| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC geht bei Internetnutzung ausWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.03.2013, 21:07
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  PC geht bei Internetnutzung aus Was ist am Entpacken denn so schwierig? 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.03.2013, 21:20
| #17 |
 | PC geht bei Internetnutzung ausCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
v0000.00.00.00
Windows 7 Service Pack 1 x64 NTFS
9.0.8112.16421
Therese :: THERESE-PC
05.03.2013 21:05:15
mbar-log-2013-03-05 (21-05-15).txt
22362
1 , 8
0
0
0
0
0
0
0
|
|
06.03.2013, 11:15
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung aus Was du gepostet hast ist Müll, unbrauchbar
__________________ Poste die Logs bitte richtig!
__________________ |
|
07.03.2013, 10:18
| #19 |
| | PC geht bei Internetnutzung aus Hey, ich habe jetzt Malware nochmal gelöscht und neu heruntergeladen. Aber es kam wieder das Selbe. Ich konnte keinen Cleanup Button drücken... Es kam nur: Scan finished, no Malware found... Mach ich irgendwas falsch? Ich habe mich genau an die Anleitung gehalten... Ich schicke nochmal das letzte Ergebnis Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.07.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Therese :: THERESE-PC [administrator]
07.03.2013 10:10:47
mbar-log-2013-03-07 (10-10-47).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31143
Time elapsed: 10 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
07.03.2013, 11:45
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung aus aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 09:54
| #21 |
| | PC geht bei Internetnutzung aus Also ich habe irgendwie bei beiden Probleme mit dem Speichern. Habe es jetzt schon mehrmals versucht, aber es klappt irgendwie nicht... beim aswMBR speichere ich es immer auf dem Desktop, aber wenn ich es aufrufen will, ist es nicht zu finden. Wenn ich es über den Startbutton suche, findet er es auch, zeigt aber immer an, dass die Verknüpfung fehlt. Beim TDSS-Killer ist es ähnlich, nur gibt es keine Option mit Skip... und wenn ich den Log öffne, kann ich ihn nicht kopieren. Er hat aber beim TDSS keine Funde angezeigt... Kannst du mir vielleicht sagen, was ich falsch mache? Danke |
|
08.03.2013, 10:59
| #22 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung ausZitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 11:30
| #23 |
| | PC geht bei Internetnutzung ausCode:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-08 11:21:18
-----------------------------
11:21:18.162 OS Version: Windows x64 6.1.7601 Service Pack 1
11:21:18.162 Number of processors: 4 586 0x2A07
11:21:18.162 ComputerName: THERESE-PC UserName: Therese
11:21:20.096 Initialize success
11:21:30.345 AVAST engine defs: 13030700
11:21:33.138 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:21:33.138 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
11:21:33.153 Disk 0 MBR read successfully
11:21:33.153 Disk 0 MBR scan
11:21:33.169 Disk 0 Windows 7 default MBR code
11:21:33.169 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
11:21:33.185 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
11:21:33.216 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461838 MB offset 30926848
11:21:33.247 Disk 0 scanning C:\windows\system32\drivers
11:21:46.757 Service scanning
11:22:09.580 Modules scanning
11:22:09.595 Disk 0 trace - called modules:
11:22:09.611 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
11:22:09.611 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006319060]
11:22:09.611 3 CLASSPNP.SYS[fffff8800123b43f] -> nt!IofCallDriver -> [0xfffffa80061accb0]
11:22:09.626 5 stdcfltn.sys[fffff88001684c52] -> nt!IofCallDriver -> [0xfffffa800443ce40]
11:22:09.626 7 ACPI.sys[fffff88000f057a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004463050]
11:22:10.843 AVAST engine scan C:\windows
11:22:14.213 AVAST engine scan C:\windows\system32
11:26:00.257 AVAST engine scan C:\windows\system32\drivers
11:26:11.489 AVAST engine scan C:\Users\Therese
11:26:51.893 AVAST engine scan C:\ProgramData
11:28:29.471 Scan finished successfully
11:29:16.225 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
11:29:16.225 The log file has been saved successfully to "C:\aswMBR.txt"
Code:
ATTFilter 9:34:16.0418 5736 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:34:17.0806 5736 ============================================================
09:34:17.0806 5736 Current date / time: 2013/03/08 09:34:17.0806
09:34:17.0806 5736 SystemInfo:
09:34:17.0806 5736
09:34:17.0806 5736 OS Version: 6.1.7601 ServicePack: 1.0
09:34:17.0806 5736 Product type: Workstation
09:34:17.0806 5736 ComputerName: THERESE-PC
09:34:17.0806 5736 UserName: Therese
09:34:17.0806 5736 Windows directory: C:\windows
09:34:17.0806 5736 System windows directory: C:\windows
09:34:17.0806 5736 Running under WOW64
09:34:17.0806 5736 Processor architecture: Intel x64
09:34:17.0806 5736 Number of processors: 4
09:34:17.0806 5736 Page size: 0x1000
09:34:17.0806 5736 Boot type: Normal boot
09:34:17.0806 5736 ============================================================
09:34:18.0883 5736 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:34:18.0883 5736 ============================================================
09:34:18.0883 5736 \Device\Harddisk0\DR0:
09:34:18.0883 5736 MBR partitions:
09:34:18.0883 5736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
09:34:18.0883 5736 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
09:34:18.0883 5736 ============================================================
09:34:18.0914 5736 C: <-> \Device\Harddisk0\DR0\Partition2
09:34:18.0914 5736 ============================================================
09:34:18.0914 5736 Initialize success
09:34:18.0914 5736 ============================================================
09:34:24.0904 5872 ============================================================
09:34:24.0904 5872 Scan started
09:34:24.0904 5872 Mode: Manual; SigCheck; TDLFS;
09:34:24.0904 5872 ============================================================
09:34:26.0433 5872 ================ Scan system memory ========================
09:34:26.0433 5872 System memory - ok
09:34:26.0433 5872 ================ Scan services =============================
09:34:26.0885 5872 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
09:34:35.0403 5872 1394ohci - ok
09:34:35.0435 5872 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\windows\system32\DRIVERS\Accelern.sys
09:34:35.0528 5872 Acceler - ok
09:34:35.0575 5872 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
09:34:35.0669 5872 ACPI - ok
09:34:35.0715 5872 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
09:34:35.0825 5872 AcpiPmi - ok
09:34:35.0949 5872 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:34:35.0996 5872 AdobeARMservice - ok
09:34:36.0105 5872 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:34:36.0168 5872 AdobeFlashPlayerUpdateSvc - ok
09:34:36.0199 5872 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
09:34:36.0261 5872 adp94xx - ok
09:34:36.0277 5872 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
09:34:36.0308 5872 adpahci - ok
09:34:36.0324 5872 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
09:34:36.0339 5872 adpu320 - ok
09:34:36.0371 5872 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
09:34:36.0527 5872 AeLookupSvc - ok
09:34:36.0589 5872 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
09:34:36.0667 5872 AESTFilters - ok
09:34:36.0714 5872 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
09:34:36.0792 5872 AFD - ok
09:34:36.0807 5872 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
09:34:36.0839 5872 agp440 - ok
09:34:36.0854 5872 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
09:34:36.0917 5872 ALG - ok
09:34:36.0932 5872 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
09:34:36.0948 5872 aliide - ok
09:34:36.0979 5872 [ E6CE56BE2C8BFF7464554629829A1271 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
09:34:37.0088 5872 AMD External Events Utility - ok
09:34:37.0104 5872 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
09:34:37.0119 5872 amdide - ok
09:34:37.0119 5872 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
09:34:37.0151 5872 AmdK8 - ok
09:34:37.0322 5872 [ E3CC08F03C55A284FBFD79071822DF43 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
09:34:37.0603 5872 amdkmdag - ok
09:34:37.0650 5872 [ F8976E22AFD861CF67B6E2D3B4995CDB ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
09:34:37.0712 5872 amdkmdap - ok
09:34:37.0743 5872 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
09:34:37.0775 5872 AmdPPM - ok
09:34:37.0790 5872 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
09:34:37.0806 5872 amdsata - ok
09:34:37.0821 5872 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
09:34:37.0837 5872 amdsbs - ok
09:34:37.0853 5872 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
09:34:37.0868 5872 amdxata - ok
09:34:37.0946 5872 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:34:38.0024 5872 AntiVirSchedulerService - ok
09:34:38.0040 5872 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:34:38.0055 5872 AntiVirService - ok
09:34:38.0102 5872 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
09:34:38.0133 5872 ApfiltrService - ok
09:34:38.0149 5872 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
09:34:38.0321 5872 AppID - ok
09:34:38.0336 5872 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
09:34:38.0399 5872 AppIDSvc - ok
09:34:38.0414 5872 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
09:34:38.0477 5872 Appinfo - ok
09:34:38.0523 5872 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
09:34:38.0586 5872 AppMgmt - ok
09:34:38.0601 5872 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
09:34:38.0617 5872 arc - ok
09:34:38.0633 5872 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
09:34:38.0648 5872 arcsas - ok
09:34:38.0726 5872 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:34:38.0773 5872 aspnet_state - ok
09:34:38.0804 5872 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
09:34:38.0882 5872 AsyncMac - ok
09:34:38.0882 5872 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
09:34:38.0898 5872 atapi - ok
09:34:38.0929 5872 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
