.0922 2256 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:17:44.0954 2256 HidUsb - ok
15:17:45.0000 2256 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:17:45.0047 2256 hkmsvc - ok
15:17:45.0094 2256 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:17:45.0156 2256 HomeGroupListener - ok
15:17:45.0203 2256 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:17:45.0250 2256 HomeGroupProvider - ok
15:17:45.0281 2256 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:17:45.0297 2256 HpSAMD - ok
15:17:45.0359 2256 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:17:45.0390 2256 HTTP - ok
15:17:45.0437 2256 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:17:45.0453 2256 hwpolicy - ok
15:17:45.0515 2256 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:17:45.0546 2256 i8042prt - ok
15:17:45.0609 2256 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:17:45.0624 2256 iaStorV - ok
15:17:45.0702 2256 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:17:45.0749 2256 idsvc - ok
15:17:45.0952 2256 [ 36CC40B02AE593D6152AC8BD657720AF ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:17:46.0233 2256 igfx - ok
15:17:46.0280 2256 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:17:46.0295 2256 iirsp - ok
15:17:46.0342 2256 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:17:46.0404 2256 IKEEXT - ok
15:17:46.0467 2256 [ 81486F0EB4238B65C317F97DE246C4AC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
15:17:46.0514 2256 IntcHdmiAddService - ok
15:17:46.0560 2256 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:17:46.0576 2256 intelide - ok
15:17:46.0607 2256 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:17:46.0638 2256 intelppm - ok
15:17:46.0670 2256 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:17:46.0732 2256 IPBusEnum - ok
15:17:46.0748 2256 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:17:46.0794 2256 IpFilterDriver - ok
15:17:46.0872 2256 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:17:46.0966 2256 iphlpsvc - ok
15:17:47.0013 2256 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:17:47.0028 2256 IPMIDRV - ok
15:17:47.0060 2256 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:17:47.0106 2256 IPNAT - ok
15:17:47.0138 2256 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:17:47.0169 2256 IRENUM - ok
15:17:47.0200 2256 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:17:47.0216 2256 isapnp - ok
15:17:47.0262 2256 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:17:47.0278 2256 iScsiPrt - ok
15:17:47.0294 2256 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:17:47.0309 2256 kbdclass - ok
15:17:47.0372 2256 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:17:47.0387 2256 kbdhid - ok
15:17:47.0418 2256 kbeepm - ok
15:17:47.0450 2256 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:17:47.0465 2256 KeyIso - ok
15:17:47.0512 2256 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:17:47.0528 2256 KSecDD - ok
15:17:47.0559 2256 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:17:47.0574 2256 KSecPkg - ok
15:17:47.0621 2256 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:17:47.0668 2256 KtmRm - ok
15:17:47.0699 2256 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:17:47.0730 2256 LanmanServer - ok
15:17:47.0762 2256 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:17:47.0808 2256 LanmanWorkstation - ok
15:17:47.0855 2256 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:17:47.0918 2256 lltdio - ok
15:17:47.0964 2256 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:17:48.0011 2256 lltdsvc - ok
15:17:48.0042 2256 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:17:48.0089 2256 lmhosts - ok
15:17:48.0120 2256 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:17:48.0152 2256 LSI_FC - ok
15:17:48.0198 2256 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:17:48.0214 2256 LSI_SAS - ok
15:17:48.0230 2256 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:17:48.0245 2256 LSI_SAS2 - ok
15:17:48.0276 2256 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:17:48.0292 2256 LSI_SCSI - ok
15:17:48.0323 2256 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:17:48.0370 2256 luafv - ok
15:17:48.0448 2256 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
15:17:48.0464 2256 LVRS - ok
15:17:48.0604 2256 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
15:17:48.0776 2256 LVUVC - ok
15:17:48.0822 2256 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:17:48.0838 2256 Mcx2Svc - ok
15:17:48.0854 2256 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:17:48.0869 2256 megasas - ok
15:17:48.0916 2256 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:17:48.0932 2256 MegaSR - ok
15:17:49.0025 2256 Microsoft SharePoint Workspace Audit Service - ok
15:17:49.0056 2256 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:17:49.0103 2256 MMCSS - ok
15:17:49.0119 2256 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:17:49.0166 2256 Modem - ok
15:17:49.0181 2256 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:17:49.0212 2256 monitor - ok
15:17:49.0259 2256 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:17:49.0275 2256 mouclass - ok
15:17:49.0337 2256 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:17:49.0368 2256 mouhid - ok
15:17:49.0415 2256 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:17:49.0431 2256 mountmgr - ok
15:17:49.0509 2256 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:17:49.0524 2256 MozillaMaintenance - ok
15:17:49.0571 2256 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:17:49.0587 2256 mpio - ok
15:17:49.0602 2256 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:17:49.0649 2256 mpsdrv - ok
15:17:49.0712 2256 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:17:49.0758 2256 MpsSvc - ok
15:17:49.0805 2256 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:17:49.0836 2256 MRxDAV - ok
15:17:49.0883 2256 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:17:49.0930 2256 mrxsmb - ok
15:17:49.0946 2256 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:17:49.0977 2256 mrxsmb10 - ok
15:17:50.0024 2256 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:17:50.0055 2256 mrxsmb20 - ok
15:17:50.0102 2256 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:17:50.0117 2256 msahci - ok
15:17:50.0148 2256 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:17:50.0164 2256 msdsm - ok
15:17:50.0195 2256 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:17:50.0211 2256 MSDTC - ok
15:17:50.0273 2256 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:17:50.0304 2256 Msfs - ok
15:17:50.0320 2256 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:17:50.0367 2256 mshidkmdf - ok
15:17:50.0414 2256 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:17:50.0414 2256 msisadrv - ok
15:17:50.0476 2256 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:17:50.0507 2256 MSiSCSI - ok
15:17:50.0523 2256 msiserver - ok
15:17:50.0554 2256 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:17:50.0601 2256 MSKSSRV - ok
15:17:50.0663 2256 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:17:50.0694 2256 MSPCLOCK - ok
15:17:50.0726 2256 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:17:50.0757 2256 MSPQM - ok
15:17:50.0788 2256 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:17:50.0804 2256 MsRPC - ok
15:17:50.0819 2256 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:17:50.0835 2256 mssmbios - ok
15:17:50.0850 2256 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:17:50.0882 2256 MSTEE - ok
15:17:50.0897 2256 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:17:50.0928 2256 MTConfig - ok
15:17:50.0960 2256 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:17:50.0960 2256 Mup - ok
15:17:51.0022 2256 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:17:51.0069 2256 napagent - ok
15:17:51.0147 2256 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:17:51.0178 2256 NativeWifiP - ok
15:17:51.0225 2256 Nbdrv - ok
15:17:51.0287 2256 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:17:51.0318 2256 NDIS - ok
15:17:51.0381 2256 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:17:51.0412 2256 NdisCap - ok
15:17:51.0443 2256 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:17:51.0490 2256 NdisTapi - ok
15:17:51.0537 2256 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:17:51.0568 2256 Ndisuio - ok
15:17:51.0615 2256 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:17:51.0662 2256 NdisWan - ok
15:17:51.0693 2256 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:17:51.0724 2256 NDProxy - ok
15:17:51.0755 2256 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:17:51.0786 2256 NetBIOS - ok
