Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Leistungsprobleme, Browserprobleme etc.

Leistungsprobleme, Browserprobleme etc.


Log-Analyse und Auswertung: Leistungsprobleme, Browserprobleme etc.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 12.03.2013, 18:27   #1
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hi,

erst ma grossen Respekt, für dieses Forum!!!

Ich fang gleich ma an:

Angriffsblockierung durch Norton 360 gehabt, seit dem ist alles komisch.
Firefox ist langsam, stürzt regelmässig ab. Auch wenn ich letzte Sitzung normal beendet hab,
beim nächsten öffnen zeigt er an "das hätte nicht passieren dürfen........", Wiederherstellen????
wenn ich jetzt wiederherst. drück, öffnet er das mir angezeigte Browsergame, aber der Ladebildschirm ist statt überwiegend in blau in grün dargestellt.
Hab ich vor diesem Angriffsversuch noch nie gesehn, das des grün war.
Das Spiel wird dann auch net geladen sondern Homepage öffnet sich.

Hab dann ma Hijack laufen lassen, dabei gemerkt das keine Firewall aktiv ist?? Norton 360 war aktiv, auch die intell. Firewall.
Zusätzlich hab ich gestern Avast Pro Testversion installiert, weder Malw.Bytes hat was gefunden , noch die grad aufgezählten.
Windows Firewall eingeschaltet und Definitionsaktuallisierung gemacht.
Während dessen kam die Meldung " COM Surrogate funktioniert nicht mehr...."

Hab die Logdateien versucht zu erstellen, aber GMER stürzt ab, wollt noch mal scannen, auf einmal Bluescreen-Crash in etwa "Windows protect for demage......" mehr weiss ich nicht, war so schnell wieder weg.
Also hochfahrn lassen, wieder GMER gestartet, läuft ne weile dann Meldung "funktioniert nicht mehr...muss beendet werden"

Musste Norton 360 deinstallieren weill ich keine Möglichkeit fand es zu deaktivieren für den Scan.

Hoffe die Angaben sind irgendwie brauchbar.

Vielen Dank schonmal

MfG

Hiier die andern zwei Logs:

PHP-Code:
OTL Extras logfile created on12.03.2013 15:00:02 Run 1
OTL by OldTimer Version 3.2.69.0     Folder C:\Users\cd\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version 6.0.6002) - Type NTWorkstation
Internet Explorer (Version 9.0.8112.16421)
Locale00000407 CountryDeutschland LanguageDEU Date Formatdd.MM.yyyy
 
3,00 Gb Total Physical Memory 1,89 Gb Available Physical Memory 63,21Memory free
6,19 Gb Paging File 5,06 Gb Available in Paging File 81,78Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space 4,33 Gb Free Space 3,01Space Free Partition TypeNTFS
Drive D: | 137,50 Gb Total Space 125,21 Gb Free Space 91,06Space Free Partition TypeNTFS
 
Computer NameCB-PC User Namecb Logged in as Administrator.
Boot ModeNormal Scan ModeCurrent user Quick Scan
Company Name WhitelistOn Skip Microsoft FilesOn No Company Name WhitelistOn File Age 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg ErrorKey error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %(Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg ErrorKey error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg ErrorKey error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe //k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%(Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%(Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" 0
"AntiSpywareOverride" 0
"FirewallOverride" 0
"VistaSp1" Reg ErrorUnknown registry data type -- File not found
"VistaSp2" Reg ErrorUnknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" 1
"DisableNotifications" 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" 1
"DisableNotifications" 0
"DoNotAllowExceptions" 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" 1
"DisableNotifications" 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BE1A256-2ECF-4660-93BA-B2674E9D39A8}" lport=rpc protocol=dir=in svc=spooler app=%systemroot%\system32\spoolsv.exe 
"{303FD6B7-AAD3-4A18-88E0-D8C2812D72AA}" lport=1900 protocol=17 dir=in svc=ssdpsrv app=%systemroot%\system32\svchost.exe 
"{310FCDF2-6ED0-4769-9C56-4A25908CFFEA}" lport=rpc-epmap protocol=dir=in svc=rpcss name=@firewallapi.dll,-28539 
"{311BADB0-D61E-4687-8D78-4E615B1BC1A7}" lport=2869 protocol=dir=in app=system 
"{3DF9B16C-2A34-40A9-998A-31CA03B0E9A6}" rport=138 protocol=17 dir=out app=system 
"{51F679BD-3A46-4A67-AB2E-AD08A7F6A0A3}" lport=445 protocol=dir=in app=system 
"{57AEF31B-9EE2-4869-8BE0-2A423E35D37F}" lport=547 protocol=17 dir=in svc=sharedaccess app=%systemroot%\system32\svchost.exe 
"{693A7FA8-654C-4ACD-9855-0F8D570B6A1F}" lport=14714 protocol=dir=in name=audials localhttpserver 14714 
"{6DB7B6D9-56AC-4529-A483-01511D17F023}" lport=139 protocol=dir=in app=system 
"{866DD6D9-D574-4067-A20E-71B5B48965E7}" lport=138 protocol=17 dir=in app=system 
"{8E110DC1-1484-4064-AB3F-070080B118A8}" lport=31931 protocol=dir=in name=audials localhttpserver 31931 
"{981EA679-E565-4E8E-866B-0582EDDAAB6F}" lport=67 protocol=17 dir=in svc=sharedaccess app=%systemroot%\system32\svchost.exe 
"{99DD4529-2A34-4E64-82B4-37A1F1F0F2A7}" rport=137 protocol=17 dir=out app=system 
"{BB0DF932-645D-49BC-B7A8-1B6073CE81CE}" rport=139 protocol=dir=out app=system 
"{BB719113-C896-46EC-8B91-F6E4B79762C3}" lport=68 protocol=17 dir=in svc=sharedaccess app=%systemroot%\system32\svchost.exe 
"{D9A925CA-84BC-4955-B74D-7F05628C0C2B}" lport=137 protocol=17 dir=in app=system 
"{DB811316-21CA-430C-B2F6-8C061D149978}" lport=12972 protocol=dir=in name=audials localhttpserver 12972 
"{DD508265-3D18-45B7-863F-3689A80E5043}" rport=1900 protocol=17 dir=out svc=ssdpsrv app=%systemroot%\system32\svchost.exe 
"{DF63E9D5-06C7-47A2-8B81-E69A0B47F4AC}" lport=53 protocol=17 dir=in svc=sharedaccess app=%systemroot%\system32\svchost.exe 
"{E5D52606-AA88-40E2-8226-C91F0C3CFC3D}" rport=2869 protocol=dir=out app=system 
"{FC111CBB-7313-4098-8DBC-1FB1FCF615D3}" rport=445 protocol=dir=out app=system 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BCBC8AE-E0BC-4167-AFA7-39C1BB6CD80F}" protocol=dir=out svc=upnphost app=%systemroot%\system32\svchost.exe 
"{11117E6A-1736-4019-A248-207A33D87E2D}" protocol=dir=out name=@firewallapi.dll,-28544 
"{33AC2BD8-F168-4D64-87DA-D806C0C326D0}" protocol=17 dir=in app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe 
"{42FEFD8D-926F-4366-9FD2-6AD66F959C87}" protocol=17 dir=in app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe 
"{4E2A4A1E-05D4-4AF3-AA0B-613C75C278BD}" protocol=dir=in app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe 
"{5B937418-6C87-44BE-8CFE-2036249AA692}" protocol=58 dir=in name=@firewallapi.dll,-28545 
"{601C672F-6A94-4315-931E-CD11BA99885A}" protocol=dir=in name=@firewallapi.dll,-28543 
"{620A3614-2356-403F-87BF-705E576766AC}" protocol=17 dir=in app=c:\program files\microsoft office\office12\onenote.exe 
"{6E1FBA79-AD1B-43F3-B2D4-94574937BAD2}" protocol=dir=in app=d:\diablo iii\diablo iii.exe 
"{6F08BFB0-E6E9-4B56-B20A-9820DC096CD5}" protocol=dir=in app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe 
"{712A008D-EC6D-4AA4-A0C9-CE73B32E0A44}" protocol=dir=in app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe 
"{77803F52-3595-4610-B34E-48B98DB0EA0D}" protocol=17 dir=in app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe 
"{797EA615-CEA5-46BF-9DE1-4261F9CDF5C1}" protocol=dir=in app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe 
"{7E0C4F18-4F8E-4FD0-BD76-A865E6FA6692}" protocol=dir=in app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe 
"{88839F37-DA99-4415-A5D3-39B86EE699B7}" dir=out svc=sharedaccess app=%systemroot%\system32\svchost.exe 
"{95980F3F-C832-4F99-A7D6-F226B8EEDC40}" protocol=dir=in app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe 
"{96D18B54-F7D7-4192-BED7-9C6A3B5A0D26}" protocol=58 dir=in name=@hnetcfg.dll,-148 
"{97F55C3A-A388-4F41-AAED-3B40A6CB4E4E}" protocol=dir=in app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe 
"{A0FCA058-CA8B-4E5B-A9B2-863E3DE030CE}" protocol=dir=in app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe 
"{AF8FC720-6DE3-4556-B559-2E0CBED2B43A}" protocol=17 dir=in app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe 
"{B5B421FC-EF10-4C0E-8C80-ED63EAEFA50A}" protocol=17 dir=in app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe 
"{B8C771AE-C75B-4B34-82A7-D6BC502A4227}" protocol=17 dir=in app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe 
"{BFD6FB21-EE16-4E8A-BE9B-FBE99D97150B}" protocol=dir=in app=c:\program files\microsoft office\office12\onenote.exe 
"{C01B41CC-4868-40B5-B364-70CBDD235CDF}" protocol=17 dir=in app=d:\diablo iii\diablo iii.exe 
"{C40B7114-69B0-4FD8-A51E-D8FFBA9AA830}" protocol=58 dir=out name=@firewallapi.dll,-28546 
"{C524996C-E8E5-4C80-B44A-D146C1097BC3}" protocol=17 dir=in app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe 
"{E329FEA2-F557-4DE6-8225-8710021F7D98}" dir=in app=c:\program files\rapidsolution\audials 9\audials.exe 
"{FC614412-1C7B-426A-A598-5B8E85474092}" protocol=17 dir=in app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe 
"TCP Query User{75C6C2AA-A2F8-4A93-AF54-81BA53679074}C:\program files\rapidsolution\audials 9\audials.exe" protocol=dir=in app=c:\program files\rapidsolution\audials 9\audials.exe 
"TCP Query User{F7AF2262-1E3E-42D5-A02C-07223F6FB9BA}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe" protocol=dir=in app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe 
"UDP Query User{20D1A69B-8E08-4C9C-A2B8-38614BF096CA}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe" protocol=17 dir=in app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe 
"UDP Query User{A247A102-2700-4D2A-BBB9-26DE1AE4386E}C:\program files\rapidsolution\audials 9\audials.exe" protocol=17 dir=in app=c:\program files\rapidsolution\audials 9\audials.exe 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" Corel Graphics Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" CorelDRAW(RGraphics Suite X5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" Microsoft .NET Framework 3.5 Language Pack SP1 deu
"{11316260-6666-467B-AC34-183FCB5D4335}" Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" NTI Backup Now Standard
"{130E5108-547F-4482-91EE-F45C784E08C7}" HP Officejet 6500 E710n-z Hilfe
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" Acer eSettings Management
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" NTI Media Maker 8
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" CorelDRAW Graphics Suite X5 Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" CorelDRAW Graphics Suite X5 VSTA
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" JMicron JMB38X Flash Media Controller
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" Intel(RPROSet/Wireless WiFi-Software
"{26945917-E053-45F6-AF98-309730CFC318}" Visual Basic for Applications (RCore
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" Atheros Communications Inc.(RAR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" CorelDRAW Graphics Suite X5 Filters
"{368FCA18-C510-4F87-B60E-192B9BDBAE3D}" CorelDRAW Graphics Suite X5
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" Microsoft .NET Framework 4 Client Profile
"{40580068-9B10-40B5-9548-536CE88AB23C}" ITECIR
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" Microsoft Works
"{51DD370C-6690-424E-9674-5F14468B323F}" Corel Graphics Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" CorelDRAW Graphics Suite X5 Connect
"{567E8236-C414-4888-8211-3D61608D57AE}" Validity Sensors software
"{57265292-228A-41FA-9AEC-4620CBCC2739}" Acer eAudio Management
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" CorelDRAW Graphics Suite X5 VBA
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" Acer ePower Management
"{59123CCF-FED2-46FF-9293-D1DC80042219}" CorelDRAW Graphics Suite X5 Redist
"{5A6E169C-EAB6-4453-AAD0-2B1206FA5C59}" Internet Explorer
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" Adobe AIR
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" CorelDRAW Graphics Suite X5 Draw
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" Activation Assistant for the 2007 Microsoft Office suites
"{68EE5C41-2F79-4F36-BE85-22A814F55AF7}" CorelDRAW Graphics Suite X5 ES
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" Microsoft Visual C++ 2005 Redistributable
"{73ABAA0E-70F0-4048-AD43-A5F5A13A198D}" Audials
"{75674E4C-CDE5-4E64-8014-FDF6D9204C4B}" HP Officejet 6500 E710n-Grundlegende Software für das Gerät
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack DEU
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" Acer eRecovery Management
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" NVIDIA PhysX
"{8E87B944-4815-3C5E-947F-5035C9F64362}" Microsoft Visual Studio Tools for Applications 2.0 Language Pack DEU
"{8F18CFF8-8259-4148-AD00-2EE572754E92}" CorelDRAW Graphics Suite X5 FR
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" Microsoft Office Excel MUI (German2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" Microsoft Office PowerPoint MUI (German2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" Microsoft Office Word MUI (German2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" Microsoft Office Proof (German2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" Microsoft Office Proof (English2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" Microsoft Office Proof (French2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" Microsoft Office Proof (Italian2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" Microsoft Office Proofing (German2007
"{90120000-006E-0407-0000-0000000FF1CE}" Microsoft Office Shared MUI (German2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" Microsoft Office OneNote MUI (German2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" Microsoft Office 2007 Service Pack 3 (SP3)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" CorelDRAW Graphics Suite X5 WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" CorelDRAW Graphics Suite X5 FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" CorelDRAW Graphics Suite X5 PHOTO-PAINT
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" Microsoft Visual Studio Tools for Applications 2.0 ENU
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" Adobe Reader X (10.1.6) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" NVIDIA Systemsteuerung 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" NVIDIA Grafiktreiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" NVIDIA Update Components
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" Visual Basic for Applications (RCore German
"{BFE9A442-5D4B-4372-B994-FB4BCEA78662}" CorelDRAW Graphics Suite X5 NL
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" CorelDRAW Graphics Suite X5 Common
"{CBB61DCB-A313-C855-1A42-F2091A212C5D}" simfy
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" LightScribe  1.4.142.1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" CorelDRAW Graphics Suite X5 Setup Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" PhotoNow!
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" Visual Basic for Applications (RCore English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" CorelDRAW Graphics Suite X5 Photozoom Plugin
"{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}" CorelDRAW Graphics Suite X5 IT
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" CorelDRAW Graphics Suite X5 DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" CorelDRAW Graphics Suite X5 IPM
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" CorelDRAW Graphics Suite X5 EN
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" CorelDRAW Graphics Suite X5 Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" CorelDRAW Graphics Suite X5 BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" CorelDRAW Graphics Suite X5 VideoBrowser
"Activation Assistant for the 2007 Microsoft Office suites" Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware Browsing Protection" Ad-Aware Browsing Protection
"Adobe AIR" Adobe AIR
"Adobe Flash Player Plugin" Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" Agere Systems HDA Modem
"avast" avastPro Antivirus
"CCleaner" CCleaner
"CPUID HWMonitor_is1" CPUID HWMonitor 1.19
"DAEMON Tools Lite" DAEMON Tools Lite
"Diablo III" Diablo III
"GridVista" Acer GridVista
"HOMESTUDENTR" Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" NTI Media Maker 8
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" CyberLink PowerDirector
"LManager" Launch Manager
"Malwarebytes' Anti-Malware_is1" Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" Microsoft .NET Framework 3.5 Language Pack SP1 DEU
"Microsoft .NET Framework 3.5 SP1" Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" Mozilla Maintenance Service
"N360" Norton 360
"PokerStars" PokerStars
"Security Task Manager" Security Task Manager 1.8d
"Simfy" simfy
"SynTPDeinstKey" Synaptics Pointing Device Driver
"VLC media player" VLC media player 2.0.5
"WinRAR archiver" WinRAR 4.10 (32-Bit)
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
Application Events ]
Error 19.07.2012 13:09:40 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 20.07.2012 03:50:39 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 20.07.2012 09:00:58 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 21.07.2012 02:36:20 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 21.07.2012 07:22:01 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 21.07.2012 15:48:17 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 22.07.2012 11:36:57 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 22.07.2012 12:17:16 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 24.07.2012 10:05:26 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
Error 25.07.2012 10:49:21 Computer Name cb-PC Source WinMgmt ID 10
Description 
 