09:34:38.0929 5872 AthBTPort - ok
09:34:38.0976 5872 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
09:34:39.0007 5872 Atheros Bt&Wlan Coex Agent - ok
09:34:39.0023 5872 [ 44FB485B94A8332D877F659366CEDBC8 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
09:34:39.0038 5872 AtherosSvc - ok
09:34:39.0116 5872 [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] athr C:\windows\system32\DRIVERS\athrx.sys
09:34:39.0225 5872 athr - ok
09:34:39.0303 5872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:34:39.0413 5872 AudioEndpointBuilder - ok
09:34:39.0428 5872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
09:34:39.0459 5872 AudioSrv - ok
09:34:39.0506 5872 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
09:34:39.0553 5872 avgntflt - ok
09:34:39.0553 5872 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
09:34:39.0569 5872 avipbb - ok
09:34:39.0584 5872 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
09:34:39.0600 5872 avkmgr - ok
09:34:39.0615 5872 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
09:34:39.0725 5872 AxInstSV - ok
09:34:39.0740 5872 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
09:34:39.0818 5872 b06bdrv - ok
09:34:39.0849 5872 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
09:34:39.0927 5872 b57nd60a - ok
09:34:40.0037 5872 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
09:34:40.0083 5872 BBSvc - ok
09:34:40.0130 5872 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
09:34:40.0193 5872 BBUpdate - ok
09:34:40.0193 5872 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
09:34:40.0255 5872 BDESVC - ok
09:34:40.0286 5872 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
09:34:40.0349 5872 Beep - ok
09:34:40.0395 5872 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
09:34:40.0489 5872 BFE - ok
09:34:40.0520 5872 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
09:34:40.0583 5872 BITS - ok
09:34:40.0614 5872 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
09:34:40.0629 5872 blbdrive - ok
09:34:40.0661 5872 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
09:34:40.0723 5872 bowser - ok
09:34:40.0739 5872 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
09:34:40.0785 5872 BrFiltLo - ok
09:34:40.0801 5872 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
09:34:40.0817 5872 BrFiltUp - ok
09:34:40.0848 5872 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
09:34:40.0926 5872 Browser - ok
09:34:40.0941 5872 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
09:34:41.0004 5872 Brserid - ok
09:34:41.0019 5872 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
09:34:41.0051 5872 BrSerWdm - ok
09:34:41.0066 5872 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
09:34:41.0082 5872 BrUsbMdm - ok
09:34:41.0097 5872 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
09:34:41.0097 5872 BrUsbSer - ok
09:34:41.0129 5872 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
09:34:41.0175 5872 BTATH_A2DP - ok
09:34:41.0207 5872 [ A9DF22429E8D69ED849B0BBBE16BD327 ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
09:34:41.0222 5872 BTATH_BUS - ok
09:34:41.0253 5872 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
09:34:41.0269 5872 BTATH_HCRP - ok
09:34:41.0285 5872 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
09:34:41.0300 5872 BTATH_LWFLT - ok
09:34:41.0300 5872 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
09:34:41.0316 5872 BTATH_RCP - ok
09:34:41.0347 5872 [ FF59EE1DDAC776246F43BF434194650F ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
09:34:41.0363 5872 BtFilter - ok
09:34:41.0394 5872 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
09:34:41.0456 5872 BthEnum - ok
09:34:41.0472 5872 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
09:34:41.0534 5872 BTHMODEM - ok
09:34:41.0550 5872 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
09:34:41.0612 5872 BthPan - ok
09:34:41.0643 5872 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
09:34:41.0737 5872 BTHPORT - ok
09:34:41.0768 5872 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
09:34:41.0831 5872 bthserv - ok
09:34:41.0846 5872 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
09:34:41.0877 5872 BTHUSB - ok
09:34:41.0877 5872 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
09:34:41.0940 5872 cdfs - ok
09:34:41.0955 5872 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
09:34:41.0987 5872 cdrom - ok
09:34:42.0018 5872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
09:34:42.0096 5872 CertPropSvc - ok
09:34:42.0096 5872 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
09:34:42.0127 5872 circlass - ok
09:34:42.0158 5872 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
09:34:42.0205 5872 CLFS - ok
09:34:42.0252 5872 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:34:42.0283 5872 clr_optimization_v2.0.50727_32 - ok
09:34:42.0314 5872 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:34:42.0361 5872 clr_optimization_v2.0.50727_64 - ok
09:34:42.0423 5872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:34:42.0517 5872 clr_optimization_v4.0.30319_32 - ok
09:34:42.0533 5872 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:34:42.0548 5872 clr_optimization_v4.0.30319_64 - ok
09:34:42.0564 5872 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
09:34:42.0611 5872 CmBatt - ok
09:34:42.0626 5872 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
09:34:42.0642 5872 cmdide - ok
09:34:42.0673 5872 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
09:34:42.0720 5872 CNG - ok
09:34:42.0735 5872 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
09:34:42.0735 5872 Compbatt - ok
09:34:42.0751 5872 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
09:34:42.0782 5872 CompositeBus - ok
09:34:42.0782 5872 COMSysApp - ok
09:34:42.0813 5872 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
09:34:42.0813 5872 crcdisk - ok
09:34:42.0845 5872 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
09:34:42.0891 5872 CryptSvc - ok
09:34:42.0938 5872 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
09:34:43.0032 5872 CSC - ok
09:34:43.0047 5872 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
09:34:43.0110 5872 CscService - ok
09:34:43.0157 5872 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
09:34:43.0219 5872 CtClsFlt - ok
09:34:43.0328 5872 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:34:43.0359 5872 cvhsvc - ok
09:34:43.0375 5872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
09:34:43.0422 5872 DcomLaunch - ok
09:34:43.0453 5872 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
09:34:43.0515 5872 defragsvc - ok
09:34:43.0547 5872 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
09:34:43.0609 5872 DfsC - ok
09:34:43.0640 5872 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
09:34:43.0734 5872 Dhcp - ok
09:34:43.0734 5872 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
09:34:43.0796 5872 discache - ok
09:34:43.0827 5872 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
09:34:43.0827 5872 Disk - ok
09:34:43.0843 5872 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\windows\system32\drivers\dmvsc.sys
09:34:43.0905 5872 dmvsc - ok
09:34:43.0921 5872 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
09:34:43.0999 5872 Dnscache - ok
09:34:44.0015 5872 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
09:34:44.0093 5872 dot3svc - ok
09:34:44.0155 5872 [ C43618154FC0C8480F53B04BA7A2F371 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
09:34:44.0202 5872 DpHost - ok
09:34:44.0233 5872 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
09:34:44.0295 5872 DPS - ok
09:34:44.0327 5872 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
09:34:44.0358 5872 drmkaud - ok
09:34:44.0405 5872 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
09:34:44.0451 5872 DXGKrnl - ok
09:34:44.0483 5872 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
09:34:44.0514 5872 EapHost - ok
09:34:44.0592 5872 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
09:34:44.0763 5872 ebdrv - ok
09:34:44.0795 5872 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
09:34:44.0873 5872 EFS - ok
09:34:44.0904 5872 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
09:34:44.0982 5872 ehRecvr - ok
09:34:44.0997 5872 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
09:34:45.0044 5872 ehSched - ok
09:34:45.0091 5872 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
09:34:45.0138 5872 elxstor - ok
09:34:45.0138 5872 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
09:34:45.0169 5872 ErrDev - ok
09:34:45.0263 5872 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
09:34:45.0325 5872 EventSystem - ok
09:34:45.0372 5872 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
09:34:45.0403 5872 exfat - ok
09:34:45.0434 5872 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
09:34:45.0590 5872 fastfat - ok
09:34:45.0933 5872 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
09:34:45.0980 5872 Fax - ok
09:34:46.0011 5872 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
09:34:46.0027 5872 fdc - ok
09:34:46.0089 5872 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
09:34:46.0183 5872 fdPHost - ok
09:34:46.0183 5872 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
09:34:46.0230 5872 FDResPub - ok
09:34:46.0245 5872 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
09:34:46.0261 5872 FileInfo - ok
09:34:46.0277 5872 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
09:34:46.0308 5872 Filetrace - ok
09:34:46.0308 5872 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
09:34:46.0323 5872 flpydisk - ok
09:34:46.0339 5872 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
09:34:46.0370 5872 FltMgr - ok
09:34:46.0417 5872 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
09:34:46.0511 5872 FontCache - ok
09:34:46.0557 5872 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:34:46.0573 5872 FontCache3.0.0.0 - ok
09:34:46.0604 5872 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
09:34:46.0635 5872 FsDepends - ok
09:34:46.0651 5872 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
09:34:46.0682 5872 Fs_Rec - ok
09:34:46.0729 5872 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
09:34:46.0791 5872 fvevol - ok
09:34:46.0807 5872 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
09:34:46.0823 5872 gagp30kx - ok