15:17:51.0833 2256 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:17:51.0880 2256 NetBT - ok
15:17:51.0896 2256 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:17:51.0911 2256 Netlogon - ok
15:17:51.0974 2256 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:17:52.0020 2256 Netman - ok
15:17:52.0052 2256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:52.0067 2256 NetMsmqActivator - ok
15:17:52.0083 2256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:52.0098 2256 NetPipeActivator - ok
15:17:52.0130 2256 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:17:52.0176 2256 netprofm - ok
15:17:52.0176 2256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:52.0192 2256 NetTcpActivator - ok
15:17:52.0208 2256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:17:52.0223 2256 NetTcpPortSharing - ok
15:17:52.0286 2256 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:17:52.0301 2256 nfrd960 - ok
15:17:52.0364 2256 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:17:52.0395 2256 NlaSvc - ok
15:17:52.0442 2256 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:17:52.0473 2256 Npfs - ok
15:17:52.0504 2256 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:17:52.0535 2256 nsi - ok
15:17:52.0551 2256 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:17:52.0598 2256 nsiproxy - ok
15:17:52.0676 2256 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:17:52.0754 2256 Ntfs - ok
15:17:52.0785 2256 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:17:52.0816 2256 Null - ok
15:17:52.0863 2256 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:17:52.0878 2256 nvraid - ok
15:17:52.0894 2256 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:17:52.0910 2256 nvstor - ok
15:17:52.0941 2256 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:17:52.0956 2256 nv_agp - ok
15:17:53.0003 2256 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:17:53.0019 2256 ohci1394 - ok
15:17:53.0097 2256 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:53.0097 2256 ose - ok
15:17:53.0315 2256 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:17:53.0502 2256 osppsvc - ok
15:17:53.0549 2256 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:17:53.0596 2256 p2pimsvc - ok
15:17:53.0643 2256 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:17:53.0674 2256 p2psvc - ok
15:17:53.0705 2256 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:17:53.0736 2256 Parport - ok
15:17:53.0768 2256 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:17:53.0783 2256 partmgr - ok
15:17:53.0799 2256 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:17:53.0846 2256 Parvdm - ok
15:17:53.0877 2256 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:17:53.0892 2256 PcaSvc - ok
15:17:53.0939 2256 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:17:53.0955 2256 pci - ok
15:17:54.0002 2256 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:17:54.0017 2256 pciide - ok
15:17:54.0048 2256 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:17:54.0064 2256 pcmcia - ok
15:17:54.0126 2256 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
15:17:54.0173 2256 pcouffin - ok
15:17:54.0189 2256 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:17:54.0204 2256 pcw - ok
15:17:54.0236 2256 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:17:54.0282 2256 PEAUTH - ok
15:17:54.0360 2256 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:17:54.0438 2256 PeerDistSvc - ok
15:17:54.0532 2256 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:17:54.0626 2256 pla - ok
15:17:54.0688 2256 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:17:54.0766 2256 PlugPlay - ok
15:17:54.0906 2256 [ 734D9EB27B76B2BA9F5030405345C707 ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
15:17:54.0938 2256 PMBDeviceInfoProvider - ok
15:17:54.0969 2256 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:17:55.0000 2256 PNRPAutoReg - ok
15:17:55.0031 2256 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:17:55.0062 2256 PNRPsvc - ok
15:17:55.0109 2256 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:17:55.0156 2256 PolicyAgent - ok
15:17:55.0203 2256 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:17:55.0234 2256 Power - ok
15:17:55.0296 2256 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:17:55.0343 2256 PptpMiniport - ok
15:17:55.0359 2256 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:17:55.0374 2256 Processor - ok
15:17:55.0437 2256 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:17:55.0499 2256 ProfSvc - ok
15:17:55.0515 2256 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:17:55.0530 2256 ProtectedStorage - ok
15:17:55.0562 2256 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:17:55.0593 2256 Psched - ok
15:17:55.0671 2256 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:17:55.0733 2256 ql2300 - ok
15:17:55.0764 2256 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:17:55.0780 2256 ql40xx - ok
15:17:55.0811 2256 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:17:55.0842 2256 QWAVE - ok
15:17:55.0874 2256 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:17:55.0889 2256 QWAVEdrv - ok
15:17:55.0905 2256 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:17:55.0936 2256 RasAcd - ok
15:17:55.0983 2256 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:17:55.0998 2256 RasAgileVpn - ok
15:17:56.0014 2256 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:17:56.0061 2256 RasAuto - ok
15:17:56.0076 2256 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:17:56.0123 2256 Rasl2tp - ok
15:17:56.0201 2256 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:17:56.0248 2256 RasMan - ok
15:17:56.0279 2256 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:17:56.0326 2256 RasPppoe - ok
15:17:56.0357 2256 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:17:56.0388 2256 RasSstp - ok
15:17:56.0435 2256 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:17:56.0513 2256 rdbss - ok
15:17:56.0544 2256 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:17:56.0560 2256 rdpbus - ok
15:17:56.0591 2256 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:17:56.0638 2256 RDPCDD - ok
15:17:56.0685 2256 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:17:56.0732 2256 RDPDR - ok
15:17:56.0778 2256 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:17:56.0810 2256 RDPENCDD - ok
15:17:56.0841 2256 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:17:56.0888 2256 RDPREFMP - ok
15:17:56.0950 2256 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:17:56.0997 2256 RdpVideoMiniport - ok
15:17:57.0044 2256 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:17:57.0090 2256 RDPWD - ok
15:17:57.0153 2256 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:17:57.0168 2256 rdyboost - ok
15:17:57.0200 2256 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:17:57.0246 2256 RemoteAccess - ok
15:17:57.0293 2256 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:17:57.0340 2256 RemoteRegistry - ok
15:17:57.0387 2256 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:17:57.0434 2256 ROOTMODEM - ok
15:17:57.0465 2256 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:17:57.0527 2256 RpcEptMapper - ok
15:17:57.0543 2256 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:17:57.0590 2256 RpcLocator - ok
15:17:57.0621 2256 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:17:57.0652 2256 RpcSs - ok
15:17:57.0699 2256 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:17:57.0746 2256 rspndr - ok
15:17:57.0824 2256 [ D0EEDC88876B20D42157CDCCA3E647F3 ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
15:17:57.0839 2256 s1039bus - ok
15:17:57.0870 2256 [ 7B35091A7BB597C86262C589B0B57D06 ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
15:17:57.0870 2256 s1039mdfl - ok
15:17:57.0902 2256 [ 4CB1AB13C9813CBF3E4C6406F8043EC2 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
15:17:57.0917 2256 s1039mdm - ok
15:17:57.0980 2256 [ 2649CA09585A7531126DCC116AD1F88C ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
15:17:57.0995 2256 s1039mgmt - ok
15:17:58.0026 2256 [ 6D3F549EFD6DAEDD7D12F3DE2175053F ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
15:17:58.0042 2256 s1039nd5 - ok
15:17:58.0104 2256 [ 305E3E3ACA0037AF2E2C1B50A383C91B ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
15:17:58.0120 2256 s1039obex - ok
15:17:58.0151 2256 [ 7DD02A58277C84C043442561589914F4 ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
15:17:58.0151 2256 s1039unic - ok
15:17:58.0214 2256 [ 06847AA6F3A9BF7C44134D00A2E578C0 ] s125bus C:\Windows\system32\DRIVERS\s125bus.sys
15:17:58.0229 2256 s125bus - ok
15:17:58.0292 2256 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:17:58.0338 2256 s3cap - ok
15:17:58.0385 2256 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:17:58.0401 2256 SamSs - ok