System Events ]
Error 12.03.2013 07:46:34 Computer Name cb-PC Source DCOM ID 10016
Description 
 
Error 12.03.2013 07:47:04 Computer Name cb-PC Source Service Control Manager ID 7009
Description 
 
Error 12.03.2013 07:47:04 Computer Name cb-PC Source Service Control Manager ID 7000
Description 
 
Error 12.03.2013 08:52:28 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error 12.03.2013 08:52:29 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error 12.03.2013 08:52:58 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error 12.03.2013 09:01:51 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error 12.03.2013 09:55:15 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error 12.03.2013 09:55:17 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error 12.03.2013 09:55:25 Computer Name cb-PC Source ipnathlp ID 31004
Description 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werdenMöglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
 
End of report 


PHP-Code:
OTL logfile created on12.03.2013 15:00:02 Run 1
OTL by OldTimer Version 3.2.69.0     Folder C:\Users\cd\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version 6.0.6002) - Type NTWorkstation
Internet Explorer (Version 9.0.8112.16421)
Locale00000407 CountryDeutschland LanguageDEU Date Formatdd.MM.yyyy
 
3,00 Gb Total Physical Memory 1,89 Gb Available Physical Memory 63,21Memory free
6,19 Gb Paging File 5,06 Gb Available in Paging File 81,78Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space 4,33 Gb Free Space 3,01Space Free Partition TypeNTFS
Drive D: | 137,50 Gb Total Space 125,21 Gb Free Space 91,06Space Free Partition TypeNTFS
 
Computer NameCB-PC User Namecb Logged in as Administrator.
Boot ModeNormal Scan ModeCurrent user Quick Scan
Company Name WhitelistOn Skip Microsoft FilesOn No Company Name WhitelistOn File Age 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013.03.12 14:57:28 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cd\Desktop\OTL(1).exe
PRC - [2013.03.07 00:32:44 004,767,304 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 00:32:44 000,045,248 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.12.18 15:28:08 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.03 16:39:40 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.12.01 05:38:02 001,821,032 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.12.01 05:38:02 000,865,128 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.06.16 03:24:19 000,138,272 R--- | M] (Symantec Corporation) -- C:\Programme\Norton 360\Engine\6.4.1.14\ccsvchst.exe
PRC - [2011.08.12 00:38:07 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2009.07.24 19:38:50 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.04.11 07:27:36 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.08.19 14:27:22 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.05.26 05:43:58 000,599,344 | ---- | M] (Validity SensorsInc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008.04.30 19:41:12 000,815,104 | ---- | M] (Intel(RCorporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.04.30 19:10:10 000,466,944 | ---- | M] (Intel(RCorporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.01.21 03:25:33 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.11 04:15:04 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.12.06 16:15:28 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012.01.09 19:44:20 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.04.28 09:49:20 000,003,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013.03.07 15:29:15 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.07 00:32:44 000,045,248 | ---- | M] (AVAST Software) [Auto Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avastAntivirus)
SRV - [2013.02.28 00:30:46 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.03 16:39:40 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.06.16 03:24:19 000,138,272 R--- | M] (Symantec Corporation) [Auto Running] -- C:\Program Files\Norton 360\Engine\6.4.1.14\ccSvcHst.exe -- (N360)
SRV - [2011.08.12 00:38:07 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011.07.20 04:18:24 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.07.24 19:38:50 000,189,728 | ---- | M] (Protexis Inc.) [Auto Running] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2008.08.19 14:27:22 000,024,576 | ---- | M] () [Auto Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.07.20 17:45:06 000,354,840 | ---- | M] (Intel Corporation) [On_Demand Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.05.26 05:43:58 000,599,344 | ---- | M] (Validity SensorsInc.) [Auto Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008.04.30 19:41:12 000,815,104 | ---- | M] (Intel(RCorporation) [Auto Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 19:10:10 000,466,944 | ---- | M] (Intel(RCorporation) [Auto Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.01.21 03:25:33 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 000,272,952 | ---- | M] (Microsoft Corporation) [Auto Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 04:15:04 000,012,800 | ---- | M] (Agere Systems) [Auto Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.12.06 16:15:28 000,110,592 | ---- | M] () [Auto Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006.10.26 14:03:08 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV File not found [Kernel On_Demand Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV File not found [Kernel On_Demand Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV File not found [Kernel On_Demand Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV File not found [Kernel On_Demand Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV File not found [Kernel On_Demand Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt)
DRV File not found [Kernel On_Demand Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2013.03.07 00:33:24 000,765,736 | ---- | M] (AVAST Software) [File_System System Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 000,368,176 | ---- | M] (AVAST Software) [Kernel System Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 000,164,736 | ---- | M] () [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 000,062,376 | ---- | M] (AVAST Software) [Kernel System Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 000,049,760 | ---- | M] (AVAST Software) [Kernel System Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.03.07 00:33:24 000,049,248 | ---- | M] () [Kernel Boot Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 000,066,336 | ---- | M] (AVAST Software) [File_System Auto Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:22 000,029,816 | ---- | M] (AVAST Software) [File_System Auto Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.03.07 00:33:22 000,021,576 | ---- | M] (AVAST Software) [Kernel System Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013.02.28 18:22:23 000,097,440 | ---- | M] (Symantec Corporation) [Kernel Boot Running] -- C:\Windows\System32\drivers\SMR311.SYS -- (SMR311)
DRV - [2013.01.16 11:11:20 001,603,824 | ---- | M] (Symantec Corporation) [Kernel On_Demand Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130311.025\NAVEX15.SYS -- (NAVEX15)
DRV - [2013.01.16 11:11:20 000,093,296 | ---- | M] (Symantec Corporation) [Kernel On_Demand Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130311.025\NAVENG.SYS -- (NAVENG)
DRV - [2013.01.16 03:51:12 000,997,464 | ---- | M] (Symantec Corporation) [Kernel System Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130301.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012.12.03 16:39:40 009,373,032 | ---- | M] (NVIDIA Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.10.12 22:49:16 000,376,480 | ---- | M] (Symantec Corporation) [Kernel System Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.10.12 22:49:16 000,106,656 | ---- | M] (Symantec Corporation) [Kernel On_Demand Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.09.01 01:27:25 000,386,720 | ---- | M] (Symantec Corporation) [Kernel System Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130309.002\IDSvix86.sys -- (IDSVix86)
DRV - [2012.08.20 11:48:22 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV - [2012.08.20 11:48:22 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV - [2012.07.06 03:17:57 000,574,112 | ---- | M] (Symantec Corporation) [File_System On_Demand Running] -- C:\Windows\System32\drivers\N360\0604010.00E\srtsp.sys -- (SRTSP)
DRV - [2012.07.06 03:17:57 000,032,928 | ---- | M] (Symantec Corporation) [Kernel System Running] -- C:\Windows\System32\drivers\N360\0604010.00E\srtspx.sys -- (SRTSPX)
DRV - [2012.07.03 16:25:17 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.06.07 05:43:43 000,132,768 | ---- | M] (Symantec Corporation) [Kernel System Running] -- C:\Windows\System32\drivers\N360\0604010.00E\ccsetx86.sys -- (ccSet_N360)
DRV - [2012.06.06 20:05:13 000,141,944 | ---- | M] (Symantec Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012.05.22 02:37:12 000,924,320 | ---- | M] (Symantec Corporation) [File_System Boot Running] -- C:\Windows\System32\drivers\N360\0604010.00E\symefa.sys -- (SymEFA)
DRV - [2012.01.23 11:12:25 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel System Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.01.03 16:28:54 000,039,016 | ---- | M] (RapidSolution Software AG) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011.12.19 11:44:24 000,223,864 | ---- | M] (GFI Software) [Kernel System Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw)
DRV - [2011.12.19 11:44:24 000,093,816 | ---- | M] (GFI Software) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011.12.19 11:44:24 000,072,312 | ---- | M] (GFI Software) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\sbwtis.sys -- (sbwtis)
DRV - [2011.11.29 05:59:52 000,077,816 | ---- | M] (GFI Software) [File_System Auto Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2011.11.16 20:38:00 000,345,208 R--- | M] (Symantec Corporation) [Kernel System Running] -- C:\Windows\System32\drivers\N360\0604010.00E\symtdiv.sys -- (SYMTDIv)
DRV - [2011.11.16 20:17:48 000,149,624 R--- | M] (Symantec Corporation) [Kernel System Running] -- C:\Windows\System32\drivers\N360\0604010.00E\ironx86.sys -- (SymIRON)
DRV - [2011.09.29 11:16:18 000,094,584 | ---- | M] (GFI Software) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV - [2011.09.29 11:16:18 000,094,584 | ---- | M] (GFI Software) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2011.09.21 09:25:34 000,021,992 | ---- | M] (CPUID) [Kernel Auto Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011.08.15 23:51:40 000,340,088 R--- | M] (Symantec Corporation) [Kernel Boot Running] -- C:\Windows\System32\drivers\N360\0604010.00E\symds.sys -- (SymDS)
DRV - [2011.07.22 17:27:02 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel System Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel System Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.08.05 06:18:22 000,048,640 | ---- | M] (Atheros CommunicationsInc.) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008.08.19 14:23:00 000,015,392 | ---- | M] (AcerInc.) [Kernel Auto Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.05.26 05:44:14 000,040,752 | ---- | M] (Validity SensorsInc.) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008.05.07 11:47:36 000,085,136 | ---- | M] (JMicron Technology Corp.) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.04.27 23:29:26 003,658,752 | ---- | M] (Intel Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.02.29 08:13:38 001,202,560 | ---- | M] (Agere Systems) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 03:23:21 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.12.18 17:12:12 000,054,784 | ---- | M] (ITE TechInc. ) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2006.11.02 14:27:34 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel System Running] -- C:\Programme\Launch Manager\DPortIO.sys -- (DritekPortIO)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0112&m=aspire_8930
IE HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0112&m=aspire_8930
IE HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL hxxp://www.t-online.de/cpm-redir/ie-9.html
IE HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL hxxp://safesearchr.lavasoft.com/?s [Binary data over 200 bytes]
IE HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded 1
IE HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages hxxp://safesearchr.lavasoft.com/?s [Binary data over 200 bytes]
IE HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page hxxp://www.t-online.de/cpm-redir/ie-9.html
IE HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache 1
IE HKCU\..\SearchScopes,DefaultScope = {D035E207-B8B2-4ACE-8DA2-5687705A4524}
IE HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=08B090B3AA2F2A56C6E1994FAE53471E&q={searchTerms}
IE HKCU\..\SearchScopes\{638FF437-B71E-4F2A-8E52-6B012582C564}: "URL" hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE HKCU\..\SearchScopes\{B6D20ABD-0AA4-4F3D-A58C-F74C73A38B55}: "URL" hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}
IE HKCU\..\SearchScopes\{D035E207-B8B2-4ACE-8DA2-5687705A4524}: "URL" hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE HKCU\..\SearchScopes\{E8FEB03C-9243-453B-AEBA-A1305297ACDC}: "URL" hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE466
IE HKCU\..\SearchScopes\{F42B6230-D732-4099-8605-33EB6ECF82BD}: "URL" hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi
IE HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyEnable" 0
IE HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyOverride" = <local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF prefs.js..browser.startup.homepage"www.t-online.de"
FF prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%203
FF prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF user.js File not found
 
FF HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayerC:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll Microsoft Corporation)
FF HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM\Software\MozillaPlugins\Adobe ReaderC:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012.06.06 20:07:05 000,000,000 | ---M]
FF HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2013.03.12 12:46:55 000,000,000 | ---M]
FF HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.comC:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.10 17:44:39 000,000,000 | ---M]
FF HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\ComponentsC:\Program Files\Mozilla Firefox\components [2013.03.10 18:27:38 000,000,000 | ---M]
FF HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\PluginsC:\Program Files\Mozilla Firefox\plugins
 
[2012.06.05 22:25:16 000,000,000 | ---M] (No name found) -- C:\Users\cb\AppData\Roaming\mozilla\Extensions
[2013.03.10 18:27:37 000,000,000 | ---M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.06 20:07:05 000,000,000 | ---M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPLGN
[2013.03.07 15:30:04 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.05.12 13:10:53 000,000,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
[2013.03.07 16:45:15 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 16:45:15 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.03.07 16:45:15 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 16:45:15 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 16:45:15 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 16:45:15 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 Hosts127.0.0.1       localhost
O1 Hosts: ::1             localhost
O2 BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O2 BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\6.4.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 BHO: (avastWebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O3 HKLM\..\Toolbar: (avastWebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O4 HKLM..\Run: [avastC:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 HKLM..\Run: [IAAnotifC:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 HKLM..\Run: [ProductRegC:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 HKLM..\Run: [Windows DefenderC:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 HKLM..\RunOnce: [*WerKernelReportingC:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 HKLM..\RunOnce: [InnoSetupRegFile.0000000001C:\Windows\is-DDBL4.exe ()
O4 HKLM..\RunOnce: [Malwarebytes Anti-MalwareC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [*NPE] C:\Users\cd\Downloads\NPE.exe (Symantec Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65A69804-67A6-40C7-8C82-E31B0292EA06}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fb40ac0f-45a7-11e1-8f99-00a0d1ac840f}\Shell - "" = AutoRun
O33 - MountPoints2\{fb40ac0f-45a7-11e1-8f99-00a0d1ac840f}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013.03.10 17:45:17 | 000,368,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.03.10 17:45:17 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.03.10 17:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2013.03.10 17:45:16 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.03.10 17:45:16 | 000,062,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.03.10 17:45:16 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013.03.10 17:45:16 | 000,021,576 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013.03.10 17:45:15 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.03.10 17:45:11 | 000,228,600 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.03.10 17:44:04 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.10 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.03.10 17:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.02.28 19:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.02.28 18:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SMR311
[2013.02.28 18:22:23 | 000,097,440 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS
[2013.02.14 16:02:28 | 000,000,000 | ---D | C] -- C:\Users\cb\AppData\Local\ElevatedDiagnostics
[14 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\cb\AppData\Roaming\*.tmp files -> C:\Users\cb\AppData\Roaming\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013.03.12 14:53:14 | 000,000,000 | ---- | M] () -- C:\Users\cb\defogger_reenable
[2013.03.12 14:45:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.12 14:44:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 14:44:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 13:52:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.12 12:52:52 | 000,628,914 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.03.12 12:52:52 | 000,592,326 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.12 12:52:52 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.03.12 12:52:52 | 000,100,400 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.12 12:45:52 | 000,000,431 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2013.03.12 12:45:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013.03.12 12:44:20 | 3218,046,976 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.12 00:30:33 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.03.10 18:27:44 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.10 17:45:17 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2013.03.10 17:45:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.03.07 00:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.03.07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013.03.07 00:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.03.07 00:33:22 | 000,021,576 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.02.28 18:22:23 | 000,097,440 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS
[2013.02.23 22:15:31 | 000,710,504 | ---- | M] () -- C:\Windows\is-DDBL4.exe
[2013.02.23 22:15:31 | 000,013,521 | ---- | M] () -- C:\Windows\is-DDBL4.msg
[2013.02.23 22:15:31 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.23 22:15:31 | 000,000,380 | ---- | M] () -- C:\Windows\is-DDBL4.lst
[2013.02.18 14:42:35 | 473,907,463 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.14 12:49:50 | 000,314,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[14 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\cb\AppData\Roaming\*.tmp files -> C:\Users\cb\AppData\Roaming\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.03.12 14:53:14 | 000,000,000 | ---- | C] () -- C:\Users\cb\defogger_reenable
[2013.03.10 17:45:17 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2013.03.10 17:45:16 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.10 17:45:15 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.02.28 19:52:33 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.02.28 19:52:33 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.23 22:15:31 | 000,710,504 | ---- | C] () -- C:\Windows\is-DDBL4.exe
[2013.02.23 22:15:31 | 000,013,521 | ---- | C] () -- C:\Windows\is-DDBL4.msg
[2013.02.23 22:15:31 | 000,000,380 | ---- | C] () -- C:\Windows\is-DDBL4.lst
[2013.02.21 18:23:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.13 17:05:53 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012.12.13 21:57:54 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.07.05 12:25:37 | 000,314,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.01.23 11:31:23 | 000,007,680 | ---- | C] () -- C:\Users\cb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.23 11:09:17 | 000,000,272 | ---- | C] () -- C:\Windows\wininit.ini
[2012.01.12 23:01:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.01.12 23:01:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.01.12 19:51:04 | 015,961,442 | ---- | C] () -- C:\Users\cb\AppData\Roaming\SMRBackup162.dat
[2012.01.12 16:28:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2001.01.08 15:45:51 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\Acer GameZone Console
[2012.05.12 13:13:07 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\Ad-Aware Antivirus
[2012.06.06 23:32:26 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\DAEMON Tools Lite
[2012.01.12 18:03:24 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\Tific
[2012.12.19 19:06:50 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\ts3overlay
[2012.06.04 15:40:36 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\TuneUp Software
[2012.01.12 17:28:59 | 000,000,000 | ---D | M] -- C:\Users\cb\AppData\Roaming\Validity
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report > 

Alt 13.03.2013, 13:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 13.03.2013, 17:56   #3
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hi Cosinus,

erst mal vielen Dank für die schnelle Antwort!!