09:34:46.0916 5872 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
09:34:46.0994 5872 gpsvc - ok
09:34:47.0041 5872 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:34:47.0088 5872 gupdate - ok
09:34:47.0103 5872 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:34:47.0119 5872 gupdatem - ok
09:34:47.0166 5872 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:34:47.0228 5872 gusvc - ok
09:34:47.0244 5872 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
09:34:47.0291 5872 hcw85cir - ok
09:34:47.0322 5872 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:34:47.0415 5872 HdAudAddService - ok
09:34:47.0431 5872 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
09:34:47.0462 5872 HDAudBus - ok
09:34:47.0462 5872 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
09:34:47.0478 5872 HidBatt - ok
09:34:47.0493 5872 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
09:34:47.0509 5872 HidBth - ok
09:34:47.0525 5872 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
09:34:47.0540 5872 HidIr - ok
09:34:47.0556 5872 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
09:34:47.0634 5872 hidserv - ok
09:34:47.0665 5872 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
09:34:47.0681 5872 HidUsb - ok
09:34:47.0696 5872 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
09:34:47.0759 5872 hkmsvc - ok
09:34:47.0790 5872 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:34:47.0868 5872 HomeGroupListener - ok
09:34:47.0930 5872 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:34:47.0993 5872 HomeGroupProvider - ok
09:34:48.0008 5872 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
09:34:48.0055 5872 HpSAMD - ok
09:34:48.0071 5872 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
09:34:48.0164 5872 HTTP - ok
09:34:48.0180 5872 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
09:34:48.0195 5872 hwpolicy - ok
09:34:48.0211 5872 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
09:34:48.0227 5872 i8042prt - ok
09:34:48.0242 5872 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
09:34:48.0289 5872 iaStor - ok
09:34:48.0367 5872 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:34:48.0398 5872 IAStorDataMgrSvc - ok
09:34:48.0429 5872 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
09:34:48.0445 5872 iaStorV - ok
09:34:48.0476 5872 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:34:48.0539 5872 idsvc - ok
09:34:48.0539 5872 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
09:34:48.0554 5872 iirsp - ok
09:34:48.0585 5872 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
09:34:48.0695 5872 IKEEXT - ok
09:34:48.0741 5872 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
09:34:48.0804 5872 IntcDAud - ok
09:34:48.0804 5872 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
09:34:48.0819 5872 intelide - ok
09:34:49.0053 5872 [ 174BCAC474DE13B2650E444CF124828E ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
09:34:49.0397 5872 intelkmd - ok
09:34:49.0412 5872 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
09:34:49.0443 5872 intelppm - ok
09:34:49.0459 5872 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
09:34:49.0584 5872 IPBusEnum - ok
09:34:49.0615 5872 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
09:34:49.0677 5872 IpFilterDriver - ok
09:34:49.0740 5872 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
09:34:49.0849 5872 iphlpsvc - ok
09:34:49.0849 5872 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
09:34:49.0880 5872 IPMIDRV - ok
09:34:49.0896 5872 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
09:34:49.0927 5872 IPNAT - ok
09:34:49.0958 5872 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
09:34:50.0005 5872 IRENUM - ok
09:34:50.0005 5872 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
09:34:50.0021 5872 isapnp - ok
09:34:50.0036 5872 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
09:34:50.0052 5872 iScsiPrt - ok
09:34:50.0067 5872 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
09:34:50.0083 5872 kbdclass - ok
09:34:50.0083 5872 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
09:34:50.0114 5872 kbdhid - ok
09:34:50.0130 5872 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
09:34:50.0130 5872 KeyIso - ok
09:34:50.0161 5872 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
09:34:50.0177 5872 KSecDD - ok
09:34:50.0192 5872 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
09:34:50.0223 5872 KSecPkg - ok
09:34:50.0223 5872 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
09:34:50.0270 5872 ksthunk - ok
09:34:50.0301 5872 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
09:34:50.0364 5872 KtmRm - ok
09:34:50.0395 5872 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
09:34:50.0489 5872 LanmanServer - ok
09:34:50.0504 5872 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:34:50.0535 5872 LanmanWorkstation - ok
09:34:50.0567 5872 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
09:34:50.0613 5872 lltdio - ok
09:34:50.0629 5872 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
09:34:50.0660 5872 lltdsvc - ok
09:34:50.0676 5872 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
09:34:50.0723 5872 lmhosts - ok
09:34:50.0785 5872 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:34:50.0816 5872 LMS - ok
09:34:50.0847 5872 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
09:34:50.0863 5872 LSI_FC - ok
09:34:50.0863 5872 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
09:34:50.0879 5872 LSI_SAS - ok
09:34:50.0879 5872 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
09:34:50.0894 5872 LSI_SAS2 - ok
09:34:50.0894 5872 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
09:34:50.0910 5872 LSI_SCSI - ok
09:34:50.0925 5872 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
09:34:50.0957 5872 luafv - ok
09:34:51.0003 5872 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
09:34:51.0035 5872 Mcx2Svc - ok
09:34:51.0050 5872 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
09:34:51.0050 5872 megasas - ok
09:34:51.0066 5872 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
09:34:51.0097 5872 MegaSR - ok
09:34:51.0113 5872 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
09:34:51.0113 5872 MEIx64 - ok
09:34:51.0144 5872 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
09:34:51.0206 5872 MMCSS - ok
09:34:51.0222 5872 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
09:34:51.0269 5872 Modem - ok
09:34:51.0300 5872 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
09:34:51.0347 5872 monitor - ok
09:34:51.0362 5872 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
09:34:51.0362 5872 mouclass - ok
09:34:51.0378 5872 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
09:34:51.0409 5872 mouhid - ok
09:34:51.0425 5872 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
09:34:51.0440 5872 mountmgr - ok
09:34:51.0503 5872 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:34:51.0549 5872 MozillaMaintenance - ok
09:34:51.0565 5872 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
09:34:51.0581 5872 mpio - ok
09:34:51.0581 5872 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
09:34:51.0612 5872 mpsdrv - ok
09:34:51.0659 5872 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
09:34:51.0705 5872 MpsSvc - ok
09:34:51.0721 5872 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
09:34:51.0752 5872 MRxDAV - ok
09:34:51.0768 5872 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
09:34:51.0815 5872 mrxsmb - ok
09:34:51.0846 5872 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
09:34:51.0908 5872 mrxsmb10 - ok
09:34:51.0939 5872 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
09:34:51.0955 5872 mrxsmb20 - ok
09:34:51.0971 5872 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
09:34:52.0002 5872 msahci - ok
09:34:52.0002 5872 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
09:34:52.0017 5872 msdsm - ok
09:34:52.0033 5872 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
09:34:52.0064 5872 MSDTC - ok
09:34:52.0080 5872 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
09:34:52.0111 5872 Msfs - ok
09:34:52.0127 5872 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
09:34:52.0158 5872 mshidkmdf - ok
09:34:52.0173 5872 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
09:34:52.0189 5872 msisadrv - ok
09:34:52.0205 5872 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
09:34:52.0236 5872 MSiSCSI - ok
09:34:52.0251 5872 msiserver - ok
09:34:52.0267 5872 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
09:34:52.0329 5872 MSKSSRV - ok
09:34:52.0345 5872 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
09:34:52.0376 5872 MSPCLOCK - ok
09:34:52.0376 5872 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
09:34:52.0407 5872 MSPQM - ok
09:34:52.0423 5872 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
09:34:52.0439 5872 MsRPC - ok
09:34:52.0454 5872 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
09:34:52.0470 5872 mssmbios - ok
09:34:52.0485 5872 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
09:34:52.0517 5872 MSTEE - ok
09:34:52.0517 5872 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
09:34:52.0532 5872 MTConfig - ok
09:34:52.0548 5872 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
09:34:52.0548 5872 Mup - ok
09:34:52.0595 5872 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
09:34:52.0673 5872 napagent - ok
09:34:52.0704 5872 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
09:34:52.0766 5872 NativeWifiP - ok
09:34:52.0797 5872 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
09:34:52.0907 5872 NDIS - ok
09:34:52.0922 5872 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
09:34:52.0953 5872 NdisCap - ok
09:34:52.0969 5872 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
09:34:53.0000 5872 NdisTapi - ok
09:34:53.0031 5872 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
09:34:53.0078 5872 Ndisuio - ok
09:34:53.0094 5872 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
09:34:53.0125 5872 NdisWan - ok
09:34:53.0156 5872 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
09:34:53.0187 5872 NDProxy - ok
09:34:53.0187 5872 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
09:34:53.0250 5872 NetBIOS - ok
09:34:53.0265 5872 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
09:34:53.0297 5872 NetBT - ok