15:17:58.0463 2256 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:17:58.0479 2256 sbp2port - ok
15:17:58.0510 2256 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:17:58.0557 2256 SCardSvr - ok
15:17:58.0604 2256 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:17:58.0650 2256 scfilter - ok
15:17:58.0713 2256 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:17:58.0791 2256 Schedule - ok
15:17:58.0838 2256 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:17:58.0853 2256 SCPolicySvc - ok
15:17:58.0900 2256 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:17:58.0947 2256 SDRSVC - ok
15:17:58.0994 2256 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:17:59.0040 2256 secdrv - ok
15:17:59.0072 2256 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:17:59.0118 2256 seclogon - ok
15:17:59.0150 2256 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:17:59.0212 2256 SENS - ok
15:17:59.0212 2256 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:17:59.0259 2256 SensrSvc - ok
15:17:59.0290 2256 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:17:59.0321 2256 Serenum - ok
15:17:59.0337 2256 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:17:59.0368 2256 Serial - ok
15:17:59.0399 2256 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:17:59.0415 2256 sermouse - ok
15:17:59.0477 2256 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:17:59.0540 2256 SessionEnv - ok
15:17:59.0571 2256 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:17:59.0586 2256 sffdisk - ok
15:17:59.0618 2256 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:17:59.0633 2256 sffp_mmc - ok
15:17:59.0664 2256 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:17:59.0696 2256 sffp_sd - ok
15:17:59.0727 2256 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:17:59.0758 2256 sfloppy - ok
15:17:59.0805 2256 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:17:59.0852 2256 SharedAccess - ok
15:17:59.0883 2256 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:17:59.0914 2256 ShellHWDetection - ok
15:17:59.0961 2256 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:17:59.0976 2256 sisagp - ok
15:18:00.0023 2256 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:18:00.0039 2256 SiSRaid2 - ok
15:18:00.0070 2256 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:18:00.0086 2256 SiSRaid4 - ok
15:18:00.0164 2256 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:18:00.0179 2256 SkypeUpdate - ok
15:18:00.0210 2256 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:18:00.0242 2256 Smb - ok
15:18:00.0288 2256 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:18:00.0304 2256 SNMPTRAP - ok
15:18:00.0398 2256 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
15:18:00.0413 2256 Sony PC Companion - ok
15:18:00.0444 2256 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:18:00.0460 2256 spldr - ok
15:18:00.0507 2256 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:18:00.0569 2256 Spooler - ok
15:18:00.0725 2256 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:18:00.0881 2256 sppsvc - ok
15:18:00.0928 2256 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:18:00.0975 2256 sppuinotify - ok
15:18:01.0022 2256 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:18:01.0068 2256 srv - ok
15:18:01.0100 2256 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:18:01.0146 2256 srv2 - ok
15:18:01.0178 2256 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:18:01.0209 2256 srvnet - ok
15:18:01.0256 2256 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:18:01.0287 2256 SSDPSRV - ok
15:18:01.0302 2256 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:18:01.0349 2256 SstpSvc - ok
15:18:01.0380 2256 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:18:01.0396 2256 stexstor - ok
15:18:01.0458 2256 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:18:01.0505 2256 StiSvc - ok
15:18:01.0552 2256 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:18:01.0568 2256 storflt - ok
15:18:01.0614 2256 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:18:01.0630 2256 storvsc - ok
15:18:01.0661 2256 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:18:01.0677 2256 swenum - ok
15:18:01.0692 2256 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:18:01.0755 2256 swprv - ok
15:18:01.0770 2256 Synth3dVsc - ok
15:18:01.0848 2256 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:18:01.0911 2256 SysMain - ok
15:18:01.0958 2256 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:18:01.0973 2256 TabletInputService - ok
15:18:02.0020 2256 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:18:02.0051 2256 TapiSrv - ok
15:18:02.0098 2256 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:18:02.0129 2256 TBS - ok
15:18:02.0207 2256 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:18:02.0270 2256 Tcpip - ok
15:18:02.0332 2256 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:18:02.0363 2256 TCPIP6 - ok
15:18:02.0457 2256 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:18:02.0488 2256 tcpipreg - ok
15:18:02.0535 2256 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:18:02.0566 2256 TDPIPE - ok
15:18:02.0628 2256 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:18:02.0644 2256 TDTCP - ok
15:18:02.0706 2256 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:18:02.0769 2256 tdx - ok
15:18:02.0800 2256 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:18:02.0816 2256 TermDD - ok
15:18:02.0878 2256 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:18:02.0925 2256 TermService - ok
15:18:02.0956 2256 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:18:02.0987 2256 Themes - ok
15:18:03.0003 2256 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:18:03.0034 2256 THREADORDER - ok
15:18:03.0081 2256 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:18:03.0128 2256 TrkWks - ok
15:18:03.0206 2256 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:18:03.0252 2256 TrustedInstaller - ok
15:18:03.0299 2256 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:18:03.0330 2256 tssecsrv - ok
15:18:03.0377 2256 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:18:03.0393 2256 TsUsbFlt - ok
15:18:03.0408 2256 tsusbhub - ok
15:18:03.0471 2256 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:18:03.0502 2256 tunnel - ok
15:18:03.0533 2256 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:18:03.0549 2256 uagp35 - ok
15:18:03.0611 2256 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:18:03.0642 2256 udfs - ok
15:18:03.0705 2256 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:18:03.0736 2256 UI0Detect - ok
15:18:03.0783 2256 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:18:03.0798 2256 uliagpkx - ok
15:18:03.0830 2256 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:18:03.0845 2256 umbus - ok
15:18:03.0861 2256 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:18:03.0892 2256 UmPass - ok
15:18:03.0954 2256 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:18:03.0970 2256 UmRdpService - ok
15:18:04.0126 2256 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:18:04.0142 2256 UMVPFSrv - ok
15:18:04.0188 2256 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:18:04.0220 2256 upnphost - ok
15:18:04.0251 2256 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:18:04.0298 2256 usbaudio - ok
15:18:04.0344 2256 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:18:04.0391 2256 usbccgp - ok
15:18:04.0438 2256 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:18:04.0454 2256 usbcir - ok
15:18:04.0500 2256 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:18:04.0516 2256 usbehci - ok
15:18:04.0547 2256 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:18:04.0578 2256 usbhub - ok
15:18:04.0594 2256 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:18:04.0625 2256 usbohci - ok
15:18:04.0656 2256 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:18:04.0688 2256 usbprint - ok
15:18:04.0734 2256 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:18:04.0766 2256 usbscan - ok
15:18:04.0797 2256 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:18:04.0844 2256 USBSTOR - ok
15:18:04.0890 2256 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:18:04.0906 2256 usbuhci - ok
15:18:04.0953 2256 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:18:04.0984 2256 usbvideo - ok
15:18:05.0015 2256 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:18:05.0046 2256 UxSms - ok
15:18:05.0078 2256 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:18:05.0093 2256 VaultSvc - ok
15:18:05.0156 2256 [ BE2A8E974527723407A656CF91A5603C ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
15:18:05.0171 2256 VBoxDrv - ok