Nein, ich hab mit keinem scanner was gefunden.
Ausser bei der Avast Pro Testversion, beim vollst. Systemscan kam folgendes:

"einige Dateien konnten nicht überprüft werden"

C:\Program Files\AVAST Software\Avast\defs\13031300_stream\pkg1303130000000012.bin
C:\Program Files\AVAST Software\Avast\defs\13031300_stream\pkg1303130000000001.bin
Beide haben den Status: Fehler: Das System kann den angegebenen Pfad nicht finden[3]
Sorry hab grad keine Idee wie ich an die Logdatei komm, trotz googlen.

Als ich gestern den Thread erstellt habe, und Browser danach neu öffnete kam ich nicht mehr ins Internet. Musste am Router Netzstecker ziehn.
Vorhin hatte ich wieder ein bluescreen-crash, als ich heute das erstes mal hier ins Forum schaute. Komisch

Sry wegen der falschen Codierung, aber ich hab nicht so viel Ahnung. Nächstes mal :-)

Grüsse Chris
__________________
Alt 13.03.2013, 21:13   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.03.2013, 16:05   #5
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hi,

alles gemacht wie du geschrieben hast. Bei GMER kam wieder die Meldung "funktioniert nicht mehr....muss beendet werden"
Hab es dann im abgesicherten M. laufen lassen.
mbar hat nichts gefunden.

besten Dank und Grüsse

hier gmer:
Code:
ATTFilter
GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-14 15:27:11
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298,09GB
Running: 611bwm5o.exe; Driver: C:\Users\cb\AppData\Local\Temp\pgtdqpoc.sys


---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\002269d357af                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\002269d357af@000d3cb1c58d         0x9C 0x42 0xF1 0x3A ...
Reg             HKLM\SYSTEM\ControlSet004\Services\BthPort\Parameters\Keys\002269d357af (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet004\Services\BthPort\Parameters\Keys\002269d357af@000d3cb1c58d             0x9C 0x42 0xF1 0x3A ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----

hier mbar:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.14.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
cb :: CB-PC [administrator]

14.03.2013 15:55:37
mbar-log-2013-03-14 (15-55-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28960
Time elapsed: 15 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Alt 14.03.2013, 16:16   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Leistungsprobleme, Browserprobleme etc.

Alt 14.03.2013, 18:35   #7
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hi,

tdss killer hat nichts gefunden, also keine logfile.


aswMBR:
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-14 18:22:38
-----------------------------
18:22:38.610    OS Version: Windows 6.0.6002 Service Pack 2
18:22:38.610    Number of processors: 2 586 0xF0D
18:22:38.610    ComputerName: CB-PC  UserName: cb
18:22:40.747    Initialize success
18:22:41.605    AVAST engine defs: 13031401
18:23:02.072    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:23:02.088    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
18:23:02.119    Disk 0 MBR read successfully
18:23:02.134    Disk 0 MBR scan
18:23:02.134    Disk 0 unknown MBR code
18:23:02.181    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13312 MB offset 2048
18:23:02.181    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       147501 MB offset 27265024
18:23:02.212    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       140800 MB offset 329347072
18:23:02.228    Disk 0 Partition 4 00     12  Compaq diag NTFS         3630 MB offset 617705472
18:23:02.244    Disk 0 scanning sectors +625139712
18:23:02.306    Disk 0 scanning C:\Windows\system32\drivers
18:23:16.767    Service scanning
18:23:37.422    Modules scanning
18:23:43.287    Disk 0 trace - called modules:
18:23:43.381    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
18:23:43.396    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b3a9f8]
18:23:43.396    3 CLASSPNP.SYS[8ad9e8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x859a9028]
18:23:44.941    AVAST engine scan C:\Windows
18:23:48.139    AVAST engine scan C:\Windows\system32
18:26:36.666    AVAST engine scan C:\Windows\system32\drivers
18:26:55.932    AVAST engine scan C:\Users\cb
18:27:29.565    AVAST engine scan C:\ProgramData
18:29:21.292    Scan finished successfully
18:29:51.525    Disk 0 MBR has been saved successfully to "C:\Users\cd\Desktop\MBR.dat"
18:29:51.541    The log file has been saved successfully to "C:\Users\cd\Desktop\aswMBR.txt"

Alt 14.03.2013, 23:20   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Zitat:
tdss killer hat nichts gefunden, also keine logfile.
Sry das ist Quatsch. Es gibt immer ein Log dazu. Außerdem hatte ich u.a. das anfangs gepostet:

Zitat:
Zitat von cosinus
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.03.2013, 10:50   #9
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hi,

sry da hast du recht!!