09:34:53.0312 5872 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
09:34:53.0312 5872 Netlogon - ok
09:34:53.0343 5872 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
09:34:53.0406 5872 Netman - ok
09:34:53.0421 5872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:53.0484 5872 NetMsmqActivator - ok
09:34:53.0484 5872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:53.0484 5872 NetPipeActivator - ok
09:34:53.0499 5872 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
09:34:53.0546 5872 netprofm - ok
09:34:53.0546 5872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:53.0562 5872 NetTcpActivator - ok
09:34:53.0562 5872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:34:53.0562 5872 NetTcpPortSharing - ok
09:34:53.0577 5872 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
09:34:53.0593 5872 nfrd960 - ok
09:34:53.0609 5872 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
09:34:53.0687 5872 NlaSvc - ok
09:34:53.0702 5872 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
09:34:53.0780 5872 Npfs - ok
09:34:53.0796 5872 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
09:34:53.0827 5872 nsi - ok
09:34:53.0843 5872 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
09:34:53.0874 5872 nsiproxy - ok
09:34:53.0921 5872 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
09:34:54.0030 5872 Ntfs - ok
09:34:54.0030 5872 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
09:34:54.0061 5872 Null - ok
09:34:54.0092 5872 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
09:34:54.0123 5872 nusb3hub - ok
09:34:54.0139 5872 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
09:34:54.0186 5872 nusb3xhc - ok
09:34:54.0233 5872 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
09:34:54.0264 5872 nvraid - ok
09:34:54.0279 5872 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
09:34:54.0295 5872 nvstor - ok
09:34:54.0295 5872 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
09:34:54.0311 5872 nv_agp - ok
09:34:54.0357 5872 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:34:54.0420 5872 odserv - ok
09:34:54.0435 5872 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
09:34:54.0451 5872 ohci1394 - ok
09:34:54.0467 5872 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:34:54.0482 5872 ose - ok
09:34:54.0623 5872 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:34:54.0841 5872 osppsvc - ok
09:34:54.0872 5872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
09:34:54.0935 5872 p2pimsvc - ok
09:34:54.0966 5872 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
09:34:55.0013 5872 p2psvc - ok
09:34:55.0013 5872 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
09:34:55.0028 5872 Parport - ok
09:34:55.0059 5872 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
09:34:55.0091 5872 partmgr - ok
09:34:55.0106 5872 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
09:34:55.0169 5872 PcaSvc - ok
09:34:55.0215 5872 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
09:34:55.0262 5872 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
09:34:55.0278 5872 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
09:34:55.0293 5872 pci - ok
09:34:55.0293 5872 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
09:34:55.0309 5872 pciide - ok
09:34:55.0325 5872 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
09:34:55.0340 5872 pcmcia - ok
09:34:55.0356 5872 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
09:34:55.0371 5872 pcw - ok
09:34:55.0403 5872 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
09:34:55.0481 5872 PEAUTH - ok
09:34:55.0527 5872 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
09:34:55.0605 5872 PeerDistSvc - ok
09:34:55.0699 5872 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
09:34:55.0746 5872 PerfHost - ok
09:34:55.0824 5872 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
09:34:55.0995 5872 pla - ok
09:34:56.0042 5872 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
09:34:56.0136 5872 PlugPlay - ok
09:34:56.0151 5872 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
09:34:56.0167 5872 PNRPAutoReg - ok
09:34:56.0198 5872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
09:34:56.0198 5872 PNRPsvc - ok
09:34:56.0261 5872 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
09:34:56.0354 5872 PolicyAgent - ok
09:34:56.0401 5872 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
09:34:56.0463 5872 Power - ok
09:34:56.0479 5872 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
09:34:56.0510 5872 PptpMiniport - ok
09:34:56.0526 5872 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
09:34:56.0557 5872 Processor - ok
09:34:56.0573 5872 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
09:34:56.0619 5872 ProfSvc - ok
09:34:56.0619 5872 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
09:34:56.0651 5872 ProtectedStorage - ok
09:34:56.0682 5872 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
09:34:56.0775 5872 Psched - ok
09:34:56.0807 5872 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
09:34:56.0838 5872 PxHlpa64 - ok
09:34:56.0885 5872 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
09:34:57.0009 5872 ql2300 - ok
09:34:57.0025 5872 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
09:34:57.0041 5872 ql40xx - ok
09:34:57.0056 5872 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
09:34:57.0087 5872 QWAVE - ok
09:34:57.0087 5872 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
09:34:57.0119 5872 QWAVEdrv - ok
09:34:57.0119 5872 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
09:34:57.0150 5872 RasAcd - ok
09:34:57.0197 5872 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
09:34:57.0243 5872 RasAgileVpn - ok
09:34:57.0259 5872 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
09:34:57.0337 5872 RasAuto - ok
09:34:57.0353 5872 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
09:34:57.0384 5872 Rasl2tp - ok
09:34:57.0399 5872 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
09:34:57.0446 5872 RasMan - ok
09:34:57.0462 5872 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
09:34:57.0509 5872 RasPppoe - ok
09:34:57.0524 5872 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
09:34:57.0571 5872 RasSstp - ok
09:34:57.0587 5872 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
09:34:57.0649 5872 rdbss - ok
09:34:57.0665 5872 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
09:34:57.0680 5872 rdpbus - ok
09:34:57.0711 5872 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
09:34:57.0743 5872 RDPCDD - ok
09:34:57.0758 5872 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
09:34:57.0789 5872 RDPDR - ok
09:34:57.0789 5872 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
09:34:57.0836 5872 RDPENCDD - ok
09:34:57.0836 5872 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
09:34:57.0867 5872 RDPREFMP - ok
09:34:57.0899 5872 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
09:34:57.0961 5872 RDPWD - ok
09:34:58.0023 5872 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
09:34:58.0070 5872 rdyboost - ok
09:34:58.0086 5872 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
09:34:58.0148 5872 RemoteAccess - ok
09:34:58.0148 5872 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
09:34:58.0179 5872 RemoteRegistry - ok
09:34:58.0195 5872 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
09:34:58.0257 5872 RFCOMM - ok
09:34:58.0320 5872 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:34:58.0398 5872 RoxMediaDB12OEM - ok
09:34:58.0445 5872 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:34:58.0476 5872 RoxWatch12 - ok
09:34:58.0491 5872 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
09:34:58.0585 5872 RpcEptMapper - ok
09:34:58.0601 5872 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
09:34:58.0647 5872 RpcLocator - ok
09:34:58.0679 5872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
09:34:58.0710 5872 RpcSs - ok
09:34:58.0725 5872 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
09:34:58.0757 5872 rspndr - ok
09:34:58.0803 5872 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
09:34:58.0850 5872 RSUSBSTOR - ok
09:34:58.0866 5872 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
09:34:58.0913 5872 RTL8167 - ok
09:34:58.0928 5872 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\windows\system32\drivers\vms3cap.sys
09:34:58.0959 5872 s3cap - ok
09:34:58.0975 5872 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
09:34:58.0991 5872 SamSs - ok
09:34:58.0991 5872 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
09:34:59.0006 5872 sbp2port - ok
09:34:59.0037 5872 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
09:34:59.0100 5872 SCardSvr - ok
09:34:59.0100 5872 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
09:34:59.0147 5872 scfilter - ok
09:34:59.0178 5872 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
09:34:59.0271 5872 Schedule - ok
09:34:59.0287 5872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
09:34:59.0318 5872 SCPolicySvc - ok
09:34:59.0334 5872 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
09:34:59.0365 5872 SDRSVC - ok
09:34:59.0381 5872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
09:34:59.0412 5872 secdrv - ok
09:34:59.0443 5872 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
09:34:59.0474 5872 seclogon - ok
09:34:59.0505 5872 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
09:34:59.0552 5872 SENS - ok
09:34:59.0568 5872 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
09:34:59.0599 5872 SensrSvc - ok
09:34:59.0599 5872 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
09:34:59.0630 5872 Serenum - ok
09:34:59.0630 5872 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
09:34:59.0677 5872 Serial - ok
09:34:59.0693 5872 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
09:34:59.0724 5872 sermouse - ok
09:34:59.0739 5872 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
09:34:59.0786 5872 SessionEnv - ok
09:34:59.0802 5872 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
09:34:59.0817 5872 sffdisk - ok
09:34:59.0833 5872 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
09:34:59.0849 5872 sffp_mmc - ok
09:34:59.0864 5872 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
09:34:59.0880 5872 sffp_sd - ok
09:34:59.0880 5872 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