15:18:05.0249 2256 [ 60E593DE57F45A66843276F7D3BC64E1 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
15:18:05.0265 2256 VBoxUSBMon - ok
15:18:05.0312 2256 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:18:05.0358 2256 VClone - ok
15:18:05.0390 2256 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:18:05.0405 2256 vdrvroot - ok
15:18:05.0468 2256 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:18:05.0530 2256 vds - ok
15:18:05.0561 2256 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:18:05.0592 2256 vga - ok
15:18:05.0608 2256 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:18:05.0670 2256 VgaSave - ok
15:18:05.0670 2256 VGPU - ok
15:18:05.0717 2256 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:18:05.0733 2256 vhdmp - ok
15:18:05.0780 2256 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:18:05.0795 2256 viaagp - ok
15:18:05.0826 2256 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:18:05.0842 2256 ViaC7 - ok
15:18:05.0889 2256 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:18:05.0904 2256 viaide - ok
15:18:05.0951 2256 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:18:05.0967 2256 vmbus - ok
15:18:05.0998 2256 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:18:06.0045 2256 VMBusHID - ok
15:18:06.0076 2256 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:18:06.0092 2256 volmgr - ok
15:18:06.0107 2256 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:18:06.0123 2256 volmgrx - ok
15:18:06.0185 2256 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:18:06.0201 2256 volsnap - ok
15:18:06.0248 2256 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:18:06.0263 2256 vsmraid - ok
15:18:06.0326 2256 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:18:06.0419 2256 VSS - ok
15:18:06.0435 2256 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:18:06.0466 2256 vwifibus - ok
15:18:06.0497 2256 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:18:06.0513 2256 vwififlt - ok
15:18:06.0560 2256 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:18:06.0591 2256 vwifimp - ok
15:18:06.0638 2256 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:18:06.0684 2256 W32Time - ok
15:18:06.0716 2256 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:18:06.0731 2256 WacomPen - ok
15:18:06.0794 2256 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:18:06.0840 2256 WANARP - ok
15:18:06.0856 2256 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:18:06.0887 2256 Wanarpv6 - ok
15:18:06.0965 2256 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:18:07.0028 2256 wbengine - ok
15:18:07.0059 2256 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:18:07.0106 2256 WbioSrvc - ok
15:18:07.0152 2256 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:18:07.0199 2256 wcncsvc - ok
15:18:07.0215 2256 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:18:07.0262 2256 WcsPlugInService - ok
15:18:07.0293 2256 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:18:07.0308 2256 Wd - ok
15:18:07.0371 2256 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:18:07.0402 2256 Wdf01000 - ok
15:18:07.0433 2256 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:18:07.0496 2256 WdiServiceHost - ok
15:18:07.0511 2256 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:18:07.0527 2256 WdiSystemHost - ok
15:18:07.0574 2256 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:18:07.0620 2256 WebClient - ok
15:18:07.0652 2256 [ F56A25B240391620B6E31ACF656F2018 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:18:07.0698 2256 Wecsvc - ok
15:18:07.0714 2256 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:18:07.0761 2256 wercplsupport - ok
15:18:07.0808 2256 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:18:07.0854 2256 WerSvc - ok
15:18:07.0901 2256 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:18:07.0932 2256 WfpLwf - ok
15:18:07.0979 2256 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:18:07.0995 2256 WIMMount - ok
15:18:08.0057 2256 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:18:08.0104 2256 WinDefend - ok
15:18:08.0120 2256 WinHttpAutoProxySvc - ok
15:18:08.0213 2256 [ 320B13F43726EB73B2D7AE8869AFAACE ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:18:08.0244 2256 Winmgmt - ok
15:18:08.0354 2256 [ 895AD0D039FAAE12D4C25E028051344C ] WinRM C:\Windows\system32\WsmSvc.dll
15:18:08.0463 2256 WinRM - ok
15:18:08.0525 2256 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:18:08.0572 2256 WinUsb - ok
15:18:08.0634 2256 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:18:08.0697 2256 Wlansvc - ok
15:18:08.0822 2256 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:18:08.0900 2256 wlidsvc - ok
15:18:08.0946 2256 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:18:08.0978 2256 WmiAcpi - ok
15:18:09.0024 2256 [ A1BCA34F741D285E8A7CD3F3E734BBBD ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:18:09.0040 2256 wmiApSrv - ok
15:18:09.0149 2256 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:18:09.0227 2256 WMPNetworkSvc - ok
15:18:09.0258 2256 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:18:09.0290 2256 WPCSvc - ok
15:18:09.0336 2256 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:18:09.0383 2256 WPDBusEnum - ok
15:18:09.0414 2256 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:18:09.0461 2256 ws2ifsl - ok
15:18:09.0492 2256 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:18:09.0524 2256 wscsvc - ok
15:18:09.0539 2256 WSearch - ok
15:18:09.0633 2256 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:18:09.0726 2256 wuauserv - ok
15:18:09.0773 2256 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:18:09.0804 2256 WudfPf - ok
15:18:09.0851 2256 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:18:09.0882 2256 WUDFRd - ok
15:18:09.0945 2256 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:18:09.0976 2256 wudfsvc - ok
15:18:10.0007 2256 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:18:10.0038 2256 WwanSvc - ok
15:18:10.0101 2256 ================ Scan global ===============================
15:18:10.0163 2256 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:18:10.0210 2256 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:18:10.0226 2256 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:18:10.0257 2256 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:18:10.0304 2256 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:18:10.0304 2256 [Global] - ok
15:18:10.0304 2256 ================ Scan MBR ==================================
15:18:10.0335 2256 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
15:18:10.0475 2256 \Device\Harddisk0\DR0 - ok
15:18:10.0475 2256 ================ Scan VBR ==================================
15:18:10.0491 2256 [ 4CA69DE28C1202BDD752D18D37117465 ] \Device\Harddisk0\DR0\Partition1
15:18:10.0491 2256 \Device\Harddisk0\DR0\Partition1 - ok
15:18:10.0522 2256 [ F5F74505E57196557D14A9CE766AA1CC ] \Device\Harddisk0\DR0\Partition2
15:18:10.0522 2256 \Device\Harddisk0\DR0\Partition2 - ok
15:18:10.0538 2256 [ C2FB41633E10BFA0D7F9848295B4979E ] \Device\Harddisk0\DR0\Partition3
15:18:10.0538 2256 \Device\Harddisk0\DR0\Partition3 - ok
15:18:10.0553 2256 ============================================================
15:18:10.0553 2256 Scan finished
15:18:10.0553 2256 ============================================================
15:18:10.0569 2648 Detected object count: 1
15:18:10.0569 2648 Actual detected object count: 1
15:18:37.0151 2648 Connectify ( UnsignedFile.Multi.Generic ) - skipped by user
15:18:37.0151 2648 Connectify ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.02.2013, 15:26
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox hat hohe CPU-AuslastungCode:
ATTFilter 15:12:14.700 Disk 0 Partition 4 00 83 Linux 30111 MB offset 136988672
15:12:14.700 Disk 0 Partition - 00 05 Extended 3001 MB offset 198656000
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.02.2013, 15:27
| #9 |
| | Firefox hat hohe CPU-Auslastung Ja, habe ich!  |
|
04.02.2013, 15:32
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox hat hohe CPU-Auslastung Ok, schön Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.02.2013, 16:10
| #11 |
| | Firefox hat hohe CPU-Auslastung Danke für deine schnellen Antworten! Code:
ATTFilter ComboFix 13-02-03.03 - *** 04.02.2013 15:41:08.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1033.18.3001.2132 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Sony Ericsson PC Software.ico
c:\users\***\AppData\Roaming\inst.exe
c:\windows\IsUn0407.exe
.
Infizierte Kopie von c:\windows\system32\imm32.dll wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_5e5d8801d8ad160d\imm32.dll wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-04 bis 2013-02-04 ))))))))))))))))))))))))))))))
.
.