TDSS-Killer:
Code:
ATTFilter
18:30:50.0212 2796  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:30:50.0493 2796  ============================================================
18:30:50.0493 2796  Current date / time: 2013/03/14 18:30:50.0493
18:30:50.0493 2796  SystemInfo:
18:30:50.0493 2796  
18:30:50.0493 2796  OS Version: 6.0.6002 ServicePack: 2.0
18:30:50.0493 2796  Product type: Workstation
18:30:50.0493 2796  ComputerName: CB-PC
18:30:50.0493 2796  UserName: cb
18:30:50.0493 2796  Windows directory: C:\Windows
18:30:50.0493 2796  System windows directory: C:\Windows
18:30:50.0493 2796  Processor architecture: Intel x86
18:30:50.0493 2796  Number of processors: 2
18:30:50.0493 2796  Page size: 0x1000
18:30:50.0493 2796  Boot type: Normal boot
18:30:50.0493 2796  ============================================================
18:30:51.0320 2796  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:30:51.0320 2796  ============================================================
18:30:51.0320 2796  \Device\Harddisk0\DR0:
18:30:51.0320 2796  MBR partitions:
18:30:51.0320 2796  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x12016800
18:30:51.0320 2796  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A17000, BlocksNum 0x11300000
18:30:51.0320 2796  ============================================================
18:30:51.0351 2796  C: <-> \Device\Harddisk0\DR0\Partition1
18:30:51.0398 2796  D: <-> \Device\Harddisk0\DR0\Partition2
18:30:51.0398 2796  ============================================================
18:30:51.0398 2796  Initialize success
18:30:51.0398 2796  ============================================================
18:30:55.0782 5348  ============================================================
18:30:55.0782 5348  Scan started
18:30:55.0782 5348  Mode: Manual; 
18:30:55.0782 5348  ============================================================
18:30:56.0328 5348  ================ Scan system memory ========================
18:30:56.0328 5348  System memory - ok
18:30:56.0328 5348  ================ Scan services =============================
18:30:56.0406 5348  [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:30:56.0406 5348  !SASCORE - ok
18:30:56.0640 5348  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
18:30:56.0640 5348  ACPI - ok
18:30:56.0733 5348  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:30:56.0733 5348  AdobeARMservice - ok
18:30:56.0811 5348  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:30:56.0811 5348  AdobeFlashPlayerUpdateSvc - ok
18:30:56.0874 5348  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:30:56.0889 5348  adp94xx - ok
18:30:56.0936 5348  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:30:56.0936 5348  adpahci - ok
18:30:56.0983 5348  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
18:30:56.0983 5348  adpu160m - ok
18:30:57.0014 5348  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:30:57.0030 5348  adpu320 - ok
18:30:57.0092 5348  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:30:57.0092 5348  AeLookupSvc - ok
18:30:57.0139 5348  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
18:30:57.0139 5348  AFD - ok
18:30:57.0170 5348  [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
18:30:57.0170 5348  AgereModemAudio - ok
18:30:57.0248 5348  [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
18:30:57.0264 5348  AgereSoftModem - ok
18:30:57.0310 5348  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:30:57.0342 5348  agp440 - ok
18:30:57.0373 5348  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:30:57.0373 5348  aic78xx - ok
18:30:57.0435 5348  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
18:30:57.0435 5348  ALG - ok
18:30:57.0451 5348  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:30:57.0451 5348  aliide - ok
18:30:57.0482 5348  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:30:57.0482 5348  amdagp - ok
18:30:57.0498 5348  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:30:57.0498 5348  amdide - ok
18:30:57.0529 5348  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
18:30:57.0529 5348  AmdK7 - ok
18:30:57.0560 5348  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:30:57.0560 5348  AmdK8 - ok
18:30:57.0607 5348  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
18:30:57.0622 5348  Appinfo - ok
18:30:57.0638 5348  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
18:30:57.0638 5348  arc - ok
18:30:57.0669 5348  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:30:57.0669 5348  arcsas - ok
18:30:57.0716 5348  [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:30:57.0716 5348  aswFsBlk - ok
18:30:57.0732 5348  [ 4691B3FE3717F9D9C64A5282C8543D4D ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
18:30:57.0732 5348  aswKbd - ok
18:30:57.0794 5348  [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:30:57.0794 5348  aswMonFlt - ok
18:30:57.0825 5348  [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
18:30:57.0825 5348  AswRdr - ok
18:30:57.0856 5348  [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:30:57.0856 5348  aswRvrt - ok
18:30:57.0903 5348  [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:30:57.0919 5348  aswSnx - ok
18:30:57.0966 5348  [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:30:57.0981 5348  aswSP - ok
18:30:58.0012 5348  [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:30:58.0012 5348  aswTdi - ok
18:30:58.0044 5348  [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:30:58.0044 5348  aswVmm - ok
18:30:58.0090 5348  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:30:58.0090 5348  AsyncMac - ok
18:30:58.0106 5348  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:30:58.0106 5348  atapi - ok
18:30:58.0153 5348  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:30:58.0168 5348  AudioEndpointBuilder - ok
18:30:58.0184 5348  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:30:58.0200 5348  Audiosrv - ok
18:30:58.0293 5348  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:30:58.0293 5348  avast! Antivirus - ok
18:30:58.0324 5348  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:30:58.0356 5348  Beep - ok
18:30:58.0402 5348  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
18:30:58.0418 5348  BFE - ok
18:30:58.0512 5348  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
18:30:58.0527 5348  BITS - ok
18:30:58.0574 5348  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:30:58.0574 5348  blbdrive - ok
18:30:58.0605 5348  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:30:58.0605 5348  bowser - ok
18:30:58.0636 5348  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
18:30:58.0636 5348  BrFiltLo - ok
18:30:58.0683 5348  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
18:30:58.0683 5348  BrFiltUp - ok
18:30:58.0714 5348  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
18:30:58.0714 5348  Browser - ok
18:30:58.0746 5348  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
18:30:58.0746 5348  Brserid - ok
18:30:58.0792 5348  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
18:30:58.0792 5348  BrSerWdm - ok
18:30:58.0824 5348  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
18:30:58.0824 5348  BrUsbMdm - ok
18:30:58.0870 5348  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
18:30:58.0870 5348  BrUsbSer - ok
18:30:58.0933 5348  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
18:30:58.0933 5348  BthEnum - ok
18:30:58.0980 5348  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:30:58.0980 5348  BTHMODEM - ok
18:30:59.0011 5348  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:30:59.0011 5348  BthPan - ok
18:30:59.0073 5348  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BthPort         C:\Windows\system32\Drivers\BTHport.sys
18:30:59.0089 5348  BthPort - ok
18:30:59.0120 5348  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
18:30:59.0120 5348  BthServ - ok
18:30:59.0136 5348  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
18:30:59.0136 5348  BTHUSB - ok
18:30:59.0167 5348  btwaudio - ok
18:30:59.0182 5348  btwavdt - ok
18:30:59.0198 5348  btwrchid - ok
18:30:59.0276 5348  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
18:30:59.0276 5348  BUNAgentSvc - ok
18:30:59.0323 5348  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:30:59.0323 5348  cdfs - ok
18:30:59.0401 5348  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:30:59.0401 5348  cdrom - ok
18:30:59.0448 5348  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:30:59.0448 5348  CertPropSvc - ok
18:30:59.0463 5348  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:30:59.0463 5348  circlass - ok
18:30:59.0510 5348  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
18:30:59.0510 5348  CLFS - ok
18:30:59.0572 5348  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:30:59.0588 5348  clr_optimization_v2.0.50727_32 - ok
18:30:59.0635 5348  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:30:59.0650 5348  clr_optimization_v4.0.30319_32 - ok
18:30:59.0697 5348  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:30:59.0697 5348  CmBatt - ok
18:30:59.0728 5348  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:30:59.0728 5348  cmdide - ok
18:30:59.0744 5348  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:30:59.0744 5348  Compbatt - ok
18:30:59.0760 5348  COMSysApp - ok
18:30:59.0806 5348  [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x32.sys
18:30:59.0806 5348  cpuz135 - ok
18:30:59.0822 5348  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:30:59.0822 5348  crcdisk - ok
18:30:59.0838 5348  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
18:30:59.0838 5348  Crusoe - ok
18:30:59.0900 5348  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:30:59.0900 5348  CryptSvc - ok
18:30:59.0978 5348  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:31:00.0009 5348  DcomLaunch - ok
18:31:00.0040 5348  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:31:00.0040 5348  DfsC - ok
18:31:00.0150 5348  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
18:31:00.0181 5348  DFSR - ok
18:31:00.0259 5348  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
18:31:00.0259 5348  Dhcp - ok
18:31:00.0290 5348  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
18:31:00.0290 5348  disk - ok
18:31:00.0321 5348  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
18:31:00.0321 5348  DKbFltr - ok
18:31:00.0368 5348  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:31:00.0368 5348  Dnscache - ok
18:31:00.0430 5348  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:31:00.0430 5348  dot3svc - ok
18:31:00.0493 5348  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
18:31:00.0493 5348  DPS - ok
18:31:00.0555 5348  [ 5C918D413F5837E67A85775C9873775E ] DritekPortIO    C:\PROGRA~1\LAUNCH~1\DPortIO.sys
18:31:00.0555 5348  DritekPortIO - ok
18:31:00.0586 5348  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:31:00.0586 5348  drmkaud - ok
18:31:00.0649 5348  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:31:00.0649 5348  dtsoftbus01 - ok
18:31:00.0711 5348  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:31:00.0727 5348  DXGKrnl - ok
18:31:00.0774 5348  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
18:31:00.0774 5348  E1G60 - ok
18:31:00.0820 5348  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
18:31:00.0836 5348  EapHost - ok
18:31:00.0867 5348  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
18:31:00.0867 5348  Ecache - ok
18:31:00.0930 5348  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:31:00.0930 5348  ehRecvr - ok
18:31:00.0961 5348  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
18:31:00.0961 5348  ehSched - ok
18:31:00.0976 5348  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
18:31:00.0976 5348  ehstart - ok
18:31:01.0039 5348  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:31:01.0054 5348  elxstor - ok
18:31:01.0101 5348  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
18:31:01.0117 5348  EMDMgmt - ok
18:31:01.0148 5348  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:31:01.0148 5348  ErrDev - ok
18:31:01.0242 5348  [ C0FE39B8F686B7C70A666E716CC12B49 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
18:31:01.0242 5348  ETService - ok
18:31:01.0288 5348  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
18:31:01.0320 5348  EventSystem - ok
18:31:01.0382 5348  [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:31:01.0413 5348  EvtEng - ok
18:31:01.0476 5348  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
18:31:01.0491 5348  exfat - ok
18:31:01.0538 5348  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:31:01.0538 5348  fastfat - ok
18:31:01.0569 5348  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:31:01.0569 5348  fdc - ok
18:31:01.0600 5348  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:31:01.0616 5348  fdPHost - ok
18:31:01.0632 5348  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:31:01.0647 5348  FDResPub - ok
18:31:01.0663 5348  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:31:01.0663 5348  FileInfo - ok
18:31:01.0678 5348  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:31:01.0678 5348  Filetrace - ok
18:31:01.0710 5348  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:31:01.0710 5348  flpydisk - ok
18:31:01.0741 5348  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:31:01.0741 5348  FltMgr - ok
18:31:01.0819 5348  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
18:31:01.0850 5348  FontCache - ok
18:31:01.0928 5348  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:31:01.0928 5348  FontCache3.0.0.0 - ok
18:31:01.0975 5348  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:31:01.0975 5348  Fs_Rec - ok
18:31:02.0037 5348  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:31:02.0037 5348  gagp30kx - ok
18:31:02.0084 5348  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:31:02.0115 5348  gpsvc - ok
18:31:02.0162 5348  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:31:02.0178 5348  HdAudAddService - ok
18:31:02.0224 5348  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:31:02.0240 5348  HDAudBus - ok
18:31:02.0318 5348  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:31:02.0318 5348  HidBth - ok
18:31:02.0349 5348  [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:31:02.0365 5348  HidIr - ok
18:31:02.0380 5348  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
18:31:02.0380 5348  hidserv - ok
18:31:02.0412 5348  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:31:02.0412 5348  HidUsb - ok
18:31:02.0458 5348  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:31:02.0458 5348  hkmsvc - ok
18:31:02.0490 5348  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
18:31:02.0490 5348  HpCISSs - ok
18:31:02.0552 5348  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:31:02.0552 5348  HTTP - ok
18:31:02.0599 5348  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
18:31:02.0599 5348  i2omp - ok
18:31:02.0646 5348  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:31:02.0646 5348  i8042prt - ok
18:31:02.0708 5348  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:31:02.0724 5348  IAANTMON - ok
18:31:02.0770 5348  [ 707C1692214B1C290271067197F075F6 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:31:02.0770 5348  iaStor - ok
18:31:02.0817 5348  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
18:31:02.0817 5348  iaStorV - ok
18:31:02.0895 5348  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:31:02.0926 5348  idsvc - ok
18:31:02.0942 5348  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:31:02.0958 5348  iirsp - ok
18:31:02.0989 5348  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:31:03.0020 5348  IKEEXT - ok
18:31:03.0067 5348  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
18:31:03.0067 5348  int15 - ok
18:31:03.0207 5348  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:31:03.0301 5348  IntcAzAudAddService - ok
18:31:03.0348 5348  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:31:03.0348 5348  intelide - ok
18:31:03.0363 5348  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:31:03.0363 5348  intelppm - ok
18:31:03.0410 5348  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:31:03.0410 5348  IPBusEnum - ok
18:31:03.0472 5348  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:03.0472 5348  IpFilterDriver - ok
18:31:03.0504 5348  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:31:03.0504 5348  iphlpsvc - ok
18:31:03.0519 5348  IpInIp - ok
18:31:03.0550 5348  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
18:31:03.0550 5348  IPMIDRV - ok
18:31:03.0582 5348  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
18:31:03.0582 5348  IPNAT - ok
18:31:03.0613 5348  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:31:03.0613 5348  IRENUM - ok
18:31:03.0644 5348  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:31:03.0644 5348  isapnp - ok
18:31:03.0691 5348  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:31:03.0691 5348  iScsiPrt - ok
18:31:03.0722 5348  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
18:31:03.0722 5348  iteatapi - ok
18:31:03.0753 5348  [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
18:31:03.0753 5348  itecir - ok
18:31:03.0800 5348  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
18:31:03.0800 5348  iteraid - ok
18:31:03.0862 5348  [ 7E6A3E1CD74E8C97EED06670D2A691DA ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
18:31:03.0862 5348  JMCR - ok
18:31:03.0909 5348  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:31:03.0925 5348  kbdclass - ok
18:31:03.0972 5348  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:31:03.0972 5348  kbdhid - ok
18:31:04.0018 5348  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
18:31:04.0018 5348  KeyIso - ok
18:31:04.0065 5348  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:31:04.0096 5348  KSecDD - ok
18:31:04.0143 5348  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:31:04.0159 5348  KtmRm - ok
18:31:04.0221 5348  [ 24ABDDEB766C8459F9D562EB083B6CB8 ] L1E             C:\Windows\system32\DRIVERS\L1E60x86.sys
18:31:04.0221 5348  L1E - ok
18:31:04.0268 5348  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:31:04.0284 5348  LanmanServer - ok
18:31:04.0330 5348  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:31:04.0346 5348  LanmanWorkstation - ok
18:31:04.0377 5348  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:31:04.0393 5348  LightScribeService - ok
18:31:04.0424 5348  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:31:04.0424 5348  lltdio - ok
18:31:04.0486 5348  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:31:04.0502 5348  lltdsvc - ok
18:31:04.0533 5348  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:31:04.0549 5348  lmhosts - ok
18:31:04.0564 5348  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:31:04.0580 5348  LSI_FC - ok
18:31:04.0596 5348  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:31:04.0596 5348  LSI_SAS - ok
18:31:04.0627 5348  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:31:04.0627 5348  LSI_SCSI - ok
18:31:04.0642 5348  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
18:31:04.0642 5348  luafv - ok
18:31:04.0674 5348  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:31:04.0674 5348  Mcx2Svc - ok
18:31:04.0705 5348  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:31:04.0720 5348  megasas - ok
18:31:04.0736 5348  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
18:31:04.0767 5348  MegaSR - ok
18:31:04.0798 5348  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
18:31:04.0814 5348  MMCSS - ok
18:31:04.0845 5348  MobilityService - ok
18:31:04.0876 5348  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
18:31:04.0876 5348  Modem - ok
18:31:04.0923 5348  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:31:04.0923 5348  monitor - ok
18:31:04.0954 5348  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:31:04.0954 5348  mouclass - ok
18:31:04.0970 5348  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:31:04.0970 5348  mouhid - ok
18:31:05.0001 5348  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
18:31:05.0017 5348  MountMgr - ok
18:31:05.0064 5348  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:31:05.0064 5348  MozillaMaintenance - ok
18:31:05.0110 5348  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:31:05.0110 5348  mpio - ok
18:31:05.0126 5348  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:31:05.0126 5348  mpsdrv - ok
18:31:05.0173 5348  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:31:05.0188 5348  MpsSvc - ok
18:31:05.0220 5348  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
18:31:05.0220 5348  Mraid35x - ok
18:31:05.0266 5348  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:31:05.0266 5348  MRxDAV - ok
18:31:05.0313 5348  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:05.0313 5348  mrxsmb - ok
18:31:05.0344 5348  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:05.0344 5348  mrxsmb10 - ok
18:31:05.0376 5348  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:05.0376 5348  mrxsmb20 - ok
18:31:05.0438 5348  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
18:31:05.0438 5348  msahci - ok
18:31:05.0500 5348  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:31:05.0500 5348  msdsm - ok
18:31:05.0516 5348  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
18:31:05.0532 5348  MSDTC - ok
18:31:05.0563 5348  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:31:05.0563 5348  Msfs - ok
18:31:05.0578 5348  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:31:05.0578 5348  msisadrv - ok
18:31:05.0610 5348  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:31:05.0625 5348  MSiSCSI - ok
18:31:05.0641 5348  msiserver - ok
18:31:05.0672 5348  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:31:05.0672 5348  MSKSSRV - ok
18:31:05.0688 5348  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:05.0688 5348  MSPCLOCK - ok
18:31:05.0703 5348  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:31:05.0703 5348  MSPQM - ok
18:31:05.0750 5348  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:31:05.0750 5348  MsRPC - ok
18:31:05.0781 5348  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:31:05.0781 5348  mssmbios - ok
18:31:05.0797 5348  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:31:05.0797 5348  MSTEE - ok
18:31:05.0828 5348  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
18:31:05.0828 5348  Mup - ok
18:31:05.0859 5348  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
18:31:05.0875 5348  napagent - ok
18:31:05.0922 5348  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:31:05.0937 5348  NativeWifiP - ok
18:31:05.0984 5348  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:31:05.0984 5348  NDIS - ok
18:31:06.0015 5348  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:31:06.0015 5348  NdisTapi - ok
18:31:06.0046 5348  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:31:06.0046 5348  Ndisuio - ok
18:31:06.0078 5348  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:31:06.0078 5348  NdisWan - ok
18:31:06.0093 5348  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:31:06.0093 5348  NDProxy - ok
18:31:06.0124 5348  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:31:06.0124 5348  NetBIOS - ok
18:31:06.0140 5348  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
18:31:06.0156 5348  netbt - ok
18:31:06.0171 5348  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
18:31:06.0171 5348  Netlogon - ok
18:31:06.0218 5348  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
18:31:06.0234 5348  Netman - ok
18:31:06.0265 5348  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
18:31:06.0280 5348  netprofm - ok