09:34:59.0895 5872 sfloppy - ok
09:34:59.0927 5872 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
09:34:59.0942 5872 Sftfs - ok
09:34:59.0989 5872 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:35:00.0005 5872 sftlist - ok
09:35:00.0020 5872 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
09:35:00.0036 5872 Sftplay - ok
09:35:00.0036 5872 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
09:35:00.0051 5872 Sftredir - ok
09:35:00.0051 5872 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
09:35:00.0067 5872 Sftvol - ok
09:35:00.0083 5872 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:35:00.0098 5872 sftvsa - ok
09:35:00.0129 5872 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
09:35:00.0176 5872 SharedAccess - ok
09:35:00.0207 5872 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:35:00.0239 5872 ShellHWDetection - ok
09:35:00.0239 5872 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
09:35:00.0254 5872 SiSRaid2 - ok
09:35:00.0254 5872 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
09:35:00.0285 5872 SiSRaid4 - ok
09:35:00.0317 5872 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:35:00.0363 5872 SkypeUpdate - ok
09:35:00.0379 5872 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
09:35:00.0426 5872 Smb - ok
09:35:00.0441 5872 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
09:35:00.0457 5872 SNMPTRAP - ok
09:35:00.0473 5872 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
09:35:00.0488 5872 spldr - ok
09:35:00.0519 5872 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
09:35:00.0551 5872 Spooler - ok
09:35:00.0597 5872 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
09:35:00.0753 5872 sppsvc - ok
09:35:00.0769 5872 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
09:35:00.0800 5872 sppuinotify - ok
09:35:00.0816 5872 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
09:35:00.0863 5872 srv - ok
09:35:00.0863 5872 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
09:35:00.0909 5872 srv2 - ok
09:35:00.0941 5872 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
09:35:00.0956 5872 srvnet - ok
09:35:00.0972 5872 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
09:35:01.0003 5872 SSDPSRV - ok
09:35:01.0019 5872 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
09:35:01.0050 5872 SstpSvc - ok
09:35:01.0112 5872 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
09:35:01.0143 5872 STacSV - ok
09:35:01.0175 5872 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\windows\system32\DRIVERS\stdcfltn.sys
09:35:01.0175 5872 stdcfltn - ok
09:35:01.0206 5872 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
09:35:01.0206 5872 stexstor - ok
09:35:01.0237 5872 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
09:35:01.0299 5872 STHDA - ok
09:35:01.0346 5872 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
09:35:01.0455 5872 stisvc - ok
09:35:01.0487 5872 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:35:01.0533 5872 stllssvr - ok
09:35:01.0549 5872 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\windows\system32\drivers\vmstorfl.sys
09:35:01.0565 5872 storflt - ok
09:35:01.0580 5872 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
09:35:01.0611 5872 StorSvc - ok
09:35:01.0611 5872 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\windows\system32\drivers\storvsc.sys
09:35:01.0627 5872 storvsc - ok
09:35:01.0643 5872 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
09:35:01.0658 5872 swenum - ok
09:35:01.0658 5872 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
09:35:01.0767 5872 swprv - ok
09:35:01.0892 5872 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
09:35:01.0955 5872 SysMain - ok
09:35:01.0970 5872 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
09:35:01.0986 5872 TabletInputService - ok
09:35:02.0001 5872 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
09:35:02.0064 5872 TapiSrv - ok
09:35:02.0079 5872 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
09:35:02.0111 5872 TBS - ok
09:35:02.0173 5872 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
09:35:02.0298 5872 Tcpip - ok
09:35:02.0345 5872 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
09:35:02.0376 5872 TCPIP6 - ok
09:35:02.0391 5872 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
09:35:02.0407 5872 tcpipreg - ok
09:35:02.0423 5872 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
09:35:02.0469 5872 TDPIPE - ok
09:35:02.0485 5872 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
09:35:02.0501 5872 TDTCP - ok
09:35:02.0516 5872 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
09:35:02.0547 5872 tdx - ok
09:35:02.0563 5872 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
09:35:02.0579 5872 TermDD - ok
09:35:02.0594 5872 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
09:35:02.0703 5872 TermService - ok
09:35:02.0703 5872 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
09:35:02.0719 5872 Themes - ok
09:35:02.0750 5872 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
09:35:02.0766 5872 THREADORDER - ok
09:35:02.0781 5872 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
09:35:02.0859 5872 TrkWks - ok
09:35:02.0891 5872 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:35:02.0922 5872 TrustedInstaller - ok
09:35:02.0937 5872 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
09:35:02.0969 5872 tssecsrv - ok
09:35:02.0984 5872 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
09:35:03.0015 5872 TsUsbFlt - ok
09:35:03.0031 5872 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
09:35:03.0047 5872 TsUsbGD - ok
09:35:03.0078 5872 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
09:35:03.0140 5872 tunnel - ok
09:35:03.0171 5872 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
09:35:03.0187 5872 TurboB - ok
09:35:03.0218 5872 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:35:03.0265 5872 TurboBoost - ok
09:35:03.0265 5872 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
09:35:03.0281 5872 uagp35 - ok
09:35:03.0281 5872 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
09:35:03.0343 5872 udfs - ok
09:35:03.0359 5872 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
09:35:03.0405 5872 UI0Detect - ok
09:35:03.0405 5872 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
09:35:03.0421 5872 uliagpkx - ok
09:35:03.0437 5872 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
09:35:03.0483 5872 umbus - ok
09:35:03.0499 5872 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
09:35:03.0530 5872 UmPass - ok
09:35:03.0577 5872 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
09:35:03.0639 5872 UmRdpService - ok
09:35:03.0749 5872 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:35:03.0905 5872 UNS - ok
09:35:03.0920 5872 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
09:35:03.0983 5872 upnphost - ok
09:35:04.0014 5872 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
09:35:04.0076 5872 usbccgp - ok
09:35:04.0076 5872 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
09:35:04.0107 5872 usbcir - ok
09:35:04.0107 5872 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
09:35:04.0139 5872 usbehci - ok
09:35:04.0154 5872 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
09:35:04.0201 5872 usbhub - ok
09:35:04.0217 5872 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
09:35:04.0248 5872 usbohci - ok
09:35:04.0263 5872 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
09:35:04.0310 5872 usbprint - ok
09:35:04.0341 5872 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
09:35:04.0388 5872 usbscan - ok
09:35:04.0404 5872 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
09:35:04.0451 5872 USBSTOR - ok
09:35:04.0466 5872 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
09:35:04.0482 5872 usbuhci - ok
09:35:04.0513 5872 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
09:35:04.0560 5872 usbvideo - ok
09:35:04.0591 5872 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
09:35:04.0638 5872 UxSms - ok
09:35:04.0653 5872 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
09:35:04.0669 5872 VaultSvc - ok
09:35:04.0731 5872 [ 8C51E58D59CBF2639832484EC9ED8DDA ] vcsFPService C:\Windows\system32\vcsFPService.exe
09:35:04.0809 5872 vcsFPService - ok
09:35:04.0825 5872 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
09:35:04.0841 5872 vdrvroot - ok
09:35:04.0856 5872 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
09:35:04.0919 5872 vds - ok
09:35:04.0934 5872 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
09:35:04.0950 5872 vga - ok
09:35:04.0965 5872 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
09:35:04.0997 5872 VgaSave - ok
09:35:05.0028 5872 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
09:35:05.0043 5872 vhdmp - ok
09:35:05.0043 5872 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
09:35:05.0059 5872 viaide - ok
09:35:05.0090 5872 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\windows\system32\drivers\vmbus.sys
09:35:05.0106 5872 vmbus - ok
09:35:05.0121 5872 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
09:35:05.0168 5872 VMBusHID - ok
09:35:05.0184 5872 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
09:35:05.0199 5872 volmgr - ok
09:35:05.0215 5872 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
09:35:05.0246 5872 volmgrx - ok
09:35:05.0246 5872 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
09:35:05.0277 5872 volsnap - ok
09:35:05.0293 5872 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
09:35:05.0324 5872 vsmraid - ok
09:35:05.0355 5872 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
09:35:05.0418 5872 VSS - ok
09:35:05.0433 5872 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
09:35:05.0465 5872 vwifibus - ok
09:35:05.0496 5872 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
09:35:05.0543 5872 vwififlt - ok
09:35:05.0558 5872 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
09:35:05.0574 5872 vwifimp - ok
09:35:05.0589 5872 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
09:35:05.0683 5872 W32Time - ok
09:35:05.0683 5872 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
09:35:05.0730 5872 WacomPen - ok
09:35:05.0745 5872 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
09:35:05.0792 5872 WANARP - ok
09:35:05.0808 5872 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
09:35:05.0823 5872 Wanarpv6 - ok