2013-02-04 14:51 . 2013-02-04 14:51 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2C41F6D1-AD18-40BE-B98C-2577129FA88F}\offreg.dll
2013-02-04 14:51 . 2013-02-04 14:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 12:42 . 2013-02-03 12:42 -------- d-----w- c:\windows\Sun
2013-02-03 12:40 . 2013-02-03 12:40 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-03 11:05 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2C41F6D1-AD18-40BE-B98C-2577129FA88F}\mpengine.dll
2013-02-03 01:18 . 2013-02-03 01:18 -------- d-----w- c:\users\***\AppData\Roaming\Malwarebytes
2013-02-03 01:17 . 2013-02-03 01:17 -------- d-----w- c:\programdata\Malwarebytes
2013-02-03 01:17 . 2013-02-03 01:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-03 01:17 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-03 01:17 . 2013-02-03 01:17 -------- d-----w- c:\users\***\AppData\Local\Programs
2013-02-02 18:24 . 2013-02-02 18:28 -------- d-----w- c:\users\***\AppData\Roaming\Trillian
2013-02-02 18:23 . 2013-02-02 18:24 -------- d-----w- c:\program files\Trillian
2013-02-02 11:11 . 2013-02-02 11:11 -------- d-----w- c:\users\Public\CyberLink
2013-02-02 11:10 . 2013-02-02 11:10 -------- d-----w- c:\users\***\AppData\Local\Cyberlink
2013-02-02 11:10 . 2013-02-02 11:11 -------- d-----w- c:\programdata\CyberLink
2013-02-02 11:10 . 2013-02-02 11:10 -------- d-----w- c:\program files\Common Files\Nikon
2013-02-02 11:08 . 2013-02-02 11:08 -------- d-----w- c:\program files\CyberLink
2013-02-02 11:07 . 2013-02-02 11:07 -------- d-----w- c:\programdata\install_clap
2013-02-01 17:24 . 2013-02-01 17:24 -------- d-----w- c:\program files\Common Files\Skype
2013-02-01 17:24 . 2013-02-01 17:24 -------- d-----r- c:\program files\Skype
2013-01-31 23:45 . 2013-02-02 18:19 -------- d-----w- c:\users\***\AppData\Roaming\Jitsi
2013-01-29 17:40 . 2008-04-14 04:42 281088 ----a-w- c:\program files\Microsoft Games\Pinball\pinball.exe
2013-01-27 21:12 . 2013-01-27 21:19 -------- d-----w- c:\users\***\AppData\Roaming\Sparx Systems
2013-01-27 21:10 . 2013-01-27 21:10 -------- d-----w- c:\program files\Sparx Systems
2013-01-27 21:07 . 2013-01-27 21:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-01-26 15:22 . 2013-01-27 21:29 -------- d-----w- c:\users\***\UniGrid_Profile
2013-01-24 17:09 . 2013-01-24 17:09 -------- d-----w- c:\users\***\AppData\Local\Opera
2013-01-24 17:09 . 2013-01-24 17:09 -------- d-----w- c:\program files\Opera
2013-01-13 18:49 . 2013-01-22 22:24 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-01-12 20:51 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-12 20:50 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 20:50 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 20:46 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-03 12:40 . 2012-09-02 16:35 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-03 12:40 . 2012-09-02 16:35 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28 . 2012-08-20 20:53 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 22:06 . 2012-08-20 21:59 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-10 22:06 . 2012-08-20 21:59 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-17 20:54 . 2012-12-17 20:54 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2012-12-17 20:54 . 2012-12-17 20:54 47360 ----a-w- c:\users\***\AppData\Roaming\pcouffin.sys
2012-12-16 14:13 . 2012-12-30 12:31 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-30 12:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-20 17:28 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2012-11-14 02:09 . 2012-12-12 18:42 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 18:42 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 18:42 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 18:42 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 18:42 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 18:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 18:34 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2013-01-22 22:24 . 2013-01-22 22:24 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 144384]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-08-20 724576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk]
path=c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
backup=c:\windows\pss\simplicheck.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
2012-08-09 19:30 3985768 ----a-w- c:\program files\Connectify\Connectify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2011-11-11 12:08 205336 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware ]
2012-12-14 15:49 512360 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ASSMEAEJI;ASSMEAEJI;c:\users\***\AppData\Local\Temp\ASSMEAEJI.exe [x]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbusflt.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 kbeepm;kbeepm;c:\users\***\AppData\Local\Temp\kbeepm.sys [x]
R3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 22:06]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-15 20:11]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-15 20:11]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: Interfaces\{DFC03C6C-4D56-40CE-9FEB-FAD9B0E2EF9C}: NameServer = 139.18.25.3
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\
FF - ExtSQL: 2013-01-23 12:25; jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi
FF - ExtSQL: 2013-02-02 13:56; {888d99e7-e8b5-46a3-851e-1ec45da1e644}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF - ExtSQL: 2013-02-02 23:37; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-02-02 23:37; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-VirtualCloneDrive - c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1692)
c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
c:\windows\System32\bthprops.cpl
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Connectify\ConnectifyD.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-04 15:58:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-02-04 14:58
.
Vor Suchlauf: 5.680.832.512 Bytes frei
Nach Suchlauf: 5.535.326.208 Bytes frei
.
- - End Of File - - 1E98A1B45D1709C76D02223825BC87CD
|
|
04.02.2013, 16:23
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox hat hohe CPU-Auslastung CF hat ne Zecke entfernt...prüf mal kirz ob das mit dem Firefox besser geworden ist. Zudem bitte: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.02.2013, 19:01
| #13 |
| | Firefox hat hohe CPU-Auslastung Ja, es ist soweit besser geworden, glaube ich. Ich muss es aber erst nochmal ausführlich testen... Hier erstmal Logs: Code:
ATTFilter # AdwCleaner v2.110 - Logfile created 02/04/2013 at 16:28:27
# Updated 03/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : *** - ***-PC
# Boot Mode : Normal
# Running from : C:\Users\***\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Program Files\Optimizer Pro
***** [Registry] *****
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Mozilla Firefox v18.0.1 (de)
File : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\prefs.js
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ztegzhix.default\user.js ... Deleted !
[OK] File is clean.
-\\ Opera v12.12.1707.0
File : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1070 octets] - [04/02/2013 16:26:25]
AdwCleaner[S1].txt - [1105 octets] - [04/02/2013 16:28:27]
########## EOF - C:\AdwCleaner[S1].txt - [1165 octets] ##########
Code:
ATTFilter OTL logfile created on: 04.02.2013 16:34:03 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,93 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 68,50% Memory free 5,86 Gb Paging File | 4,92 Gb Available in Paging File | 83,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51,39 Gb Total Space | 5,24 Gb Free Space | 10,19% Space Free | Partition Type: NTFS Drive D: | 65,22 Gb Total Space | 10,68 Gb Free Space | 16,38% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files\Connectify\ConnectifyD.exe (Connectify) PRC - C:\Program Files\Connectify\ConnectifyService.exe () PRC - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\studnet\studnet.exe (Dossin-Brade GbR) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll () MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Services (SafeList) ========== SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found SRV - (ASSMEAEJI) -- C:\Users\***\AppData\Local\Temp\ASSMEAEJI.exe File not found SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (Connectify) -- C:\Program Files\Connectify\ConnectifyService.exe () SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (UMVPFSrv) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found DRV - (Nbdrv) -- system32\DRIVERS\nbdrv.sys File not found DRV - (kbeepm) -- C:\Users\***\AppData\Local\Temp\kbeepm.sys File not found DRV - (catchme) -- C:\Users\***\AppData\Local\Temp\catchme.sys File not found DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (Oracle Corporation) DRV - (VBoxUSBMon) -- C:\Windows\System32\drivers\VBoxUSBMon.sys (Oracle Corporation) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software) DRV - (cnnctfy2) -- C:\Windows\System32\drivers\cnnctfy2.sys (Connectify) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software) DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (CompFilter) -- C:\Windows\System32\drivers\lvbusflt.sys (Logitech Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (s1039mdm) -- C:\Windows\System32\drivers\s1039mdm.sys (MCCI Corporation) DRV - (s1039unic) -- C:\Windows\System32\drivers\s1039unic.sys (MCCI Corporation) DRV - (s1039mgmt) -- C:\Windows\System32\drivers\s1039mgmt.sys (MCCI Corporation) DRV - (s1039obex) -- C:\Windows\System32\drivers\s1039obex.sys (MCCI Corporation) DRV - (s1039bus) -- C:\Windows\System32\drivers\s1039bus.sys (MCCI Corporation) DRV - (s1039nd5) -- C:\Windows\System32\drivers\s1039nd5.sys (MCCI Corporation) DRV - (s1039mdfl) -- C:\Windows\System32\drivers\s1039mdfl.sys (MCCI Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (s125bus) -- C:\Windows\System32\drivers\s125bus.sys (MCCI Corporation) DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 BF C5 63 0E EC CD 01 [binary data] IE - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10 FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474 FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0 FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.27 21:56:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.22 23:24:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.01.13 19:49:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.22 23:24:35 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.01.13 19:49:22 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.08.20 21:34:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.02.02 23:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ztegzhix.default\extensions [2013.02.02 23:37:43 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ztegzhix.