18:31:06.0327 5348  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:31:06.0327 5348  NetTcpPortSharing - ok
18:31:06.0483 5348  [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
18:31:06.0546 5348  NETw5v32 - ok
18:31:06.0655 5348  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:31:06.0655 5348  nfrd960 - ok
18:31:06.0686 5348  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:31:06.0702 5348  NlaSvc - ok
18:31:06.0748 5348  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:31:06.0748 5348  Npfs - ok
18:31:06.0780 5348  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
18:31:06.0780 5348  nsi - ok
18:31:06.0795 5348  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:31:06.0811 5348  nsiproxy - ok
18:31:06.0858 5348  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:31:06.0889 5348  Ntfs - ok
18:31:06.0904 5348  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
18:31:06.0904 5348  NTIBackupSvc - ok
18:31:06.0920 5348  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
18:31:06.0920 5348  NTIDrvr - ok
18:31:06.0936 5348  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
18:31:06.0936 5348  NTISchedulerSvc - ok
18:31:06.0951 5348  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
18:31:06.0967 5348  ntrigdigi - ok
18:31:06.0982 5348  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
18:31:06.0982 5348  Null - ok
18:31:07.0029 5348  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
18:31:07.0029 5348  NVHDA - ok
18:31:07.0404 5348  [ C1E661888C719FC2E12C057F233FB238 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:31:07.0560 5348  nvlddmkm - ok
18:31:07.0622 5348  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:31:07.0622 5348  nvraid - ok
18:31:07.0669 5348  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:31:07.0669 5348  nvstor - ok
18:31:07.0731 5348  [ 31D7E63B62BC4680B5D1358F91DA104E ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:31:07.0762 5348  nvsvc - ok
18:31:07.0856 5348  [ 143B429F2D19A0F123ED8E4BCA8DB751 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:31:07.0887 5348  nvUpdatusService - ok
18:31:07.0918 5348  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:31:07.0934 5348  nv_agp - ok
18:31:07.0934 5348  NwlnkFlt - ok
18:31:07.0950 5348  NwlnkFwd - ok
18:31:08.0028 5348  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:31:08.0059 5348  odserv - ok
18:31:08.0074 5348  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:31:08.0074 5348  ohci1394 - ok
18:31:08.0121 5348  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:31:08.0121 5348  ose - ok
18:31:08.0184 5348  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
18:31:08.0215 5348  p2pimsvc - ok
18:31:08.0246 5348  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:31:08.0262 5348  p2psvc - ok
18:31:08.0308 5348  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
18:31:08.0308 5348  Parport - ok
18:31:08.0355 5348  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:31:08.0371 5348  partmgr - ok
18:31:08.0402 5348  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
18:31:08.0402 5348  Parvdm - ok
18:31:08.0433 5348  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:31:08.0449 5348  PcaSvc - ok
18:31:08.0480 5348  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
18:31:08.0480 5348  pci - ok
18:31:08.0542 5348  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
18:31:08.0542 5348  pciide - ok
18:31:08.0558 5348  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:31:08.0574 5348  pcmcia - ok
18:31:08.0620 5348  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:31:08.0636 5348  PEAUTH - ok
18:31:08.0730 5348  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
18:31:08.0808 5348  pla - ok
18:31:08.0839 5348  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:31:08.0854 5348  PlugPlay - ok
18:31:08.0901 5348  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
18:31:08.0917 5348  PNRPAutoReg - ok
18:31:08.0964 5348  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
18:31:08.0979 5348  PNRPsvc - ok
18:31:09.0010 5348  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:31:09.0026 5348  PolicyAgent - ok
18:31:09.0057 5348  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:31:09.0073 5348  PptpMiniport - ok
18:31:09.0088 5348  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
18:31:09.0088 5348  Processor - ok
18:31:09.0120 5348  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:31:09.0135 5348  ProfSvc - ok
18:31:09.0166 5348  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:31:09.0166 5348  ProtectedStorage - ok
18:31:09.0198 5348  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
18:31:09.0198 5348  PSched - ok
18:31:09.0260 5348  [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
18:31:09.0260 5348  PSDFilter - ok
18:31:09.0276 5348  [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ        C:\Windows\system32\drivers\PSDNServ.sys
18:31:09.0276 5348  PSDNServ - ok
18:31:09.0307 5348  [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk        C:\Windows\system32\drivers\psdvdisk.sys
18:31:09.0307 5348  psdvdisk - ok
18:31:09.0338 5348  [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:31:09.0354 5348  PSI_SVC_2 - ok
18:31:09.0432 5348  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:31:09.0447 5348  ql2300 - ok
18:31:09.0478 5348  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:31:09.0478 5348  ql40xx - ok
18:31:09.0510 5348  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
18:31:09.0525 5348  QWAVE - ok
18:31:09.0572 5348  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:31:09.0572 5348  QWAVEdrv - ok
18:31:09.0588 5348  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:31:09.0603 5348  RasAcd - ok
18:31:09.0619 5348  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
18:31:09.0634 5348  RasAuto - ok
18:31:09.0650 5348  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:31:09.0650 5348  Rasl2tp - ok
18:31:09.0697 5348  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
18:31:09.0712 5348  RasMan - ok
18:31:09.0744 5348  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:31:09.0744 5348  RasPppoe - ok
18:31:09.0775 5348  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:31:09.0775 5348  RasSstp - ok
18:31:09.0806 5348  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:31:09.0822 5348  rdbss - ok
18:31:09.0853 5348  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:31:09.0853 5348  RDPCDD - ok
18:31:09.0900 5348  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
18:31:09.0900 5348  rdpdr - ok
18:31:09.0915 5348  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:31:09.0915 5348  RDPENCDD - ok
18:31:09.0978 5348  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:31:09.0978 5348  RDPWD - ok
18:31:10.0024 5348  [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:31:10.0040 5348  RegSrvc - ok
18:31:10.0071 5348  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:31:10.0071 5348  RemoteAccess - ok
18:31:10.0102 5348  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:31:10.0118 5348  RemoteRegistry - ok
18:31:10.0165 5348  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:31:10.0165 5348  RFCOMM - ok
18:31:10.0196 5348  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
18:31:10.0196 5348  RpcLocator - ok
18:31:10.0243 5348  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
18:31:10.0258 5348  RpcSs - ok
18:31:10.0290 5348  [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys
18:31:10.0305 5348  RRNetCap - ok
18:31:10.0305 5348  [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys
18:31:10.0305 5348  RRNetCapMP - ok
18:31:10.0336 5348  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:31:10.0336 5348  rspndr - ok
18:31:10.0352 5348  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
18:31:10.0368 5348  SamSs - ok
18:31:10.0430 5348  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:31:10.0430 5348  SASDIFSV - ok
18:31:10.0446 5348  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:31:10.0446 5348  SASKUTIL - ok
18:31:10.0492 5348  [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
18:31:10.0492 5348  sbapifs - ok
18:31:10.0539 5348  [ BCF3BA30C1CFA2942CF26C31384B37C7 ] SbFw            C:\Windows\system32\drivers\SbFw.sys
18:31:10.0539 5348  SbFw - ok
18:31:10.0586 5348  [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
18:31:10.0602 5348  SBFWIMCL - ok
18:31:10.0602 5348  [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
18:31:10.0617 5348  SBFWIMCLMP - ok
18:31:10.0648 5348  [ 1AFD7178AB9C4FCE2D332DA7AA474FA6 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
18:31:10.0664 5348  sbhips - ok
18:31:10.0695 5348  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:31:10.0695 5348  sbp2port - ok
18:31:10.0726 5348  [ 9BDF801A6C78E3F1E6FA1C5CA90BAA8A ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
18:31:10.0726 5348  sbwtis - ok
18:31:10.0758 5348  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:31:10.0773 5348  SCardSvr - ok
18:31:10.0836 5348  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
18:31:10.0867 5348  Schedule - ok
18:31:10.0898 5348  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:31:10.0898 5348  SCPolicySvc - ok
18:31:10.0929 5348  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:31:10.0945 5348  SDRSVC - ok
18:31:10.0960 5348  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:31:10.0976 5348  secdrv - ok
18:31:10.0992 5348  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
18:31:11.0007 5348  seclogon - ok
18:31:11.0023 5348  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
18:31:11.0038 5348  SENS - ok
18:31:11.0054 5348  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:31:11.0054 5348  Serenum - ok
18:31:11.0085 5348  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
18:31:11.0085 5348  Serial - ok
18:31:11.0116 5348  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:31:11.0116 5348  sermouse - ok
18:31:11.0148 5348  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:31:11.0163 5348  SessionEnv - ok
18:31:11.0179 5348  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:31:11.0179 5348  sffdisk - ok
18:31:11.0194 5348  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:31:11.0194 5348  sffp_mmc - ok
18:31:11.0210 5348  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:31:11.0226 5348  sffp_sd - ok
18:31:11.0226 5348  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:31:11.0241 5348  sfloppy - ok
18:31:11.0272 5348  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:31:11.0288 5348  SharedAccess - ok
18:31:11.0335 5348  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:31:11.0350 5348  ShellHWDetection - ok
18:31:11.0366 5348  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:31:11.0366 5348  sisagp - ok
18:31:11.0382 5348  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
18:31:11.0382 5348  SiSRaid2 - ok
18:31:11.0413 5348  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:31:11.0413 5348  SiSRaid4 - ok
18:31:11.0553 5348  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
18:31:11.0616 5348  slsvc - ok
18:31:11.0740 5348  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
18:31:11.0756 5348  SLUINotify - ok
18:31:11.0787 5348  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:31:11.0787 5348  Smb - ok
18:31:11.0818 5348  [ CDE05A7FB8F3707391716780427DC0FC ] SMR311          C:\Windows\system32\drivers\SMR311.SYS
18:31:11.0834 5348  SMR311 - ok
18:31:11.0881 5348  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:31:11.0881 5348  SNMPTRAP - ok
18:31:11.0912 5348  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
18:31:11.0912 5348  spldr - ok
18:31:11.0959 5348  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
18:31:11.0974 5348  Spooler - ok
18:31:11.0990 5348  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:31:12.0006 5348  srv - ok
18:31:12.0021 5348  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:31:12.0021 5348  srv2 - ok
18:31:12.0037 5348  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:31:12.0037 5348  srvnet - ok
18:31:12.0084 5348  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:31:12.0099 5348  SSDPSRV - ok
18:31:12.0130 5348  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:31:12.0146 5348  SstpSvc - ok
18:31:12.0193 5348  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:31:12.0193 5348  StillCam - ok
18:31:12.0240 5348  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
18:31:12.0255 5348  stisvc - ok
18:31:12.0302 5348  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:31:12.0302 5348  swenum - ok
18:31:12.0349 5348  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
18:31:12.0364 5348  swprv - ok
18:31:12.0380 5348  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
18:31:12.0380 5348  Symc8xx - ok
18:31:12.0396 5348  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
18:31:12.0411 5348  Sym_hi - ok
18:31:12.0427 5348  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
18:31:12.0427 5348  Sym_u3 - ok
18:31:12.0442 5348  [ 93D33A3A0A4516584A1394C7821BAE2E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:31:12.0458 5348  SynTP - ok
18:31:12.0505 5348  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
18:31:12.0536 5348  SysMain - ok
18:31:12.0598 5348  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:31:12.0614 5348  TabletInputService - ok
18:31:12.0645 5348  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:31:12.0676 5348  TapiSrv - ok
18:31:12.0708 5348  [ D7F411C5AF992BB44E86083A6AA7B045 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
18:31:12.0723 5348  tbhsd - ok
18:31:12.0739 5348  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
18:31:12.0754 5348  TBS - ok
18:31:12.0801 5348  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:31:12.0817 5348  Tcpip - ok
18:31:12.0879 5348  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
18:31:12.0895 5348  Tcpip6 - ok
18:31:12.0926 5348  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:31:12.0926 5348  tcpipreg - ok
18:31:12.0973 5348  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:31:12.0973 5348  TDPIPE - ok
18:31:13.0004 5348  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:31:13.0004 5348  TDTCP - ok
18:31:13.0035 5348  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:31:13.0035 5348  tdx - ok
18:31:13.0066 5348  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:31:13.0066 5348  TermDD - ok
18:31:13.0113 5348  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
18:31:13.0144 5348  TermService - ok
18:31:13.0176 5348  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
18:31:13.0191 5348  Themes - ok
18:31:13.0207 5348  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:31:13.0207 5348  THREADORDER - ok
18:31:13.0254 5348  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
18:31:13.0269 5348  TrkWks - ok
18:31:13.0316 5348  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:31:13.0316 5348  TrustedInstaller - ok
18:31:13.0363 5348  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:31:13.0363 5348  tssecsrv - ok
18:31:13.0394 5348  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
18:31:13.0394 5348  tunmp - ok
18:31:13.0425 5348  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:31:13.0425 5348  tunnel - ok
18:31:13.0456 5348  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:31:13.0456 5348  uagp35 - ok
18:31:13.0503 5348  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:31:13.0503 5348  UBHelper - ok
18:31:13.0550 5348  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:31:13.0550 5348  udfs - ok
18:31:13.0612 5348  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:31:13.0628 5348  UI0Detect - ok
18:31:13.0644 5348  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:31:13.0644 5348  uliagpkx - ok
18:31:13.0675 5348  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
18:31:13.0675 5348  uliahci - ok
18:31:13.0706 5348  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
18:31:13.0706 5348  UlSata - ok
18:31:13.0722 5348  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
18:31:13.0722 5348  ulsata2 - ok
18:31:13.0753 5348  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:31:13.0753 5348  umbus - ok
18:31:13.0784 5348  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
18:31:13.0800 5348  upnphost - ok
18:31:13.0862 5348  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:31:13.0862 5348  usbaudio - ok
18:31:13.0893 5348  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:31:13.0893 5348  usbccgp - ok
18:31:13.0924 5348  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:31:13.0940 5348  usbcir - ok
18:31:13.0971 5348  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:31:13.0971 5348  usbehci - ok
18:31:13.0987 5348  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:31:14.0002 5348  usbhub - ok
18:31:14.0018 5348  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:31:14.0018 5348  usbohci - ok
18:31:14.0034 5348  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:31:14.0049 5348  usbprint - ok
18:31:14.0065 5348  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:31:14.0065 5348  USBSTOR - ok
18:31:14.0096 5348  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:31:14.0096 5348  usbuhci - ok
18:31:14.0127 5348  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:31:14.0127 5348  usbvideo - ok
18:31:14.0158 5348  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
18:31:14.0174 5348  UxSms - ok
18:31:14.0221 5348  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
18:31:14.0268 5348  vds - ok
18:31:14.0299 5348  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1 ] vfs101x         C:\Windows\system32\drivers\vfs101x.sys
18:31:14.0299 5348  vfs101x - ok
18:31:14.0361 5348  [ D4584341007DF94E31943B19BB9C110E ] vfsFPService    C:\Windows\system32\vfsFPService.exe
18:31:14.0392 5348  vfsFPService - ok
18:31:14.0408 5348  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:31:14.0408 5348  vga - ok
18:31:14.0439 5348  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:31:14.0439 5348  VgaSave - ok
18:31:14.0455 5348  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:31:14.0470 5348  viaagp - ok
18:31:14.0502 5348  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
18:31:14.0502 5348  ViaC7 - ok
18:31:14.0533 5348  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
18:31:14.0533 5348  viaide - ok
18:31:14.0548 5348  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:31:14.0564 5348  volmgr - ok
18:31:14.0626 5348  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:31:14.0626 5348  volmgrx - ok
18:31:14.0673 5348  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:31:14.0689 5348  volsnap - ok
18:31:14.0704 5348  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:31:14.0704 5348  vsmraid - ok
18:31:14.0767 5348  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
18:31:14.0814 5348  VSS - ok
18:31:14.0860 5348  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
18:31:14.0876 5348  W32Time - ok
18:31:14.0907 5348  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:31:14.0907 5348  WacomPen - ok
18:31:14.0938 5348  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:31:14.0938 5348  Wanarp - ok
18:31:14.0938 5348  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:31:14.0954 5348  Wanarpv6 - ok
18:31:14.0985 5348  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:31:15.0016 5348  wcncsvc - ok
18:31:15.0032 5348  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:31:15.0048 5348  WcsPlugInService - ok
18:31:15.0063 5348  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
18:31:15.0079 5348  Wd - ok
18:31:15.0126 5348  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:31:15.0141 5348  Wdf01000 - ok
18:31:15.0157 5348  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:31:15.0172 5348  WdiServiceHost - ok
18:31:15.0188 5348  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:31:15.0204 5348  WdiSystemHost - ok
18:31:15.0250 5348  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
18:31:15.0266 5348  WebClient - ok
18:31:15.0297 5348  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:31:15.0313 5348  Wecsvc - ok
18:31:15.0328 5348  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:31:15.0344 5348  wercplsupport - ok
18:31:15.0391 5348  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:31:15.0406 5348  WerSvc - ok
18:31:15.0453 5348  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:31:15.0453 5348  WinDefend - ok
18:31:15.0469 5348  WinHttpAutoProxySvc - ok
18:31:15.0547 5348  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:31:15.0547 5348  Winmgmt - ok
18:31:15.0625 5348  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:31:15.0703 5348  WinRM - ok
18:31:15.0750 5348  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:31:15.0765 5348  Wlansvc - ok
18:31:15.0796 5348  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:31:15.0812 5348  WmiAcpi - ok
18:31:15.0843 5348  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:31:15.0843 5348  wmiApSrv - ok
18:31:15.0921 5348  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:31:15.0937 5348  WMPNetworkSvc - ok
18:31:15.0968 5348  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:31:15.0984 5348  WPCSvc - ok
18:31:16.0015 5348  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:31:16.0030 5348  WPDBusEnum - ok
18:31:16.0077 5348  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
18:31:16.0077 5348  WpdUsb - ok
18:31:16.0202 5348  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:31:16.0218 5348  WPFFontCache_v0400 - ok
18:31:16.0233 5348  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:31:16.0233 5348  ws2ifsl - ok
18:31:16.0280 5348  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
18:31:16.0296 5348  wscsvc - ok
18:31:16.0327 5348  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:31:16.0327 5348  WSDPrintDevice - ok
18:31:16.0342 5348  WSearch - ok
18:31:16.0436 5348  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
18:31:16.0483 5348  wuauserv - ok
18:31:16.0530 5348  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:31:16.0530 5348  WudfPf - ok
18:31:16.0576 5348  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:31:16.0576 5348  WUDFRd - ok
18:31:16.0623 5348  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:31:16.0654 5348  wudfsvc - ok
18:31:16.0686 5348  ================ Scan global ===============================
18:31:16.0717 5348  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:31:16.0764 5348  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:31:16.0826 5348  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:31:16.0888 5348  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:31:16.0904 5348  [Global] - ok
18:31:16.0904 5348  ================ Scan MBR ==================================
18:31:16.0935 5348  [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0
18:31:18.0386 5348  \Device\Harddisk0\DR0 - ok
18:31:18.0386 5348  ================ Scan VBR ==================================
18:31:18.0402 5348  [ E4E00D30E11756F212A944E6622FAC18 ] \Device\Harddisk0\DR0\Partition1
18:31:18.0402 5348  \Device\Harddisk0\DR0\Partition1 - ok
18:31:18.0433 5348  [ EEE33AE60B499CFBFE20C636F19CA615 ] \Device\Harddisk0\DR0\Partition2
18:31:18.0433 5348  \Device\Harddisk0\DR0\Partition2 - ok
18:31:18.0433 5348  ============================================================
18:31:18.0433 5348  Scan finished
18:31:18.0433 5348  ============================================================
18:31:18.0448 4256  Detected object count: 0
18:31:18.0448 4256  Actual detected object count: 0
18:31:36.0856 5436  Deinitialize success