09:35:05.0870 5872 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
09:35:05.0995 5872 wbengine - ok
09:35:06.0011 5872 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
09:35:06.0026 5872 WbioSrvc - ok
09:35:06.0042 5872 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
09:35:06.0073 5872 wcncsvc - ok
09:35:06.0089 5872 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:35:06.0135 5872 WcsPlugInService - ok
09:35:06.0151 5872 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
09:35:06.0167 5872 Wd - ok
09:35:06.0198 5872 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
09:35:06.0291 5872 Wdf01000 - ok
09:35:06.0307 5872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
09:35:06.0369 5872 WdiServiceHost - ok
09:35:06.0369 5872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
09:35:06.0385 5872 WdiSystemHost - ok
09:35:06.0416 5872 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
09:35:06.0463 5872 WebClient - ok
09:35:06.0479 5872 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
09:35:06.0510 5872 Wecsvc - ok
09:35:06.0525 5872 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
09:35:06.0557 5872 wercplsupport - ok
09:35:06.0557 5872 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
09:35:06.0603 5872 WerSvc - ok
09:35:06.0619 5872 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
09:35:06.0650 5872 WfpLwf - ok
09:35:06.0666 5872 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
09:35:06.0681 5872 WIMMount - ok
09:35:06.0681 5872 WinDefend - ok
09:35:06.0697 5872 WinHttpAutoProxySvc - ok
09:35:06.0744 5872 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
09:35:06.0791 5872 Winmgmt - ok
09:35:06.0853 5872 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
09:35:07.0009 5872 WinRM - ok
09:35:07.0040 5872 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
09:35:07.0103 5872 WinUSB - ok
09:35:07.0134 5872 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
09:35:07.0212 5872 Wlansvc - ok
09:35:07.0243 5872 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:35:07.0274 5872 wlcrasvc - ok
09:35:07.0368 5872 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:35:07.0446 5872 wlidsvc - ok
09:35:07.0461 5872 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
09:35:07.0477 5872 WmiAcpi - ok
09:35:07.0493 5872 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
09:35:07.0539 5872 wmiApSrv - ok
09:35:07.0571 5872 WMPNetworkSvc - ok
09:35:07.0586 5872 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
09:35:07.0602 5872 WPCSvc - ok
09:35:07.0617 5872 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
09:35:07.0664 5872 WPDBusEnum - ok
09:35:07.0680 5872 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
09:35:07.0727 5872 ws2ifsl - ok
09:35:07.0742 5872 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
09:35:07.0773 5872 wscsvc - ok
09:35:07.0773 5872 WSearch - ok
09:35:07.0851 5872 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
09:35:07.0992 5872 wuauserv - ok
09:35:08.0007 5872 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
09:35:08.0054 5872 WudfPf - ok
09:35:08.0085 5872 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
09:35:08.0101 5872 WUDFRd - ok
09:35:08.0117 5872 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
09:35:08.0163 5872 wudfsvc - ok
09:35:08.0179 5872 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
09:35:08.0210 5872 WwanSvc - ok
09:35:08.0210 5872 ================ Scan global ===============================
09:35:08.0241 5872 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
09:35:08.0273 5872 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
09:35:08.0319 5872 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
09:35:08.0335 5872 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
09:35:08.0366 5872 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
09:35:08.0397 5872 [Global] - ok
09:35:08.0397 5872 ================ Scan MBR ==================================
09:35:08.0413 5872 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:35:08.0803 5872 \Device\Harddisk0\DR0 - ok
09:35:08.0803 5872 ================ Scan VBR ==================================
09:35:08.0803 5872 [ DE4CFC9A6BCEAC4DB23F9F39B2598578 ] \Device\Harddisk0\DR0\Partition1
09:35:08.0803 5872 \Device\Harddisk0\DR0\Partition1 - ok
09:35:08.0850 5872 [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2
09:35:08.0865 5872 \Device\Harddisk0\DR0\Partition2 - ok
09:35:08.0865 5872 ============================================================
09:35:08.0865 5872 Scan finished
09:35:08.0865 5872 ============================================================
09:35:08.0881 2328 Detected object count: 0
09:35:08.0881 2328 Actual detected object count: 0
 Das erste ist der asw und der zweite der TDSS |
|
08.03.2013, 11:40
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung aus Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.03.2013, 10:30
| #25 |
| | PC geht bei Internetnutzung aus hier ist der Combofix: Code:
ATTFilter ComboFix 13-03-07.03 - Therese 12.03.2013 10:16:02.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4003.2589 [GMT 1:00]
ausgeführt von:: c:\users\Therese_2\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Therese_2\4.0
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-12 bis 2013-03-12 ))))))))))))))))))))))))))))))
.
.
2013-03-12 09:20 . 2013-03-12 09:20 -------- d-----w- c:\users\uli\AppData\Local\temp
2013-03-12 09:20 . 2013-03-12 09:20 -------- d-----w- c:\users\Therese\AppData\Local\temp
2013-03-12 09:20 . 2013-03-12 09:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-28 12:30 . 2013-02-28 13:37 -------- d-----w- C:\TEMP
2013-02-28 12:17 . 2013-02-28 12:17 -------- d-----w- c:\users\Therese_2\AppData\Local\DoNotTrackPlus
2013-02-28 12:12 . 2013-02-28 12:12 -------- d-----w- c:\users\Therese_2\AppData\Roaming\Avira
2013-02-28 12:10 . 2012-12-03 14:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-02-28 12:10 . 2012-12-03 14:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-02-28 12:10 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-02-28 12:10 . 2013-02-28 12:10 -------- d-----w- c:\program files (x86)\Avira
2013-02-26 08:28 . 2013-02-19 02:57 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D10A6C74-40CD-4D42-82EC-3BD79BF47694}\mpengine.dll
2013-02-24 12:31 . 2013-02-24 12:31 -------- d-----w- c:\users\Therese\AppData\Local\APN
2013-02-24 12:31 . 2013-02-28 12:10 -------- d-----w- c:\programdata\Avira
2013-02-24 10:54 . 2013-02-24 10:54 -------- d-----w- c:\users\Therese_2\AppData\Local\Apps
2013-02-24 10:54 . 2013-02-24 10:55 -------- d-----w- c:\users\Therese_2\AppData\Local\Deployment
2013-02-15 08:10 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-15 08:10 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 08:29 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 08:29 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 08:29 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 08:29 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 08:29 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 08:29 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 08:29 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 08:29 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 08:29 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 08:29 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 08:29 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 08:29 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 18:04 . 2012-03-30 22:15 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 18:04 . 2011-12-28 15:12 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-15 08:13 . 2011-12-30 11:13 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-14 08:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 15:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 15:11 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:11 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:11 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-27 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-12 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-12-16 220744]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-01-23 385248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\Therese_2\Desktop\Neuer Ordner (2)\mbar.exe" [2013-03-07 1363016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-03-18 25072]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-30 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-12 203264]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-01-28 86752]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-20 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2011-05-20 80032]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-12-03 3143472]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-05-20 36000]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-05-20 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-05-20 29344]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-20 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-20 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-20 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-05-20 282272]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-04-10 12223936]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-06 08:22 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 18:04]
.
2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27 12:14]
.
2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27 12:14]
.
2013-03-12 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
2013-02-20 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20]
.
2013-03-12 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-15 686704]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2011-05-20 627360]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2011-05-20 379552]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-09-10 206336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-09-10 7168]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-07-14 415232]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Therese\AppData\Roaming\Mozilla\Firefox\Profiles\ypwlbouw.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-12 10:23:01
ComboFix-quarantined-files.txt 2013-03-12 09:23
.