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013.01.13 18:48:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ztegzhix.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.09.21 15:35:14 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ztegzhix.default\extensions\DeviceDetection@logitech.com [2013.01.10 21:54:31 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ztegzhix.default\extensions\firefox@ghostery.com [2012.09.15 15:02:52 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ztegzhix.default\extensions\ich@maltegoetz.de [2013.01.23 12:25:05 | 000,157,239 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi [2012.10.29 15:20:46 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\translator@zoli.bod.xpi [2012.12.04 19:20:37 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2013.02.02 23:37:43 | 000,533,536 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.02.02 13:56:51 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013.01.31 18:46:00 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.08.29 16:28:56 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012.10.23 19:58:54 | 000,012,703 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\searchplugins\imdb.xml [2012.08.25 23:14:07 | 000,002,057 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\ztegzhix.default\searchplugins\youtube-videosuche.xml [2013.01.22 23:24:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2013.01.27 21:56:12 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2013.01.22 23:24:35 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.12 12:50:04 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.02.04 15:53:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3983005813-3181968773-4197894644-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47943D23-72D3-45CE-9007-96CB1931B882}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFC03C6C-4D56-40CE-9FEB-FAD9B0E2EF9C}: NameServer = 139.18.25.3 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.04 15:53:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.02.04 15:51:01 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.02.04 15:38:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.02.04 15:38:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.02.04 15:38:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.02.04 15:38:31 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.02.04 15:38:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.02.04 15:36:15 | 005,029,686 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2013.02.04 15:16:03 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2013.02.04 13:26:17 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\mbar-1.01.0.1017 [2013.02.04 00:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.02.03 22:39:55 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Chatverläufe [2013.02.03 13:42:27 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2013.02.03 13:40:26 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.02.03 13:40:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.02.03 13:40:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.02.03 13:40:16 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.02.03 02:18:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2013.02.03 02:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.03 02:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.03 02:17:41 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.02.03 02:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.02.03 02:17:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Programs [2013.02.03 02:16:54 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup-1.70.0.1100.exe [2013.02.02 23:51:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.02.02 23:24:21 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe [2013.02.02 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Trillian [2013.02.02 19:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian [2013.02.02 12:10:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Cyberlink [2013.02.02 12:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon [2013.02.02 12:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2013.02.02 12:10:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 [2013.02.02 12:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink [2013.02.02 12:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2013.02.02 12:07:13 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap [2013.02.01 18:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.01 18:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.02.01 18:24:34 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013.02.01 00:45:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Jitsi [2013.01.27 22:12:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Sparx Systems [2013.01.27 22:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\Sparx Systems [2013.01.27 22:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enterprise Architect 10 [2013.01.27 22:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013.01.26 23:29:59 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\musik [2013.01.26 16:22:50 | 000,000,000 | ---D | C] -- C:\Users\***\UniGrid_Profile [2013.01.24 21:13:01 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\BWL [2013.01.24 21:12:17 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Technische Informatik II [2013.01.24 18:09:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Opera [2013.01.24 18:09:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Opera [2013.01.24 18:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2013.01.24 08:19:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Ubuntufiles [2013.01.23 15:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2013.01.22 23:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.01.22 23:10:14 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\aglotze54 [2013.01.15 13:54:02 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\binäruhr [2013.01.13 19:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2013.01.12 21:52:45 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.12 21:52:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.12 21:52:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.01.12 21:52:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.12 21:52:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.01.12 21:52:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.12 21:52:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.12 21:52:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.01.12 21:52:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.01.12 21:52:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.01.12 21:52:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.12 21:52:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.01.12 21:52:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.12 21:52:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.12 21:52:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.12 21:52:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.01.12 21:52:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.12 21:52:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.01.12 21:52:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.12 21:52:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.01.12 21:52:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.01.12 21:52:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.01.12 21:52:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.01.12 21:52:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.01.12 21:52:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.01.12 21:52:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.12 21:52:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.12 21:52:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.01.12 21:52:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.12 21:52:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.01.12 21:52:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.01.12 21:52:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.01.12 21:51:40 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.01.12 21:51:39 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.01.12 21:51:39 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.01.12 21:51:39 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.01.12 21:51:39 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.01.12 21:51:39 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.01.12 21:51:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.01.12 21:51:38 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.01.12 21:51:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.01.12 21:51:37 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.01.12 21:51:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.01.12 21:51:36 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.01.12 21:51:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.01.12 21:51:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.01.12 21:51:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.01.12 21:51:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.01.12 21:46:02 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.01.06 21:06:31 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\P [2013.01.06 17:58:21 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Prag [2012.12.17 21:54:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\***\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2013.02.04 16:35:47 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.04 16:35:47 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.04 16:31:05 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.04 16:30:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.04 16:30:12 | 2359,980,032 | -HS- | M] () -- C:\hiberfil.sys [2013.02.04 16:24:42 | 000,582,107 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.02.04 16:16:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.04 16:06:20 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.04 15:53:37 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.02.04 15:36:35 | 005,029,686 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2013.02.04 15:16:08 