Alt 15.03.2013, 11:03   #10
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Und nochmal sry, hier die Logfile mit den richtigen Einstellungen.
Da hat er auch was gefunden

Code:
ATTFilter
10:52:34.0438 5700  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:52:34.0812 5700  ============================================================
10:52:34.0812 5700  Current date / time: 2013/03/15 10:52:34.0812
10:52:34.0812 5700  SystemInfo:
10:52:34.0812 5700  
10:52:34.0812 5700  OS Version: 6.0.6002 ServicePack: 2.0
10:52:34.0812 5700  Product type: Workstation
10:52:34.0812 5700  ComputerName: CB-PC
10:52:34.0828 5700  UserName: cb
10:52:34.0828 5700  Windows directory: C:\Windows
10:52:34.0828 5700  System windows directory: C:\Windows
10:52:34.0828 5700  Processor architecture: Intel x86
10:52:34.0828 5700  Number of processors: 2
10:52:34.0828 5700  Page size: 0x1000
10:52:34.0828 5700  Boot type: Normal boot
10:52:34.0828 5700  ============================================================
10:52:35.0748 5700  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:52:35.0764 5700  ============================================================
10:52:35.0764 5700  \Device\Harddisk0\DR0:
10:52:35.0764 5700  MBR partitions:
10:52:35.0764 5700  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x12016800
10:52:35.0764 5700  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A17000, BlocksNum 0x11300000
10:52:35.0764 5700  ============================================================
10:52:35.0795 5700  C: <-> \Device\Harddisk0\DR0\Partition1
10:52:35.0842 5700  D: <-> \Device\Harddisk0\DR0\Partition2
10:52:35.0842 5700  ============================================================
10:52:35.0842 5700  Initialize success
10:52:35.0842 5700  ============================================================
10:53:10.0911 4320  ============================================================
10:53:10.0911 4320  Scan started
10:53:10.0911 4320  Mode: Manual; SigCheck; TDLFS; 
10:53:10.0911 4320  ============================================================
10:53:11.0332 4320  ================ Scan system memory ========================
10:53:11.0332 4320  System memory - ok
10:53:11.0332 4320  ================ Scan services =============================
10:53:11.0426 4320  [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:53:11.0691 4320  !SASCORE - ok
10:53:11.0956 4320  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:53:12.0003 4320  ACPI - ok
10:53:12.0081 4320  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:53:12.0128 4320  AdobeARMservice - ok
10:53:12.0190 4320  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:12.0237 4320  AdobeFlashPlayerUpdateSvc - ok
10:53:12.0315 4320  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:53:12.0377 4320  adp94xx - ok
10:53:12.0424 4320  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:53:12.0471 4320  adpahci - ok
10:53:12.0502 4320  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:53:12.0549 4320  adpu160m - ok
10:53:12.0564 4320  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:53:12.0611 4320  adpu320 - ok
10:53:12.0658 4320  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:53:12.0783 4320  AeLookupSvc - ok
10:53:12.0830 4320  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
10:53:12.0908 4320  AFD - ok
10:53:12.0954 4320  [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
10:53:13.0017 4320  AgereModemAudio - ok
10:53:13.0079 4320  [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
10:53:13.0251 4320  AgereSoftModem - ok
10:53:13.0282 4320  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:53:13.0329 4320  agp440 - ok
10:53:13.0344 4320  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:53:13.0391 4320  aic78xx - ok
10:53:13.0422 4320  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
10:53:13.0500 4320  ALG - ok
10:53:13.0516 4320  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:53:13.0547 4320  aliide - ok
10:53:13.0578 4320  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:53:13.0610 4320  amdagp - ok
10:53:13.0625 4320  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:53:13.0672 4320  amdide - ok
10:53:13.0688 4320  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:53:13.0781 4320  AmdK7 - ok
10:53:13.0812 4320  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:53:13.0890 4320  AmdK8 - ok
10:53:13.0937 4320  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
10:53:14.0000 4320  Appinfo - ok
10:53:14.0031 4320  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
10:53:14.0078 4320  arc - ok
10:53:14.0109 4320  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:53:14.0156 4320  arcsas - ok
10:53:14.0202 4320  [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
10:53:14.0358 4320  aswFsBlk - ok
10:53:14.0436 4320  [ 4691B3FE3717F9D9C64A5282C8543D4D ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
10:53:14.0468 4320  aswKbd - ok
10:53:14.0514 4320  [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
10:53:14.0546 4320  aswMonFlt - ok
10:53:14.0577 4320  [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
10:53:14.0608 4320  AswRdr - ok
10:53:14.0639 4320  [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
10:53:14.0670 4320  aswRvrt - ok
10:53:14.0717 4320  [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
10:53:14.0811 4320  aswSnx - ok
10:53:14.0842 4320  [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
10:53:14.0904 4320  aswSP - ok
10:53:14.0920 4320  [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
10:53:14.0951 4320  aswTdi - ok
10:53:14.0982 4320  [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
10:53:15.0029 4320  aswVmm - ok
10:53:15.0060 4320  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:53:15.0154 4320  AsyncMac - ok
10:53:15.0170 4320  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:53:15.0216 4320  atapi - ok
10:53:15.0263 4320  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:53:15.0341 4320  AudioEndpointBuilder - ok
10:53:15.0372 4320  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:53:15.0435 4320  Audiosrv - ok
10:53:15.0482 4320  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:53:15.0513 4320  avast! Antivirus - ok
10:53:15.0560 4320  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:53:15.0653 4320  Beep - ok
10:53:15.0684 4320  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
10:53:15.0778 4320  BFE - ok
10:53:15.0825 4320  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
10:53:15.0965 4320  BITS - ok
10:53:15.0996 4320  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:53:16.0074 4320  blbdrive - ok
10:53:16.0106 4320  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:53:16.0152 4320  bowser - ok
10:53:16.0184 4320  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:53:16.0246 4320  BrFiltLo - ok
10:53:16.0277 4320  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:53:16.0355 4320  BrFiltUp - ok
10:53:16.0386 4320  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
10:53:16.0480 4320  Browser - ok
10:53:16.0511 4320  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:53:16.0652 4320  Brserid - ok
10:53:16.0683 4320  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:53:16.0808 4320  BrSerWdm - ok
10:53:16.0917 4320  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:53:17.0042 4320  BrUsbMdm - ok
10:53:17.0073 4320  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:53:17.0198 4320  BrUsbSer - ok
10:53:17.0260 4320  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
10:53:17.0307 4320  BthEnum - ok
10:53:17.0338 4320  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:53:17.0463 4320  BTHMODEM - ok
10:53:17.0494 4320  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:53:17.0572 4320  BthPan - ok
10:53:17.0634 4320  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BthPort         C:\Windows\system32\Drivers\BTHport.sys
10:53:17.0712 4320  BthPort - ok
10:53:17.0744 4320  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
10:53:17.0806 4320  BthServ - ok
10:53:17.0837 4320  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:53:17.0900 4320  BTHUSB - ok
10:53:17.0931 4320  btwaudio - ok
10:53:17.0946 4320  btwavdt - ok
10:53:17.0962 4320  btwrchid - ok
10:53:18.0040 4320  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
10:53:18.0056 4320  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
10:53:18.0056 4320  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
10:53:18.0102 4320  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:53:18.0180 4320  cdfs - ok
10:53:18.0212 4320  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:53:18.0305 4320  cdrom - ok
10:53:18.0352 4320  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:53:18.0446 4320  CertPropSvc - ok
10:53:18.0461 4320  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:53:18.0555 4320  circlass - ok
10:53:18.0586 4320  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
10:53:18.0633 4320  CLFS - ok
10:53:18.0695 4320  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:18.0742 4320  clr_optimization_v2.0.50727_32 - ok
10:53:18.0804 4320  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:18.0836 4320  clr_optimization_v4.0.30319_32 - ok
10:53:18.0882 4320  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:53:18.0960 4320  CmBatt - ok
10:53:18.0976 4320  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:53:19.0023 4320  cmdide - ok
10:53:19.0038 4320  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:53:19.0085 4320  Compbatt - ok
10:53:19.0085 4320  COMSysApp - ok
10:53:19.0132 4320  [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x32.sys
10:53:19.0163 4320  cpuz135 - ok
10:53:19.0179 4320  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:53:19.0226 4320  crcdisk - ok
10:53:19.0241 4320  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:53:19.0319 4320  Crusoe - ok
10:53:19.0366 4320  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:53:19.0413 4320  CryptSvc - ok
10:53:19.0475 4320  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:53:19.0584 4320  DcomLaunch - ok
10:53:19.0631 4320  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:53:19.0694 4320  DfsC - ok
10:53:19.0787 4320  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
10:53:19.0990 4320  DFSR - ok
10:53:20.0052 4320  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:53:20.0130 4320  Dhcp - ok
10:53:20.0162 4320  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
10:53:20.0193 4320  disk - ok
10:53:20.0224 4320  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
10:53:20.0271 4320  DKbFltr - ok
10:53:20.0302 4320  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:53:20.0349 4320  Dnscache - ok
10:53:20.0396 4320  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:53:20.0474 4320  dot3svc - ok
10:53:20.0505 4320  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
10:53:20.0583 4320  DPS - ok
10:53:20.0676 4320  [ 5C918D413F5837E67A85775C9873775E ] DritekPortIO    C:\PROGRA~1\LAUNCH~1\DPortIO.sys
10:53:20.0708 4320  DritekPortIO - ok
10:53:20.0739 4320  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:53:20.0817 4320  drmkaud - ok
10:53:20.0864 4320  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:53:20.0895 4320  dtsoftbus01 - ok
10:53:20.0957 4320  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:53:21.0035 4320  DXGKrnl - ok
10:53:21.0066 4320  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:53:21.0160 4320  E1G60 - ok
10:53:21.0191 4320  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
10:53:21.0269 4320  EapHost - ok
10:53:21.0300 4320  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:53:21.0347 4320  Ecache - ok
10:53:21.0410 4320  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:53:21.0456 4320  ehRecvr - ok
10:53:21.0472 4320  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
10:53:21.0534 4320  ehSched - ok
10:53:21.0550 4320  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
10:53:21.0597 4320  ehstart - ok
10:53:21.0659 4320  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:53:21.0722 4320  elxstor - ok
10:53:21.0768 4320  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:53:21.0893 4320  EMDMgmt - ok
10:53:21.0924 4320  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:53:22.0002 4320  ErrDev - ok
10:53:22.0096 4320  [ C0FE39B8F686B7C70A666E716CC12B49 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
10:53:22.0112 4320  ETService ( UnsignedFile.Multi.Generic ) - warning
10:53:22.0112 4320  ETService - detected UnsignedFile.Multi.Generic (1)
10:53:22.0174 4320  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
10:53:22.0268 4320  EventSystem - ok
10:53:22.0330 4320  [ 306AC856622864C761CBDB5E816BB9D8 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:53:22.0439 4320  EvtEng ( UnsignedFile.Multi.Generic ) - warning
10:53:22.0439 4320  EvtEng - detected UnsignedFile.Multi.Generic (1)
10:53:22.0486 4320  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
10:53:22.0564 4320  exfat - ok
10:53:22.0611 4320  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:53:22.0673 4320  fastfat - ok
10:53:22.0704 4320  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:53:22.0782 4320  fdc - ok
10:53:22.0814 4320  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:53:22.0892 4320  fdPHost - ok
10:53:22.0923 4320  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:53:23.0063 4320  FDResPub - ok
10:53:23.0079 4320  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:53:23.0126 4320  FileInfo - ok
10:53:23.0141 4320  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:53:23.0250 4320  Filetrace - ok
10:53:23.0266 4320  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:53:23.0360 4320  flpydisk - ok
10:53:23.0406 4320  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:53:23.0453 4320  FltMgr - ok
10:53:23.0516 4320  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
10:53:23.0640 4320  FontCache - ok
10:53:23.0734 4320  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:53:23.0765 4320  FontCache3.0.0.0 - ok
10:53:23.0859 4320  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:53:23.0921 4320  Fs_Rec - ok
10:53:23.0968 4320  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:53:24.0015 4320  gagp30kx - ok
10:53:24.0108 4320  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:53:24.0280 4320  gpsvc - ok
10:53:24.0327 4320  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:53:24.0405 4320  HdAudAddService - ok
10:53:24.0452 4320  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:53:24.0530 4320  HDAudBus - ok
10:53:24.0561 4320  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:53:24.0670 4320  HidBth - ok
10:53:24.0701 4320  [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:53:24.0764 4320  HidIr - ok
10:53:24.0795 4320  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
10:53:24.0842 4320  hidserv - ok
10:53:24.0873 4320  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:53:24.0935 4320  HidUsb - ok
10:53:24.0998 4320  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:53:25.0076 4320  hkmsvc - ok
10:53:25.0107 4320  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:53:25.0154 4320  HpCISSs - ok
10:53:25.0200 4320  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:53:25.0247 4320  HTTP - ok
10:53:25.0278 4320  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:53:25.0310 4320  i2omp - ok
10:53:25.0356 4320  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:53:25.0434 4320  i8042prt - ok
10:53:25.0497 4320  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:53:25.0544 4320  IAANTMON - ok
10:53:25.0622 4320  [ 707C1692214B1C290271067197F075F6 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:53:25.0653 4320  iaStor - ok
10:53:25.0700 4320  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:53:25.0746 4320  iaStorV - ok
10:53:25.0856 4320  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:53:25.0965 4320  idsvc - ok
10:53:25.0996 4320  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:53:26.0027 4320  iirsp - ok
10:53:26.0074 4320  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:53:26.0183 4320  IKEEXT - ok
10:53:26.0214 4320  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
10:53:26.0246 4320  int15 - ok
10:53:26.0370 4320  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:53:26.0604 4320  IntcAzAudAddService - ok
10:53:26.0651 4320  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:53:26.0682 4320  intelide - ok
10:53:26.0698 4320  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:53:26.0776 4320  intelppm - ok
10:53:26.0823 4320  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:53:26.0916 4320  IPBusEnum - ok
10:53:26.0932 4320  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:27.0026 4320  IpFilterDriver - ok
10:53:27.0041 4320  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:53:27.0119 4320  iphlpsvc - ok
10:53:27.0119 4320  IpInIp - ok
10:53:27.0150 4320  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:53:27.0213 4320  IPMIDRV - ok
10:53:27.0244 4320  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:53:27.0322 4320  IPNAT - ok
10:53:27.0353 4320  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:53:27.0416 4320  IRENUM - ok
10:53:27.0447 4320  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:53:27.0478 4320  isapnp - ok
10:53:27.0525 4320  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:53:27.0572 4320  iScsiPrt - ok
10:53:27.0587 4320  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:53:27.0634 4320  iteatapi - ok
10:53:27.0665 4320  [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
10:53:27.0696 4320  itecir - ok
10:53:27.0712 4320  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:53:27.0743 4320  iteraid - ok
10:53:27.0806 4320  [ 7E6A3E1CD74E8C97EED06670D2A691DA ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
10:53:27.0852 4320  JMCR - ok
10:53:27.0884 4320  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:27.0930 4320  kbdclass - ok
10:53:27.0962 4320  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:28.0040 4320  kbdhid - ok
10:53:28.0102 4320  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
10:53:28.0180 4320  KeyIso - ok
10:53:28.0289 4320  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:53:28.0352 4320  KSecDD - ok
10:53:28.0430 4320  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:53:28.0523 4320  KtmRm - ok
10:53:28.0617 4320  [ 24ABDDEB766C8459F9D562EB083B6CB8 ] L1E             C:\Windows\system32\DRIVERS\L1E60x86.sys
10:53:28.0664 4320  L1E - ok
10:53:28.0742 4320  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:53:28.0804 4320  LanmanServer - ok
10:53:28.0851 4320  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:53:28.0913 4320  LanmanWorkstation - ok
10:53:28.0991 4320  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:53:29.0007 4320  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:53:29.0007 4320  LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:53:29.0038 4320  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:53:29.0132 4320  lltdio - ok
10:53:29.0178 4320  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:53:29.0272 4320  lltdsvc - ok
10:53:29.0303 4320  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:53:29.0428 4320  lmhosts - ok
10:53:29.0537 4320  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:53:29.0584 4320  LSI_FC - ok
10:53:29.0600 4320  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:53:29.0646 4320  LSI_SAS - ok
10:53:29.0678 4320  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:53:29.0709 4320  LSI_SCSI - ok
10:53:29.0724 4320  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
10:53:29.0802 4320  luafv - ok
10:53:29.0834 4320  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:53:29.0880 4320  Mcx2Svc - ok
10:53:29.0912 4320  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:53:29.0958 4320  megasas - ok
10:53:29.0990 4320  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:53:30.0052 4320  MegaSR - ok
10:53:30.0099 4320  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
10:53:30.0177 4320  MMCSS - ok
10:53:30.0224 4320  MobilityService - ok
10:53:30.0239 4320  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
10:53:30.0333 4320  Modem - ok
10:53:30.0364 4320  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:53:30.0442 4320  monitor - ok
10:53:30.0458 4320  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:53:30.0489 4320  mouclass - ok
10:53:30.0520 4320  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:53:30.0598 4320  mouhid - ok
10:53:30.0629 4320  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:53:30.0660 4320  MountMgr - ok
10:53:30.0707 4320  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:53:30.0738 4320  MozillaMaintenance - ok
10:53:30.0785 4320  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:53:30.0816 4320  mpio - ok
10:53:30.0848 4320  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:53:30.0926 4320  mpsdrv - ok
10:53:30.0988 4320  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:53:31.0082 4320  MpsSvc - ok
10:53:31.0097 4320  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:53:31.0144 4320  Mraid35x - ok
10:53:31.0175 4320  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:53:31.0238 4320  MRxDAV - ok
10:53:31.0269 4320  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:31.0316 4320  mrxsmb - ok
10:53:31.0347 4320  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:31.0425 4320  mrxsmb10 - ok
10:53:31.0440 4320  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:31.0503 4320  mrxsmb20 - ok
10:53:31.0550 4320  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
10:53:31.0596 4320  msahci - ok
10:53:31.0612 4320  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:53:31.0659 4320  msdsm - ok
10:53:31.0674 4320  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
10:53:31.0752 4320  MSDTC - ok
10:53:31.0784 4320  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:53:31.0877 4320  Msfs - ok
10:53:31.0893 4320  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:53:31.0940 4320  msisadrv - ok
10:53:31.0971 4320  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:53:32.0064 4320  MSiSCSI - ok
10:53:32.0080 4320  msiserver - ok
10:53:32.0111 4320  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:53:32.0205 4320  MSKSSRV - ok
10:53:32.0220 4320  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:53:32.0283 4320  MSPCLOCK - ok
10:53:32.0314 4320  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:53:32.0376 4320  MSPQM - ok
10:53:32.0423 4320  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:53:32.0470 4320  MsRPC - ok
10:53:32.0486 4320  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:53:32.0517 4320  mssmbios - ok
10:53:32.0532 4320  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:53:32.0626 4320  MSTEE - ok
10:53:32.0642 4320  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
10:53:32.0673 4320  Mup - ok
10:53:32.0720 4320  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
10:53:32.0798 4320  napagent - ok
10:53:32.0844 4320  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:53:32.0907 4320  NativeWifiP - ok
10:53:32.0954 4320  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:53:33.0032 4320  NDIS - ok
10:53:33.0047 4320  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:53:33.0125 4320  NdisTapi - ok
10:53:33.0172 4320  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:53:33.0250 4320  Ndisuio - ok
10:53:33.0312 4320  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:53:33.0406 4320  NdisWan - ok
10:53:33.0422 4320  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:53:33.0484 4320  NDProxy - ok
10:53:33.0515 4320  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:53:33.0593 4320  NetBIOS - ok
10:53:33.0624 4320  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:53:33.0718 4320  netbt - ok
10:53:33.0749 4320  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
10:53:33.0796 4320  Netlogon - ok
10:53:33.0827 4320  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
10:53:33.0921 4320  Netman - ok
10:53:33.0952 4320  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
10:53:34.0030 4320  netprofm - ok
10:53:34.0061 4320  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:53:34.0092 4320  NetTcpPortSharing - ok
10:53:34.0248 4320  [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
10:53:34.0467 4320  NETw5v32 - ok
10:53:34.0498 4320  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:53:34.0529 4320  nfrd960 - ok