Vor Suchlauf: 11 Verzeichnis(se), 427.975.745.536 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 428.145.758.208 Bytes frei
.
- - End Of File - - 20683CCEB8A056B0045191177AF156A8
|
|
12.03.2013, 17:17
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung aus JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.03.2013, 18:20
| #27 |
| | PC geht bei Internetnutzung aus So hier ist der JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.0 (03.11.2013:1)
OS: Windows 7 Professional x64
Ran by Therese_2 on 12.03.2013 at 17:54:06,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Therese_2\AppData\Roaming\mozilla\firefox\profiles\89mi0rtt.default\prefs.js
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.selectedEngine", "Ask.com");
user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE");
Emptied folder: C:\Users\Therese_2\AppData\Roaming\mozilla\firefox\profiles\89mi0rtt.default\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.03.2013 at 17:59:57,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.114 - Datei am 12/03/2013 um 18:03:06 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Therese_2 - THERESE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Therese_2\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Therese\AppData\Roaming\Mozilla\Firefox\Profiles\zlwfhg1a.default\searchplugins\Askcom.xml
Ordner Gelöscht : C:\Users\Therese\AppData\Local\APN
Ordner Gelöscht : C:\Users\Therese\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Therese\AppData\Roaming\Mozilla\Firefox\Profiles\zlwfhg1a.default\extensions\toolbar@ask.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Therese\AppData\Roaming\Mozilla\Firefox\Profiles\cy1oqgjy.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Therese_2\AppData\Roaming\Mozilla\Firefox\Profiles\89mi0rtt.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v25.0.1364.152
Datei : C:\Users\Therese\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
Datei : C:\Users\Therese_2\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1821 octets] - [12/03/2013 18:03:06]
########## EOF - C:\AdwCleaner[S1].txt - [1881 octets] ##########
Code:
ATTFilter OTL logfile created on: 12.03.2013 18:07:38 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Therese_2\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 66,37% Memory free 7,82 Gb Paging File | 6,21 Gb Available in Paging File | 79,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,01 Gb Total Space | 398,50 Gb Free Space | 88,36% Space Free | Partition Type: NTFS Computer Name: THERESE-PC | User Name: Therese_2 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Therese_2\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.) ========== Modules (No Company Name) ========== MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll () MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AtherosSvc) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV - (DpHost) -- C:\Programme\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.) SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions) SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) ========== Driver Services (SafeList) ========== DRV - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 28 13 AE C9 BF CC 01 [binary data] IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\..\SearchScopes\{64D7993C-0A88-44C6-BD8F-0C26EF8D8C35}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=5f2a2c1d-cf09-4487-9a8f-80b84ac1f35f&apn_sauid=2ACA802E-CEA7-43CF-BCE1-DA14F480C1EB IE - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011.09.19 09:11:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011.01.26 14:27:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.12 17:25:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.12 17:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com/ CHR - Extension: Google Drive = C:\Users\Therese_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Users\Therese_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Therese_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Therese_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001..\Run: [IExplorer Util] C:\Users\Therese_2\AppData\Roaming\ie_util.exe File not found O4 - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found O4 - HKU\S-1-5-21-2898780312-2863283394-2695613679-1001..\Run: [Zulocasay] C:\Users\Therese_2\AppData\Roaming\Hiit\peygd.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43BC3E8E-2527-46DF-B68E-7FABC5F6DEB3}: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97D618A0-BEAB-491E-8A54-0F8558C81EDB}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tmpx - No CLSID value found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.12 18:05:32 | 000,000,000 | R--D | C] -- C:\Users\Therese_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2013.03.12 17:54:05 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013.03.12 17:53:53 | 000,000,000 | ---D | C] -- C:\JRT [2013.03.12 17:53:53 | 000,000,000 | ---D | C] -- \JRT [2013.03.12 17:49:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.03.12 17:49:49 | 000,000,000 | -HSD | C] -- \Config.Msi [2013.03.12 17:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.12 10:38:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.12 10:38:13 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2013.03.12 10:23:02 | 000,000,000 | ---D | C] -- C:\windows\temp [2013.03.08 12:05:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2013.03.08 12:05:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2013.03.08 12:05:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2013.03.08 12:05:34 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.03.08 12:05:34 | 000,000,000 | ---D | C] -- \Qoobox [2013.03.08 12:05:24 | 000,000,000 | ---D | C] -- C:\windows\erdnt [2013.03.08 12:03:38 | 005,037,067 | R--- | C] (Swearware) -- C:\Users\Therese_2\Desktop\ComboFix.exe [2013.03.08 09:26:39 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Therese_2\Desktop\tdsskiller.exe [2013.03.07 18:24:03 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Therese_2\Desktop\aswMBR.exe [2013.03.07 09:59:51 | 000,000,000 | ---D | C] -- C:\Users\Therese_2\Desktop\Neuer Ordner (2) [2013.03.03 20:12:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Therese_2\Desktop\OTL.exe [2013.02.28 13:30:52 | 000,000,000 | ---D | C] -- C:\TEMP [2013.02.28 13:30:52 | 000,000,000 | ---D | C] -- \TEMP [2013.02.28 13:17:32 | 000,000,000 | ---D | C] -- C:\Users\Therese_2\AppData\Local\DoNotTrackPlus [2013.02.28 13:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.02.28 13:10:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.02.28 11:32:54 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2013.02.28 09:30:42 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll [2013.02.28 09:30:42 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll [2013.02.28 09:30:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll [2013.02.28 09:30:34 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 09:30:34 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 09:30:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 09:30:33 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll [2013.02.28 09:30:33 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 09:30:32 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll [2013.02.28 09:30:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 09:30:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 09:30:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 09:30:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 09:30:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 09:30:31 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll [2013.02.24 13:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.02.24 11:54:57 | 000,000,000 | ---D | C] -- C:\Users\Therese_2\AppData\Local\Apps [2013.02.24 11:54:56 | 000,000,000 | ---D | C] -- C:\Users\Therese_2\AppData\Local\Deployment [2013.02.15 09:08:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2013.02.15 09:08:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013.02.15 09:08:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2013.02.15 09:08:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2013.02.15 09:08:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2013.02.15 09:08:51 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013.02.14 09:29:35 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2013.02.14 09:29:35 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2013.02.14 09:29:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2013.02.14 09:29:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2013.02.14 09:29:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2013.02.14 09:29:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2013.02.14 09:29:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.12 18:05:04 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.12 18:04:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.03.12 18:04:44 | 3148,222,464 | -HS- | M] () -- C:\hiberfil.sys [2013.03.12 18:02:26 | 000,597,667 | ---- | M] () -- C:\Users\Therese_2\Desktop\adwcleaner.exe [2013.03.12 18:01:00 | 000,000,260 | ---- | M] () -- C:\windows\tasks\HP Photo Creations Messager.job [2013.03.12 17:54:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.03.12 17:25:05 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.12 17:22:32 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.12 17:21:15 | 456,083,154 | ---- | M] () -- C:\windows\MEMORY.DMP [2013.03.12 16:54:37 | 000,014,382 | ---- | M] () -- C:\Users\Therese_2\Documents\cc_20130312_165251.reg [2013.03.12 16:40:54 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.03.12 15:22:34 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SystemToolsDailyTest.job [2013.03.08 12:03:59 | 005,037,067 | R--- | M] (Swearware) -- C:\Users\Therese_2\Desktop\ComboFix.exe [2013.03.08 11:29:16 | 000,000,512 | ---- | M] () -- C:\MBR.dat [2013.03.08 09:26:40 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Therese_2\Desktop\tdsskiller.exe [2013.03.07 18:25:24 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Therese_2\Desktop\aswMBR.exe [2013.03.07 09:59:30 | 013,786,977 | ---- | M] () -- C:\Users\Therese_2\Desktop\mbar-1.01.0.1021.zip [2013.03.04 19:57:34 | 000,377,856 | ---- | M] () -- C:\Users\Therese_2\Desktop\gmer_2.1.19115.exe [2013.03.04 13:49:39 | 003,514,358 | ---- | M] () -- C:\Users\Therese_2\Desktop\WVCheck.exe [2013.03.03 20:12:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Therese_2\Desktop\OTL.exe [2013.02.27 19:04:42 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013.02.27 19:04:42 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.20 12:00:00 | 000,000,564 | ---- | M] () -- C:\windows\tasks\PCDoctorBackgroundMonitorTask.job [1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.12 18:02:26 | 000,597,667 | ---- | C] () -- C:\Users\Therese_2\Desktop\adwcleaner.exe [2013.03.12 17:25:05 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.03.12 17:25:05 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.12 16:52:57 | 000,014,382 | ---- | C] () -- C:\Users\Therese_2\Documents\cc_20130312_165251.reg [2013.03.08 12:05:38 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2013.03.08 12:05:38 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2013.03.08 12:05:38 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2013.03.08 12:05:38 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2013.03.08 12:05:38 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2013.03.08 11:29:16 | 000,000,512 | ---- | C] () -- C:\MBR.dat [2013.03.08 11:29:16 | 000,000,512 | ---- | C] () -- \MBR.dat [2013.03.07 09:59:17 | 013,786,977 | ---- | C] () -- C:\Users\Therese_2\Desktop\mbar-1.01.0.1021.zip [2013.03.04 19:57:34 | 000,377,856 | ---- | C] () -- C:\Users\Therese_2\Desktop\gmer_2.1.19115.exe [2013.03.04 13:49:30 | 003,514,358 | ---- | C] () -- C:\Users\Therese_2\Desktop\WVCheck.exe [2013.02.28 13:11:04 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.02.28 11:32:48 | 456,083,154 | ---- | C] () -- C:\windows\MEMORY.DMP [2012.04.30 20:01:16 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2011.09.19 10:55:32 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin [2011.09.19 10:55:31 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin [2011.09.19 10:55:31 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin [2011.09.19 10:55:31 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2011.09.19 10:55:30 | 013,356,032 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll [2011.09.19 10:55:30 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2011.09.19 10:54:09 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini [2011.09.19 10:54:05 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini [2011.09.19 10:54:05 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini [2011.09.19 10:54:05 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini [2011.09.19 10:54:05 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini [2011.09.19 10:54:05 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini [2011.09.19 10:48:15 | 000,003,409 | -H-- | C] () -- \dell.sdr [2011.09.19 09:15:26 | 000,000,031 | ---- | C] () -- \tmuninst.ini [2011.09.19 08:43:06 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2011.09.19 08:40:11 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll [2011.09.19 08:37:40 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat [2011.09.19 08:32:42 | 001,621,354 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.09.19 08:30:37 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll [2011.09.19 08:18:06 | 3148,222,464 | -HS- | C] () -- \hiberfil.sys [2011.07.29 12:40:44 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini [2011.07.29 12:40:44 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini [2011.05.12 05:57:52 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll [2011.02.23 14:08:04 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK [2011.02.23 14:08:02 | 000,383,786 | RHS- | C] () -- \bootmgr ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 12.03.2013 18:07:38 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Therese_2\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 66,37% Memory free
7,82 Gb Paging File | 6,21 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 398,50 Gb Free Space | 88,36% Space Free | Partition Type: NTFS
Computer Name: THERESE-PC | User Name: Therese_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2898780312-2863283394-2695613679-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{526F056E-6FB1-46A7-9E09-94686414C180}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{69DD3B60-CA69-49E5-BF07-7A5C53394765}" = lport=21112 | protocol=6 | dir=in | name=trend micro client/server security agent listener |
"{8B443EFE-9E62-49E6-8C7B-C7D503C50B2A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DE1D893E-EDA1-4E9E-9D78-9E2AC0FE19C3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FDA8B2BA-E6F9-4915-B053-7493EC40A937}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21750618-A8F9-4FEC-A714-AFCE3CB50D8D}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe |
"{3F4EF2F1-548A-4F8D-B892-604B10B41A78}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3FCD90AD-CCE8-4381-BE0F-889D4F36FDB9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5C53D896-4FE1-4DF7-A5A8-42075EFB07E3}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe |
"{7913DAB1-094B-4ED2-9769-7A33C8E3D6EA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{DA47ED59-A178-485F-B1DA-2789C49408C0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E218F3FA-4637-4BA1-9D37-0F63853A062A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{E8A6017A-7CD9-4949-AA88-88685CA1FF65}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{71F5477E-82BF-4150-9BC4-C5ADE162C41A}C:\users\therese_2\appdata\roaming\hiit\peygd.exe" = protocol=6 | dir=in | app=c:\users\therese_2\appdata\roaming\hiit\peygd.exe |
"TCP Query User{F541BE30-41C0-4BBC-AB31-32DD55F14253}C:\users\therese_2\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\therese_2\appdata\roaming\spotify\spotify.exe |
"UDP Query User{10F530D0-E4A1-4439-A248-FF2AA8C5548A}C:\users\therese_2\appdata\roaming\hiit\peygd.exe" = protocol=17 | dir=in | app=c:\users\therese_2\appdata\roaming\hiit\peygd.exe |
"UDP Query User{8B130C83-764D-4407-8A18-12F4E7955882}C:\users\therese_2\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\therese_2\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11081E1B-9D55-63DD-67FE-8AC8D08834C9}" = PX Profile Update
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{28B38D62-7F3E-B1FE-9938-042E35A5F9F9}" = CCC Help Danish
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{434FDAA5-53FC-FDD7-4AD6-73460F022522}" = CCC Help Japanese
"{452D2CA0-D1DD-00F8-0571-9BDE0A78D2F9}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A0780-E173-0917-8D1A-C3DEEBA22259}" = CCC Help Finnish
"{4EF9BCB6-39E9-2C63-6004-398930CB90DC}" = CCC Help Chinese Standard
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55C82F5C-AA82-731D-A9DA-0A8A858FACE2}" = CCC Help French
"{578EAD95-CF7C-B58F-91CE-79FF64F7B3C1}" = Catalyst Control Center InstallProxy
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5DCA7A4E-B19B-5CB6-81F3-BCAF5A0F5AEE}" = CCC Help Spanish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66C994C8-82E1-ABC0-1A60-976D92EC276E}" = Catalyst Control Center
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7B50221F-71D1-B508-E9CC-511075E99E26}" = CCC Help Italian
"{816D878A-9DD1-F2D0-11D1-53605855A45B}" = CCC Help Dutch
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9225AB17-709E-289C-DE15-620C2A27B076}" = CCC Help Russian
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAD953F-16A8-CCD4-014A-A91625F2F478}" = CCC Help German
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFEA7544-6B97-4867-A94D-1C39BA61B64F}" = Catalyst Control Center - Branding
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3C7CB7F-A7C5-A89B-28B7-29855FB32CD8}" = CCC Help Korean
"{B47B373D-F19A-884E-AB54-089CF7E2978C}" = CCC Help Portuguese
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5EB9B5A-2964-D5A3-869A-520448200FC3}" = PowerXpressHybrid
"{CA4F92E6-9422-BE95-CC1C-4B293BF7C33C}" = CCC Help English
"{CD30B24A-59C9-5478-6B05-3D6732036AB6}" = Catalyst Control Center Localization All
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D40E5EDC-5DC0-59E5-3739-37B1D1906690}" = CCC Help Chinese Traditional
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}" = HP Photosmart 5510 series Hilfe
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E779C9F8-B190-AB65-9E8D-992BB30F224C}" = CCC Help Norwegian
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC6FCB65-EA7E-8B1A-818D-A9B57E279EF0}" = Catalyst Control Center Profiles Mobile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira Free Antivirus
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PROPLUS" = Microsoft Office Professional Plus 2007
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.03.2013 13:03:16 | Computer Name = Therese-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 12.03.2013 13:03:16 | Computer Name = Therese-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 12.03.2013 13:06:36 | Computer Name = Therese-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 12.03.2013 13:04:14 | Computer Name = Therese-PC | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
12.03.2013, 23:16
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung aus Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.03.2013, 22:06
| #29 |
| | PC geht bei Internetnutzung aus hey, hier der ESET log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2f10df8699f33847ad8cb789b5ea4f8c
# engine=13371
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-13 11:40:45
# local_time=2013-03-13 12:40:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 14145 228598135 6931 0
# compatibility_mode=5893 16776574 100 94 1181217 114804695 0 0
# scanned=144471
# found=0
# cleaned=0
# scan_time=6367
|
|
14.03.2013, 13:12
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC geht bei Internetnutzung aus Das Log von Malwarebytes fehlt bitte nachreichen Hast du das nur mit dem IE? Wurde der schonmal zurückgesetzt? => Zurücksetzen von Internet Explorer-Einstellungen in Internet Explorer 9
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PC geht bei Internetnutzung aus |
| ahnung, ausschalten, benutzung, blauer, erste mal, fenster, hintergrund, hoffe, installiere, installierte, interne, internet, internetnutzung, längerer, löschen, meldung, modus, nutzung, pc normal, programme, schnell, seite, selbstständig, starte, starten, wirklich, öffnen |
WARNUNG an die MITLESER: 
Linear-Darstellung