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2013.02.04 15:13:23 | 000,000,512 | ---- | M] () -- C:\Users\***\Desktop\MBR.dat [2013.02.04 15:05:16 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe [2013.02.04 14:31:39 | 001,305,400 | ---- | M] () -- C:\Users\***\Desktop\Formelsammlung Physik.pdf [2013.02.04 13:29:01 | 000,694,710 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.02.04 13:29:01 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.02.04 13:29:01 | 000,147,802 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.02.04 13:29:01 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.02.03 22:41:55 | 001,913,307 | ---- | M] () -- C:\Users\***\Desktop\IMG_20130203_154524.jpg [2013.02.03 13:40:11 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.02.03 13:40:09 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.02.03 13:40:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.02.03 13:40:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.02.03 13:40:07 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013.02.03 13:40:07 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013.02.03 13:36:51 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.02.03 13:31:52 | 000,001,919 | ---- | M] () -- C:\Users\***\Desktop\Update Checker.lnk [2013.02.03 13:31:32 | 000,264,757 | ---- | M] () -- C:\Users\***\Desktop\FHSetup.exe [2013.02.03 02:23:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2013.02.03 02:17:12 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup-1.70.0.1100.exe [2013.02.03 00:19:57 | 000,365,568 | ---- | M] () -- C:\Users\***\Desktop\gmer_2.0.18454.exe [2013.02.02 23:51:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.02.02 23:50:55 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.02.02 23:50:08 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2013.01.29 18:40:36 | 000,001,133 | ---- | M] () -- C:\Users\***\Desktop\Pinball.lnk [2013.01.28 12:20:46 | 000,005,849 | ---- | M] () -- C:\Users\***\Desktop\Fach.odt [2013.01.24 18:09:21 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2013.01.23 15:30:45 | 000,001,124 | ---- | M] () -- C:\Users\***\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk [2013.01.23 15:30:45 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2013.01.17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013.01.13 21:26:44 | 000,030,710 | ---- | M] () -- C:\Users\***\Desktop\Studienjahresablaufplan_2012.pdf [2013.01.13 18:17:04 | 000,451,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.13 17:53:19 | 000,871,321 | ---- | M] () -- C:\Users\***\Desktop\DSC00333.JPG [2013.01.11 23:11:28 | 000,000,245 | ---- | M] () -- C:\Users\***\.swfinfo [2013.01.11 18:53:33 | 000,229,537 | R--- | M] () -- C:\Users\***\Desktop\67301055551239_3f6200d9.pdf [2013.01.10 23:06:09 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.01.10 23:06:09 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.01.06 17:50:33 | 000,003,497 | ---- | M] () -- C:\Users\***\Neues Profil.xml ========== Files Created - No Company Name ========== [2013.02.04 16:24:33 | 000,582,107 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.02.04 15:38:38 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.02.04 15:38:38 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.02.04 15:38:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.02.04 15:38:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.02.04 15:38:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.02.04 15:13:23 | 000,000,512 | ---- | C] () -- C:\Users\***\Desktop\MBR.dat [2013.02.04 14:31:38 | 001,305,400 | ---- | C] () -- C:\Users\***\Desktop\Formelsammlung Physik.pdf [2013.02.03 22:41:52 | 001,913,307 | ---- | C] () -- C:\Users\***\Desktop\IMG_20130203_154524.jpg [2013.02.03 13:31:52 | 000,001,919 | ---- | C] () -- C:\Users\***\Desktop\Update Checker.lnk [2013.02.03 13:31:29 | 000,264,757 | ---- | C] () -- C:\Users\***\Desktop\FHSetup.exe [2013.02.03 00:19:55 | 000,365,568 | ---- | C] () -- C:\Users\***\Desktop\gmer_2.0.18454.exe [2013.02.02 23:50:55 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.02.02 23:50:07 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2013.02.02 19:24:06 | 000,001,071 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk [2013.01.29 18:40:36 | 000,001,133 | ---- | C] () -- C:\Users\***\Desktop\Pinball.lnk [2013.01.28 12:20:41 | 000,005,849 | ---- | C] () -- C:\Users\***\Desktop\Fach.odt [2013.01.24 18:09:21 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2013.01.24 18:09:21 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2013.01.23 15:30:45 | 000,001,124 | ---- | C] () -- C:\Users\***\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk [2013.01.23 15:30:45 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2013.01.13 21:26:42 | 000,030,710 | ---- | C] () -- C:\Users\***\Desktop\Studienjahresablaufplan_2012.pdf [2013.01.13 17:53:13 | 000,871,321 | ---- | C] () -- C:\Users\***\Desktop\DSC00333.JPG [2013.01.11 23:11:28 | 000,000,245 | ---- | C] () -- C:\Users\***\.swfinfo [2013.01.11 19:32:59 | 015,590,900 | ---- | C] () -- C:\Users\***\Desktop\Sony Ericsson J10 Elm Working Instructions v1.pdf [2013.01.11 19:32:52 | 024,325,044 | ---- | C] () -- C:\Users\***\Desktop\Sony Ericsson J10 Elm Repair Movies v1.pdf [2013.01.11 18:53:35 | 000,229,537 | R--- | C] () -- C:\Users\***\Desktop\67301055551239_3f6200d9.pdf [2013.01.06 17:50:33 | 000,003,497 | ---- | C] () -- C:\Users\***\Neues Profil.xml [2012.12.17 21:54:40 | 000,007,887 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.cat [2012.12.17 21:54:40 | 000,001,144 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.inf [2012.12.12 19:49:10 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.09.22 23:50:49 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.20 10:42:30 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2012.09.20 10:42:29 | 000,005,120 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2012.09.20 10:42:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2012.09.18 20:02:41 | 000,684,916 | ---- | C] () -- C:\Windows\unins000.exe [2012.09.18 20:02:41 | 000,012,451 | ---- | C] () -- C:\Windows\unins000.dat [2012.09.14 22:23:06 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2012.09.09 19:53:43 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2012.09.09 18:04:55 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2012.09.09 18:03:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012.09.03 10:09:13 | 000,694,710 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2012.09.03 10:09:13 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2012.09.03 10:09:13 | 000,147,802 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2012.09.03 10:09:13 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2011.11.17 02:40:38 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011.08.12 11:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2012.08.21 14:34:24 | 000,351,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 04.02.2013 16:34:03 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 68,50% Memory free
5,86 Gb Paging File | 4,92 Gb Available in Paging File | 83,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,39 Gb Total Space | 5,24 Gb Free Space | 10,19% Space Free | Partition Type: NTFS
Drive D: | 65,22 Gb Total Space | 10,68 Gb Free Space | 16,38% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3983005813-3181968773-4197894644-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0386E5C2-66B2-48CE-B6A3-7D094768B47F}" = rport=445 | protocol=6 | dir=out | app=system |
"{05DD103A-9735-4937-A217-A1CA8056E0B2}" = lport=138 | protocol=17 | dir=in | app=system |
"{105172D8-0DEE-43EF-8608-6D8FB0A62FD2}" = rport=138 | protocol=17 | dir=out | app=system |
"{192255A1-07AE-4CFB-B52E-7F7110728DCC}" = rport=137 | protocol=17 | dir=out | app=system |
"{243E28EA-0890-4CE4-AB06-D769050285CA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2555D3B0-639E-4A52-9626-3B1A2285C584}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{2768A460-3043-45FA-8095-BFEE8978CEEE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{31D8F21D-7668-4610-915B-899E8D83D208}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{36CAB5BD-0066-4295-9DFE-0480B2B37E58}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{4C7163AC-EB8E-4D16-812A-64A3278525CA}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{4CD67B54-6D4D-4ABA-A170-DDD8FAA37294}" = lport=139 | protocol=6 | dir=in | app=system |
"{4F2D1451-5F91-40BB-8A2A-4A6FEBA43B10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{525D7E11-582B-4D89-A268-61B31AC5EF11}" = rport=2869 | protocol=6 | dir=out | app=system |
"{567EDA82-D625-4BD0-8DAC-6E147476A7E7}" = rport=139 | protocol=6 | dir=out | app=system |
"{83EF2ECA-425F-4C45-B26F-CBB1911F3265}" = lport=2869 | protocol=6 | dir=in | app=system |
"{97E3B364-E749-4C17-82F1-266A95EF10AE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9BDBDD67-0093-426B-9AA5-46BE8BAFE0C3}" = lport=137 | protocol=17 | dir=in | app=system |
"{A42DEC5E-4963-489F-978A-F93D3BFD47F6}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{A5BE2544-5C8F-49DE-A8D5-502132F79AA8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A6D7ABD0-F319-48D9-BABD-1B40E1C8C5D9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AF9554A1-67F2-4EC4-9D7D-52A54064CEC8}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{BE2D7BE2-05C5-490B-8141-311D3DA7F9BB}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{D268A709-BB1D-4AA0-9ECC-86AE0652B259}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"{D3F31F1D-04D6-4DD9-9704-4EAE101B823E}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe |
"{F035B2BF-7B24-4A2F-8E44-DAEF6F9B2261}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F366747D-62F4-40DB-B8EA-5BCA8453C1E0}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{217FB26A-6EA4-42B5-8F90-81B0FFFC0528}" = protocol=17 | dir=in | app=c:\program files\ispy\ispy\ispy.exe |
"{27340B18-5133-4092-80DF-EE0497CC7516}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{2ABCE00A-59F9-4E0A-A054-952DC9900A2C}" = protocol=6 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"{322F4934-62FD-4982-ABD4-41D2C4F91B79}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3C65B061-0F81-4458-806B-0F5CD2585BD4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6332D44F-5B81-4924-B279-2B6AF60AC6E0}" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{6928C79A-FD77-4A62-8CBB-814A22EDE0A1}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{6AC207D3-229D-4304-9ABB-27D2FA10F374}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{6E908FFB-5C2D-4182-9B7B-7B9B0E3C724A}" = dir=out | app=c:\windows\system32\svchost.exe |