10:53:34.0560 4320  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:53:34.0654 4320  NlaSvc - ok
10:53:34.0685 4320  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:53:34.0763 4320  Npfs - ok
10:53:34.0779 4320  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
10:53:34.0872 4320  nsi - ok
10:53:34.0904 4320  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:53:34.0982 4320  nsiproxy - ok
10:53:35.0060 4320  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:53:35.0200 4320  Ntfs - ok
10:53:35.0231 4320  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
10:53:35.0262 4320  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
10:53:35.0262 4320  NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
10:53:35.0294 4320  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
10:53:35.0325 4320  NTIDrvr - ok
10:53:35.0340 4320  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
10:53:35.0372 4320  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
10:53:35.0372 4320  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
10:53:35.0403 4320  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:53:35.0512 4320  ntrigdigi - ok
10:53:35.0528 4320  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
10:53:35.0606 4320  Null - ok
10:53:35.0652 4320  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
10:53:35.0684 4320  NVHDA - ok
10:53:36.0027 4320  [ C1E661888C719FC2E12C057F233FB238 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:53:36.0588 4320  nvlddmkm - ok
10:53:36.0651 4320  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:53:36.0682 4320  nvraid - ok
10:53:36.0713 4320  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:53:36.0744 4320  nvstor - ok
10:53:36.0791 4320  [ 31D7E63B62BC4680B5D1358F91DA104E ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:53:36.0900 4320  nvsvc - ok
10:53:37.0010 4320  [ 143B429F2D19A0F123ED8E4BCA8DB751 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:53:37.0119 4320  nvUpdatusService - ok
10:53:37.0150 4320  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:53:37.0197 4320  nv_agp - ok
10:53:37.0244 4320  NwlnkFlt - ok
10:53:37.0259 4320  NwlnkFwd - ok
10:53:37.0353 4320  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:53:37.0415 4320  odserv - ok
10:53:37.0462 4320  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:53:37.0587 4320  ohci1394 - ok
10:53:37.0634 4320  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:37.0665 4320  ose - ok
10:53:37.0821 4320  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:53:37.0961 4320  p2pimsvc - ok
10:53:37.0992 4320  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:53:38.0070 4320  p2psvc - ok
10:53:38.0117 4320  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
10:53:38.0242 4320  Parport - ok
10:53:38.0273 4320  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:53:38.0320 4320  partmgr - ok
10:53:38.0367 4320  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:53:38.0523 4320  Parvdm - ok
10:53:38.0570 4320  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:53:38.0663 4320  PcaSvc - ok
10:53:38.0694 4320  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
10:53:38.0741 4320  pci - ok
10:53:38.0788 4320  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
10:53:38.0835 4320  pciide - ok
10:53:38.0866 4320  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:53:38.0913 4320  pcmcia - ok
10:53:38.0960 4320  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:53:39.0162 4320  PEAUTH - ok
10:53:39.0287 4320  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
10:53:39.0552 4320  pla - ok
10:53:39.0615 4320  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:53:39.0708 4320  PlugPlay - ok
10:53:39.0740 4320  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:53:39.0833 4320  PNRPAutoReg - ok
10:53:39.0880 4320  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:53:39.0942 4320  PNRPsvc - ok
10:53:39.0989 4320  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:53:40.0083 4320  PolicyAgent - ok
10:53:40.0130 4320  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:53:40.0208 4320  PptpMiniport - ok
10:53:40.0254 4320  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
10:53:40.0332 4320  Processor - ok
10:53:40.0364 4320  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:53:40.0426 4320  ProfSvc - ok
10:53:40.0442 4320  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:53:40.0488 4320  ProtectedStorage - ok
10:53:40.0535 4320  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:53:40.0598 4320  PSched - ok
10:53:40.0660 4320  [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
10:53:40.0691 4320  PSDFilter - ok
10:53:40.0707 4320  [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ        C:\Windows\system32\drivers\PSDNServ.sys
10:53:40.0738 4320  PSDNServ - ok
10:53:40.0754 4320  [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk        C:\Windows\system32\drivers\psdvdisk.sys
10:53:40.0785 4320  psdvdisk - ok
10:53:40.0816 4320  [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10:53:40.0863 4320  PSI_SVC_2 - ok
10:53:40.0941 4320  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:53:41.0066 4320  ql2300 - ok
10:53:41.0081 4320  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:53:41.0128 4320  ql40xx - ok
10:53:41.0159 4320  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
10:53:41.0222 4320  QWAVE - ok
10:53:41.0237 4320  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:53:41.0284 4320  QWAVEdrv - ok
10:53:41.0300 4320  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:53:41.0378 4320  RasAcd - ok
10:53:41.0409 4320  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
10:53:41.0502 4320  RasAuto - ok
10:53:41.0534 4320  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:41.0596 4320  Rasl2tp - ok
10:53:41.0643 4320  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
10:53:41.0721 4320  RasMan - ok
10:53:41.0752 4320  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:41.0814 4320  RasPppoe - ok
10:53:41.0830 4320  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:53:41.0877 4320  RasSstp - ok
10:53:41.0924 4320  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:53:41.0986 4320  rdbss - ok
10:53:42.0017 4320  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:42.0111 4320  RDPCDD - ok
10:53:42.0142 4320  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:53:42.0220 4320  rdpdr - ok
10:53:42.0236 4320  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:53:42.0314 4320  RDPENCDD - ok
10:53:42.0360 4320  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:53:42.0423 4320  RDPWD - ok
10:53:42.0470 4320  [ B33C88DF3588ACF250B87A004526C31A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:53:42.0532 4320  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
10:53:42.0532 4320  RegSrvc - detected UnsignedFile.Multi.Generic (1)
10:53:42.0563 4320  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:53:42.0641 4320  RemoteAccess - ok
10:53:42.0672 4320  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:53:42.0735 4320  RemoteRegistry - ok
10:53:42.0782 4320  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:53:42.0860 4320  RFCOMM - ok
10:53:42.0891 4320  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
10:53:42.0938 4320  RpcLocator - ok
10:53:42.0969 4320  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
10:53:43.0062 4320  RpcSs - ok
10:53:43.0109 4320  [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys
10:53:43.0140 4320  RRNetCap - ok
10:53:43.0140 4320  [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys
10:53:43.0187 4320  RRNetCapMP - ok
10:53:43.0218 4320  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:53:43.0296 4320  rspndr - ok
10:53:43.0312 4320  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
10:53:43.0374 4320  SamSs - ok
10:53:43.0437 4320  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:53:43.0484 4320  SASDIFSV - ok
10:53:43.0530 4320  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:53:43.0562 4320  SASKUTIL - ok
10:53:43.0671 4320  [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
10:53:43.0718 4320  sbapifs - ok
10:53:43.0827 4320  [ BCF3BA30C1CFA2942CF26C31384B37C7 ] SbFw            C:\Windows\system32\drivers\SbFw.sys
10:53:43.0874 4320  SbFw - ok
10:53:43.0936 4320  [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
10:53:43.0983 4320  SBFWIMCL - ok
10:53:44.0108 4320  [ 1DCAD90CC9C0DDC7D060FD97854F8518 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
10:53:44.0139 4320  SBFWIMCLMP - ok
10:53:44.0279 4320  [ 1AFD7178AB9C4FCE2D332DA7AA474FA6 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
10:53:44.0310 4320  sbhips - ok
10:53:44.0357 4320  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:53:44.0388 4320  sbp2port - ok
10:53:44.0420 4320  [ 9BDF801A6C78E3F1E6FA1C5CA90BAA8A ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
10:53:44.0451 4320  sbwtis - ok
10:53:44.0513 4320  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:53:44.0576 4320  SCardSvr - ok
10:53:44.0654 4320  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
10:53:44.0747 4320  Schedule - ok
10:53:44.0778 4320  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:53:44.0841 4320  SCPolicySvc - ok
10:53:44.0888 4320  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:53:44.0934 4320  SDRSVC - ok
10:53:44.0997 4320  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:53:45.0122 4320  secdrv - ok
10:53:45.0215 4320  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
10:53:45.0293 4320  seclogon - ok
10:53:45.0324 4320  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
10:53:45.0402 4320  SENS - ok
10:53:45.0434 4320  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:53:45.0543 4320  Serenum - ok
10:53:45.0574 4320  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
10:53:45.0683 4320  Serial - ok
10:53:45.0714 4320  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:53:45.0777 4320  sermouse - ok
10:53:45.0839 4320  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:53:45.0917 4320  SessionEnv - ok
10:53:45.0933 4320  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:53:45.0995 4320  sffdisk - ok
10:53:46.0011 4320  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:53:46.0089 4320  sffp_mmc - ok
10:53:46.0104 4320  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:53:46.0182 4320  sffp_sd - ok
10:53:46.0198 4320  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:53:46.0323 4320  sfloppy - ok
10:53:46.0354 4320  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:53:46.0463 4320  SharedAccess - ok
10:53:46.0494 4320  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:53:46.0557 4320  ShellHWDetection - ok
10:53:46.0588 4320  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:53:46.0635 4320  sisagp - ok
10:53:46.0650 4320  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:53:46.0697 4320  SiSRaid2 - ok
10:53:46.0713 4320  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:53:46.0760 4320  SiSRaid4 - ok
10:53:46.0900 4320  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
10:53:47.0181 4320  slsvc - ok
10:53:47.0212 4320  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:53:47.0306 4320  SLUINotify - ok
10:53:47.0352 4320  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:53:47.0430 4320  Smb - ok
10:53:47.0462 4320  [ CDE05A7FB8F3707391716780427DC0FC ] SMR311          C:\Windows\system32\drivers\SMR311.SYS
10:53:47.0493 4320  SMR311 - ok
10:53:47.0540 4320  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:53:47.0602 4320  SNMPTRAP - ok
10:53:47.0649 4320  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
10:53:47.0680 4320  spldr - ok
10:53:47.0727 4320  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
10:53:47.0789 4320  Spooler - ok
10:53:47.0820 4320  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:53:47.0883 4320  srv - ok
10:53:47.0914 4320  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:53:47.0961 4320  srv2 - ok
10:53:47.0976 4320  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:53:48.0008 4320  srvnet - ok
10:53:48.0054 4320  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:53:48.0148 4320  SSDPSRV - ok
10:53:48.0210 4320  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:53:48.0257 4320  SstpSvc - ok
10:53:48.0320 4320  [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
10:53:48.0382 4320  StillCam - ok
10:53:48.0429 4320  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
10:53:48.0522 4320  stisvc - ok
10:53:48.0554 4320  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:53:48.0600 4320  swenum - ok
10:53:48.0647 4320  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
10:53:48.0741 4320  swprv - ok
10:53:48.0756 4320  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:53:48.0788 4320  Symc8xx - ok
10:53:48.0819 4320  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:53:48.0850 4320  Sym_hi - ok
10:53:48.0866 4320  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:53:48.0912 4320  Sym_u3 - ok
10:53:48.0944 4320  [ 93D33A3A0A4516584A1394C7821BAE2E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:53:48.0990 4320  SynTP - ok
10:53:49.0037 4320  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
10:53:49.0162 4320  SysMain - ok
10:53:49.0209 4320  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:53:49.0256 4320  TabletInputService - ok
10:53:49.0302 4320  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:53:49.0380 4320  TapiSrv - ok
10:53:49.0443 4320  [ D7F411C5AF992BB44E86083A6AA7B045 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
10:53:49.0474 4320  tbhsd - ok
10:53:49.0490 4320  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
10:53:49.0583 4320  TBS - ok
10:53:49.0661 4320  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:53:49.0770 4320  Tcpip - ok
10:53:49.0802 4320  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:53:49.0895 4320  Tcpip6 - ok
10:53:49.0926 4320  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:53:49.0973 4320  tcpipreg - ok
10:53:50.0004 4320  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:53:50.0067 4320  TDPIPE - ok
10:53:50.0082 4320  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:53:50.0160 4320  TDTCP - ok
10:53:50.0192 4320  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:53:50.0270 4320  tdx - ok
10:53:50.0301 4320  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:53:50.0348 4320  TermDD - ok
10:53:50.0394 4320  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
10:53:50.0519 4320  TermService - ok
10:53:50.0550 4320  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
10:53:50.0613 4320  Themes - ok
10:53:50.0628 4320  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
10:53:50.0706 4320  THREADORDER - ok
10:53:50.0738 4320  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
10:53:50.0816 4320  TrkWks - ok
10:53:50.0878 4320  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:53:50.0940 4320  TrustedInstaller - ok
10:53:50.0987 4320  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:51.0065 4320  tssecsrv - ok
10:53:51.0112 4320  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:53:51.0159 4320  tunmp - ok
10:53:51.0206 4320  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:53:51.0252 4320  tunnel - ok
10:53:51.0268 4320  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:53:51.0315 4320  uagp35 - ok
10:53:51.0362 4320  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
10:53:51.0393 4320  UBHelper - ok
10:53:51.0440 4320  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:53:51.0502 4320  udfs - ok
10:53:51.0549 4320  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:53:51.0642 4320  UI0Detect - ok
10:53:51.0658 4320  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:53:51.0705 4320  uliagpkx - ok
10:53:51.0720 4320  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:53:51.0783 4320  uliahci - ok
10:53:51.0798 4320  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:53:51.0830 4320  UlSata - ok
10:53:51.0861 4320  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:53:51.0908 4320  ulsata2 - ok
10:53:51.0923 4320  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:53:52.0017 4320  umbus - ok
10:53:52.0048 4320  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
10:53:52.0142 4320  upnphost - ok
10:53:52.0188 4320  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:53:52.0266 4320  usbaudio - ok
10:53:52.0298 4320  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:52.0360 4320  usbccgp - ok
10:53:52.0376 4320  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:53:52.0500 4320  usbcir - ok
10:53:52.0532 4320  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:53:52.0610 4320  usbehci - ok
10:53:52.0625 4320  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:53:52.0703 4320  usbhub - ok
10:53:52.0734 4320  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:53:52.0859 4320  usbohci - ok
10:53:52.0890 4320  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:53:53.0000 4320  usbprint - ok
10:53:53.0031 4320  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:53:53.0078 4320  USBSTOR - ok
10:53:53.0093 4320  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:53:53.0156 4320  usbuhci - ok
10:53:53.0202 4320  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:53:53.0265 4320  usbvideo - ok
10:53:53.0312 4320  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
10:53:53.0390 4320  UxSms - ok
10:53:53.0436 4320  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
10:53:53.0561 4320  vds - ok
10:53:53.0608 4320  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1 ] vfs101x         C:\Windows\system32\drivers\vfs101x.sys
10:53:53.0639 4320  vfs101x - ok
10:53:53.0702 4320  [ D4584341007DF94E31943B19BB9C110E ] vfsFPService    C:\Windows\system32\vfsFPService.exe
10:53:53.0764 4320  vfsFPService - ok
10:53:53.0811 4320  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:53:53.0889 4320  vga - ok
10:53:53.0904 4320  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:53:53.0982 4320  VgaSave - ok
10:53:53.0998 4320  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:53:54.0045 4320  viaagp - ok
10:53:54.0076 4320  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:53:54.0154 4320  ViaC7 - ok
10:53:54.0185 4320  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
10:53:54.0216 4320  viaide - ok
10:53:54.0232 4320  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:53:54.0279 4320  volmgr - ok
10:53:54.0326 4320  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:53:54.0372 4320  volmgrx - ok
10:53:54.0419 4320  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:53:54.0482 4320  volsnap - ok
10:53:54.0513 4320  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:53:54.0544 4320  vsmraid - ok
10:53:54.0606 4320  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
10:53:54.0762 4320  VSS - ok
10:53:54.0825 4320  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
10:53:54.0903 4320  W32Time - ok
10:53:54.0934 4320  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:53:55.0059 4320  WacomPen - ok
10:53:55.0090 4320  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:53:55.0168 4320  Wanarp - ok
10:53:55.0184 4320  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:53:55.0246 4320  Wanarpv6 - ok
10:53:55.0277 4320  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:53:55.0355 4320  wcncsvc - ok
10:53:55.0386 4320  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:53:55.0464 4320  WcsPlugInService - ok
10:53:55.0464 4320  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
10:53:55.0511 4320  Wd - ok
10:53:55.0558 4320  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:53:55.0636 4320  Wdf01000 - ok
10:53:55.0667 4320  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:53:55.0776 4320  WdiServiceHost - ok
10:53:55.0776 4320  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:53:55.0870 4320  WdiSystemHost - ok
10:53:55.0917 4320  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
10:53:55.0979 4320  WebClient - ok
10:53:56.0010 4320  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:53:56.0073 4320  Wecsvc - ok
10:53:56.0104 4320  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:53:56.0166 4320  wercplsupport - ok
10:53:56.0213 4320  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:53:56.0276 4320  WerSvc - ok
10:53:56.0322 4320  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:53:56.0369 4320  WinDefend - ok
10:53:56.0385 4320  WinHttpAutoProxySvc - ok
10:53:56.0463 4320  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:53:56.0525 4320  Winmgmt - ok
10:53:56.0588 4320  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:53:56.0790 4320  WinRM - ok
10:53:56.0853 4320  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:53:56.0962 4320  Wlansvc - ok
10:53:57.0009 4320  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:53:57.0071 4320  WmiAcpi - ok
10:53:57.0102 4320  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:53:57.0165 4320  wmiApSrv - ok
10:53:57.0227 4320  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:53:57.0321 4320  WMPNetworkSvc - ok
10:53:57.0368 4320  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:53:57.0430 4320  WPCSvc - ok
10:53:57.0477 4320  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:53:57.0555 4320  WPDBusEnum - ok
10:53:57.0602 4320  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:53:57.0648 4320  WpdUsb - ok
10:53:57.0758 4320  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:53:57.0851 4320  WPFFontCache_v0400 - ok
10:53:57.0867 4320  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:53:57.0960 4320  ws2ifsl - ok
10:53:57.0992 4320  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
10:53:58.0054 4320  wscsvc - ok
10:53:58.0085 4320  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:53:58.0148 4320  WSDPrintDevice - ok
10:53:58.0163 4320  WSearch - ok
10:53:58.0257 4320  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
10:53:58.0460 4320  wuauserv - ok
10:53:58.0506 4320  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:53:58.0553 4320  WudfPf - ok
10:53:58.0600 4320  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:53:58.0662 4320  WUDFRd - ok
10:53:58.0694 4320  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:53:58.0756 4320  wudfsvc - ok
10:53:58.0787 4320  ================ Scan global ===============================
10:53:58.0834 4320  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:53:58.0881 4320  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
10:53:58.0912 4320  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
10:53:58.0974 4320  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
10:53:59.0006 4320  [Global] - ok
10:53:59.0006 4320  ================ Scan MBR ==================================
10:53:59.0021 4320  [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0
10:54:00.0628 4320  \Device\Harddisk0\DR0 - ok
10:54:00.0628 4320  ================ Scan VBR ==================================
10:54:00.0659 4320  [ E4E00D30E11756F212A944E6622FAC18 ] \Device\Harddisk0\DR0\Partition1
10:54:00.0659 4320  \Device\Harddisk0\DR0\Partition1 - ok
10:54:00.0690 4320  [ EEE33AE60B499CFBFE20C636F19CA615 ] \Device\Harddisk0\DR0\Partition2
10:54:00.0690 4320  \Device\Harddisk0\DR0\Partition2 - ok
10:54:00.0690 4320  ============================================================
10:54:00.0690 4320  Scan finished
10:54:00.0690 4320  ============================================================
10:54:00.0722 4384  Detected object count: 7
10:54:00.0722 4384  Actual detected object count: 7
10:55:39.0510 4384  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0510 4384  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:39.0526 4384  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0526 4384  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:39.0526 4384  EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0526 4384  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:39.0526 4384  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0526 4384  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:39.0541 4384  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0541 4384  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:39.0541 4384  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0541 4384  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:39.0541 4384  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:55:39.0541 4384  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:55:48.0574 5684  Deinitialize success