"{7054730B-8B07-4D28-BA9B-C1FAAF14B09D}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{7532D3A1-583C-4137-990F-9EC5B659690B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{76436E96-64A4-4BB5-ACFF-119BC432B82E}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{94144068-FF00-4358-84B6-D13E28FCD419}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9C3DE0A6-57B7-4CCE-9406-C88D42B86011}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A16C5977-93C2-499A-9C61-16C530C4E468}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B37A50FD-EC2C-4CA9-8313-55C7E5B081BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B725AE19-933E-4E46-8D8C-58314CA91C71}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C6C12E3A-A221-4FB9-8403-6582FEA0410A}" = protocol=6 | dir=in | app=c:\program files\ispy\ispy\ispy.exe |
"{CFDD84AE-5293-4DA2-A210-488D4A6BA4BF}" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{D568E12C-F9A8-4522-9BFD-D4A77ADA3CF0}" = protocol=17 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"{E8AECBD9-3755-418B-84F9-9B22B67277B7}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{EA4527BD-B939-492D-B801-E4379A0211C1}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{EB2F5C85-7DE6-480A-B230-827DD0523B08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB6F6336-DE68-4E78-BD0E-1F774A51AAB5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{FC76DC8C-EDBA-46FD-86DC-DAE0CD6B9E46}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FFCA82EC-B52B-4725-B51F-F41609B80BCD}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1AD5496C-D3F5-40FC-AA91-3E72B0DC4563}C:\users\***\desktop\eclipse-jee-juno-sr1-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\eclipse-jee-juno-sr1-win32\eclipse\eclipse.exe |
"TCP Query User{4A9EFB0A-3C7F-4637-AA1F-7D4A12CA977B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{57585630-DFDB-45BE-B189-0497009B0AE5}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5FA4B996-49C2-4D50-8946-B55101C445B2}C:\program files\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"TCP Query User{8C4E1E4C-043F-45BF-B311-44CA3D71CC53}C:\program files\ispy\ispy\ispy.exe" = protocol=6 | dir=in | app=c:\program files\ispy\ispy\ispy.exe |
"TCP Query User{8F1B85EE-1178-4530-9DFF-6D264045C402}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe |
"UDP Query User{10661907-BBBD-49BB-A60B-48F198B592DE}C:\program files\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files\trillian\plugins\skypekit.exe |
"UDP Query User{35AD4070-88C9-4575-B59B-026100464D2E}C:\program files\ispy\ispy\ispy.exe" = protocol=17 | dir=in | app=c:\program files\ispy\ispy\ispy.exe |
"UDP Query User{86BCDA29-AD97-43A5-918A-71FBF6222EFF}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{AF91FE90-4269-455D-B099-6314C0872BB9}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B49C6AEE-C030-4A56-B92A-E17ED6247AEC}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe |
"UDP Query User{D2B2ACBE-110A-45A5-87CC-473F70F1BA22}C:\users\***\desktop\eclipse-jee-juno-sr1-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\eclipse-jee-juno-sr1-win32\eclipse\eclipse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1E91951D-0114-4692-8F55-F95E1B2F3542}" = SlimDrivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{2BF9702B-52EE-4841-83C4-B5E640B6C97A}" = Media Go
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1" = DriverIdentifier 4.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C78E7B2-AE8C-492E-8A97-BA6A641C616B}" = Enterprise Architect 10 - 30 Day Trial Edition
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EB84CEC-6819-4E51-9E32-C756835637B0}" = PlayMemories Home
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1" = StudNET Login Client
"{A4F094CE-9B05-FB0C-DD73-A85DE5D8D283}" = Media Go Video Playback Engine 1.92.169.06150
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.2.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{EBC147FC-1A82-448F-AE35-914AF96194C6}" = Oracle VM VirtualBox 4.2.4
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1D70D18-6CDC-4839-A01B-660D19CA3A5E}" = iSpy
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter 5_is1" = Any Video Converter 5 5.0.2
"AnyDVD" = AnyDVD
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"Connectify" = Connectify Hotspot
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"EAGLE 5.1.0" = EAGLE 5.1.0
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.6.0.2
"Foxit Reader_is1" = Foxit Reader
"Gordon's Gate Flash Driver" = Gordon's Gate Flash Driver 2.2.0.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"IrfanView" = IrfanView (remove only)
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MiniLyrics" = MiniLyrics
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Omnius for SE" = Omnius for SE v1.38
"Opera 12.12.1707" = Opera 12.12
"Trillian" = Trillian
"TVWiz" = Intel(R) TV Wizard
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 2.0.5
"VSO Inspector_is1" = VSO Inspector 2.0.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3983005813-3181968773-4197894644-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.02.2013 20:07:35 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Trillian\plugins\ingame\ingame_64.exe".
Die
abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.02.2013 20:08:17 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\anno
1701\Tools\Tages\DrvSetup_x64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.02.2013 22:15:28 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Trillian\plugins\ingame\ingame_64.exe".
Die
abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.02.2013 22:16:44 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\anno
1701\Tools\Tages\DrvSetup_x64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.02.2013 22:17:00 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Sony\sony
pc companion\Drivers\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.02.2013 08:44:52 | Computer Name = ***-PC | Source = VSS | ID = 12310
Description =
Error - 03.02.2013 08:44:52 | Computer Name = ***-PC | Source = VSS | ID = 12298
Description =
Error - 03.02.2013 17:16:36 | Computer Name = ***-PC | Source = Windows Backup | ID = 4103
Description =
Error - 04.02.2013 10:10:20 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707,
Zeitstempel: 0x509be8bf Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b60 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00052cc7 ID des fehlerhaften
Prozesses: 0xb5c Startzeit der fehlerhaften Anwendung: 0x01ce02e0b2bb6530 Pfad der
fehlerhaften Anwendung: C:\Users\***\Desktop\aswMBR.exe Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 9b8ebbb0-6ed4-11e2-baa5-0017c4a9b538
Error - 04.02.2013 11:23:21 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm trillian.exe, Version 5.3.0.14 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 90 Startzeit: 01ce02e9dab859f4
Endzeit:
32 Anwendungspfad: C:\Program Files\Trillian\trillian.exe Berichts-ID: c584cf85-6ede-11e2-bdfa-0017c4a9b538
[ System Events ]
Error - 04.02.2013 08:47:25 | Computer Name = ***-PC | Source = volsnap | ID = 393241
Description = Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher
nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern
oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird,
auswählen.
Error - 04.02.2013 08:47:49 | Computer Name = ***-PC | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 04.02.2013 08:47:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 04.02.2013 10:40:46 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Connectify" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt:
Restart the service.
Error - 04.02.2013 10:40:50 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 04.02.2013 10:42:42 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Connectify" wurde unerwartet beendet. Dies ist bereits
2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt:
Restart the service.
Error - 04.02.2013 10:46:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 04.02.2013 10:47:55 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Connectify" wurde unerwartet beendet. Dies ist bereits
3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt:
Restart the service.
Error - 04.02.2013 10:49:23 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Connectify" wurde unerwartet beendet. Dies ist bereits
4 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt:
Restart the service.
Error - 04.02.2013 10:52:09 | Computer Name = ***-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?04.?02.?2013 um 15:50:29 unerwartet heruntergefahren.
< End of report >
|
|
04.02.2013, 21:16
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox hat hohe CPU-AuslastungFixen mit OTL
Code:
ATTFilter :OTL
SRV - (ASSMEAEJI) -- C:\Users\***\AppData\Local\Temp\ASSMEAEJI.exe File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (Nbdrv) -- system32\DRIVERS\nbdrv.sys File not found
DRV - (kbeepm) -- C:\Users\***\AppData\Local\Temp\kbeepm.sys File not found
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.02.2013, 21:33
| #15 |
| | Firefox hat hohe CPU-AuslastungCode:
ATTFilter All processes killed
========== OTL ==========
Service ASSMEAEJI stopped successfully!
Service ASSMEAEJI deleted successfully!
File C:\Users\***\AppData\Local\Temp\ASSMEAEJI.exe File not found not found.
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys File not found not found.
Service Nbdrv stopped successfully!
Service Nbdrv deleted successfully!
File system32\DRIVERS\nbdrv.sys File not found not found.
Service kbeepm stopped successfully!
Service kbeepm deleted successfully!
File C:\Users\***\AppData\Local\Temp\kbeepm.sys File not found not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ***
->Temp folder emptied: 14789605 bytes
->Temporary Internet Files folder emptied: 117466 bytes
->Java cache emptied: 1383808 bytes
->FireFox cache emptied: 432030997 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 546 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 50477 bytes
Total Files Cleaned = 428,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 02042013_212617
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
| Themen zu Firefox hat hohe CPU-Auslastung |
| anderes, anzeige, anzeigen, aufrufe, community, cpu-auslastung, einfach, einzelne, einzelnen, firefox, hohe, merkwürdig, minimiert, natürlich, plötzlich, problem, prozesse, rechner, schonmal, schädliches, sinkt, steigt, systemwiederherstellung, systemwiederherstellung gemacht, taskmanager, taskmanger, verursacht |
Textbox. 
Linear-Darstellung