Alt 15.03.2013, 12:49   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Ok, danke

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.03.2013, 14:12   #12
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Hi,

so, er hat nicht gemeckert, aber ca. 20min gebraucht.

Da ich keine Ahnung von dem ganzen habe, wärst du so lieb und sagst mir ma deine Erkenntnisse in eins zwei Wörtern wie z.B. bitterbös od. nicht so schlimm etc.



ComboFix:
Code:
ATTFilter
ComboFix 13-03-14.02 - cb 15.03.2013  13:36:31.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3068.2098 [GMT 1:00]
ausgeführt von:: c:\users\cd\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\cb\AppData\Roaming\adaware-installer-reboot-required.tmp
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-15 bis 2013-03-15  ))))))))))))))))))))))))))))))
.
.
2013-03-15 12:50 . 2013-03-15 12:50	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-03-15 12:50 . 2013-03-15 12:51	--------	d-----w-	c:\users\cb\AppData\Local\temp
2013-03-15 12:50 . 2013-03-15 12:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-15 12:50 . 2013-03-15 12:50	--------	d-----w-	c:\users\cd\AppData\Local\temp
2013-03-15 09:44 . 2013-02-19 03:58	6954968	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B69894AA-EE93-4427-9812-998D0056BF94}\mpengine.dll
2013-03-12 15:22 . 2013-03-14 14:07	--------	d-----w-	c:\users\cb\AppData\Local\CrashDumps
2013-03-10 17:27 . 2013-03-07 14:30	263064	----a-w-	c:\program files\Mozilla Firefox\components\browsercomps.dll
2013-03-10 16:45 . 2013-03-06 23:33	368176	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-03-10 16:45 . 2013-03-06 23:33	29816	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-03-10 16:45 . 2013-03-06 23:33	765736	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-03-10 16:45 . 2013-03-06 23:33	62376	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-03-10 16:45 . 2013-03-06 23:33	49760	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2013-03-10 16:45 . 2013-03-06 23:33	164736	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-03-10 16:45 . 2013-03-06 23:33	21576	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2013-03-10 16:45 . 2013-03-06 23:33	49248	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-03-10 16:45 . 2013-03-06 23:33	66336	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-03-10 16:45 . 2013-03-06 23:32	228600	----a-w-	c:\windows\system32\aswBoot.exe
2013-03-10 16:44 . 2013-03-06 23:32	41664	----a-w-	c:\windows\avastSS.scr
2013-03-10 16:43 . 2013-03-10 16:43	--------	d-----w-	c:\program files\AVAST Software
2013-03-10 16:42 . 2013-03-10 16:43	--------	d-----w-	c:\programdata\AVAST Software
2013-03-04 11:34 . 2013-03-04 11:34	--------	d-----w-	c:\users\cd\AppData\Roaming\CrystalIdea Software
2013-02-28 17:23 . 2013-02-28 17:23	--------	d-----w-	c:\programdata\SMR311
2013-02-28 17:22 . 2013-02-28 17:22	97440	----a-w-	c:\windows\system32\drivers\SMR311.SYS
2013-02-23 21:15 . 2013-02-23 21:15	710504	----a-w-	c:\windows\is-DDBL4.exe
2013-02-21 17:23 . 2013-03-13 12:10	73432	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-21 17:23 . 2013-03-13 12:10	693976	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-02-14 18:36 . 2013-02-14 18:36	--------	d-----w-	c:\users\cd\AppData\Roaming\Intel
2013-02-14 18:35 . 2013-02-14 18:35	--------	d-----w-	c:\users\cd\AppData\Roaming\PeerNetworking
2013-02-14 15:02 . 2013-02-14 15:02	--------	d-----w-	c:\users\cb\AppData\Local\ElevatedDiagnostics
2013-02-13 22:40 . 2013-01-08 22:01	768000	----a-w-	c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-02-13 20:35 . 2013-01-04 01:38	2048512	----a-w-	c:\windows\system32\win32k.sys
2013-02-13 20:35 . 2012-11-08 03:48	1314816	----a-w-	c:\windows\system32\quartz.dll
2013-02-13 20:35 . 2013-01-04 11:28	905576	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-13 20:35 . 2013-01-05 05:26	3550072	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-13 20:35 . 2013-01-05 05:26	3602808	----a-w-	c:\windows\system32\ntkrnlpa.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2012-01-12 21:36	232336	------w-	c:\windows\system32\MpSigStub.exe
2012-12-16 13:12 . 2012-12-21 10:07	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 10:07	293376	----a-w-	c:\windows\system32\atmfd.dll
2013-03-07 14:30 . 2013-03-10 17:27	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32	121968	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-04-11 217088]
" Malwarebytes Anti-Malware "="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-12-14 512360]
"InnoSetupRegFile.0000000001"="c:\windows\is-DDBL4.exe" [2013-02-23 710504]
"Z1"="c:\users\cd\Desktop\mbar\mbar.exe" [2013-02-16 1363016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"=hex(0):
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54	551296	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LManager"=c:\progra~1\LAUNCH~1\LManager.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe"
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe"
"ePower_DMC"=c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-21 12:10]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.t-online.de/cpm-redir/ie-9.html
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0112&m=aspire_8930
uInternet Settings,ProxyOverride = <local>
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\cb\AppData\Roaming\Mozilla\Firefox\Profiles\bsgvbbt8.default\
FF - prefs.js: browser.startup.homepage - www.t-online.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file)
Notify-AWinNotifyVitaKey MC3000 - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-03-15 13:51
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
C:\avast! sandbox
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2013-03-15  13:54:26
ComboFix-quarantined-files.txt  2013-03-15 12:54
.
Vor Suchlauf: 15 Verzeichnis(se), 15.684.714.496 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 15.655.243.776 Bytes frei
.
- - End Of File - - 07186F32DE0AE889A77712722AE3F2DE

Alt 15.03.2013, 15:27   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.03.2013, 17:01   #14
cbdl
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


jrt:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.1 (03.12.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by cb on 15.03.2013 at 16:01:11,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\cb\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\cb\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.03.2013 at 16:08:43,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
adwcleaner:
Code:
ATTFilter
# AdwCleaner v2.114 - Datei am 15/03/2013 um 16:15:14 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : cb - CB-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\cd\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\cd\AppData\Roaming\Mozilla\Firefox\Profiles\htdm17li.default\jetpack

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\cb\AppData\Roaming\Mozilla\Firefox\Profiles\bsgvbbt8.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\cd\AppData\Roaming\Mozilla\Firefox\Profiles\htdm17li.default\prefs.js

Gelöscht : user_pref("browser.search.selectedEngine", "Blekko");

*************************

AdwCleaner[S1].txt - [1263 octets] - [15/03/2013 16:15:14]

########## EOF - \AdwCleaner[S1].txt - [1323 octets] ##########
OTL:
Code:
ATTFilter
OTL logfile created on: 15.03.2013 16:25:20 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\cd\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 68,74% Memory free
6,19 Gb Paging File | 5,34 Gb Available in Paging File | 86,28% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 14,47 Gb Free Space | 10,04% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 125,21 Gb Free Space | 91,06% Space Free | Partition Type: NTFS
 
Computer Name: CB-PC | User Name: cb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\cd\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\cb\AppData\Local\Temp\catchme.sys File not found
DRV - (btwrchid) -- system32\DRIVERS\btwrchid.sys File not found
DRV - (btwavdt) -- system32\drivers\btwavdt.sys File not found
DRV - (btwaudio) -- system32\drivers\btwaudio.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (SMR311) -- C:\Windows\System32\drivers\SMR311.SYS (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RRNetCapMP) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (RRNetCap) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (SbFw) -- C:\Windows\System32\drivers\SbFw.sys (GFI Software)
DRV - (sbhips) -- C:\Windows\System32\drivers\sbhips.sys (GFI Software)
DRV - (sbwtis) -- C:\Windows\System32\drivers\sbwtis.sys (GFI Software)
DRV - (sbapifs) -- C:\Windows\System32\drivers\sbapifs.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\Windows\System32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\Windows\System32\drivers\SbFwIm.sys (GFI Software)
DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0112&m=aspire_8930
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://safesearchr.lavasoft.com/?s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/cpm-redir/ie-9.html
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{638FF437-B71E-4F2A-8E52-6B012582C564}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{B6D20ABD-0AA4-4F3D-A58C-F74C73A38B55}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{D035E207-B8B2-4ACE-8DA2-5687705A4524}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{E8FEB03C-9243-453B-AEBA-A1305297ACDC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE466
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\SearchScopes\{F42B6230-D732-4099-8605-33EB6ECF82BD}: "URL" = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/hxxp://www [Binary data over 200 bytes]
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.t-online.de/hxxp://www [Binary data over 200 bytes]
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/cpm-redir/ie-9.html
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{1400EE47-8287-4050-82B3-DD09DCD7F1F8}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{1A470E87-AD9B-4D22-926E-B0468EF243BA}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{3C9B44C3-0CEB-41A4-AE80-E410219A5075}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{8DC007E6-F292-4072-A194-179462EDB661}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{E8FEB03C-9243-453B-AEBA-A1305297ACDC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE466
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\SearchScopes\{F5ACAD61-18DE-435A-94EA-E5D405FDE6B2}: "URL" = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-21-4080211103-1574637863-4162524130-1003\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.t-online.de"
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%203
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.10 17:44:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.10 18:27:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.06.05 22:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cb\AppData\Roaming\mozilla\Extensions
[2013.03.10 18:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPLGN
[2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.03.15 13:50:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-DDBL4.exe ()
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O4 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1003..\RunOnce: [AcerScrSav] C:\Windows\ACER\run_NB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4080211103-1574637863-4162524130-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65A69804-67A6-40C7-8C82-E31B0292EA06}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.15 16:01:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.03.15 16:00:57 | 000,000,000 | ---D | C] -- C:\JRT
[2013.03.15 13:54:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.15 13:54:29 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.15 13:54:29 | 000,000,000 | ---D | C] -- C:\Users\cb\AppData\Local\temp
[2013.03.15 13:33:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.15 13:33:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.15 13:33:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.15 13:32:51 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.03.15 13:32:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.15 13:32:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.13 20:01:42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.13 20:01:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.13 20:01:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.13 20:01:38 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.13 20:01:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.13 20:01:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.13 20:01:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.13 20:01:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.12 16:22:16 | 000,000,000 | ---D | C] -- C:\Users\cb\AppData\Local\CrashDumps
[2013.03.10 17:45:17 | 000,368,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.03.10 17:45:17 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.03.10 17:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2013.03.10 17:45:16 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.03.10 17:45:16 | 000,062,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.03.10 17:45:16 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013.03.10 17:45:16 | 000,021,576 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013.03.10 17:45:15 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.03.10 17:45:11 | 000,228,600 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.03.10 17:44:04 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.10 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.03.10 17:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.02.28 19:52:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.02.28 18:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SMR311
[2013.02.28 18:22:23 | 000,097,440 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS
[2013.02.21 18:23:46 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.21 18:23:46 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.14 16:02:28 | 000,000,000 | ---D | C] -- C:\Users\cb\AppData\Local\ElevatedDiagnostics
[2013.02.13 21:35:50 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.13 21:35:49 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.13 21:35:46 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.13 21:35:45 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[14 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.15 16:23:20 | 000,628,914 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.03.15 16:23:20 | 000,596,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.15 16:23:20 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.03.15 16:23:20 | 000,104,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.15 16:18:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013.03.15 16:18:58 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2013.03.15 16:18:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.15 16:18:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.15 16:17:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.15 16:17:49 | 3218,046,976 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.15 16:17:05 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.03.15 15:45:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.15 13:50:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.03.15 12:21:21 | 441,254,151 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.13 13:10:43 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.13 13:10:43 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.12 14:53:14 | 000,000,000 | ---- | M] () -- C:\Users\cb\defogger_reenable
[2013.03.10 18:27:44 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.10 17:45:17 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2013.03.10 17:45:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.03.07 00:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.03.07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013.03.07 00:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.03.07 00:33:22 | 000,021,576 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.02.28 18:22:23 | 000,097,440 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS
[2013.02.23 22:15:31 | 000,710,504 | ---- | M] () -- C:\Windows\is-DDBL4.exe
[2013.02.23 22:15:31 | 000,013,521 | ---- | M] () -- C:\Windows\is-DDBL4.msg
[2013.02.23 22:15:31 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.23 22:15:31 | 000,000,380 | ---- | M] () -- C:\Windows\is-DDBL4.lst
[2013.02.14 12:49:50 | 000,314,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[14 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.15 13:33:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.15 13:33:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.15 13:33:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.15 13:33:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.15 13:33:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.14 15:28:08 | 3218,046,976 | -HS- | C] () -- C:\hiberfil.sys
[2013.03.12 14:53:14 | 000,000,000 | ---- | C] () -- C:\Users\cb\defogger_reenable
[2013.03.10 17:45:17 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2013.03.10 17:45:16 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.10 17:45:15 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.02.28 19:52:33 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.02.28 19:52:33 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.23 22:15:31 | 000,710,504 | ---- | C] () -- C:\Windows\is-DDBL4.exe
[2013.02.23 22:15:31 | 000,013,521 | ---- | C] () -- C:\Windows\is-DDBL4.msg
[2013.02.23 22:15:31 | 000,000,380 | ---- | C] () -- C:\Windows\is-DDBL4.lst
[2013.02.21 18:23:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.13 17:05:53 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012.12.13 21:57:54 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.07.05 12:25:37 | 000,314,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.01.23 11:31:23 | 000,007,680 | ---- | C] () -- C:\Users\cb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.12 23:01:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.01.12 23:01:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.01.12 19:51:04 | 015,961,442 | ---- | C] () -- C:\Users\cb\AppData\Roaming\SMRBackup162.dat
[2012.01.12 16:28:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 15.03.2013 16:25:20 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\cd\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 68,74% Memory free
6,19 Gb Paging File | 5,34 Gb Available in Paging File | 86,28% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 14,47 Gb Free Space | 10,04% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 125,21 Gb Free Space | 91,06% Space Free | Partition Type: NTFS
 
Computer Name: CB-PC | User Name: cb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BE1A256-2ECF-4660-93BA-B2674E9D39A8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{303FD6B7-AAD3-4A18-88E0-D8C2812D72AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{310FCDF2-6ED0-4769-9C56-4A25908CFFEA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{311BADB0-D61E-4687-8D78-4E615B1BC1A7}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{3DF9B16C-2A34-40A9-998A-31CA03B0E9A6}" = rport=138 | protocol=17 | dir=out | app=system | 
"{51F679BD-3A46-4A67-AB2E-AD08A7F6A0A3}" = lport=445 | protocol=6 | dir=in | app=system | 
"{57AEF31B-9EE2-4869-8BE0-2A423E35D37F}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{693A7FA8-654C-4ACD-9855-0F8D570B6A1F}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 | 
"{6DB7B6D9-56AC-4529-A483-01511D17F023}" = lport=139 | protocol=6 | dir=in | app=system | 
"{866DD6D9-D574-4067-A20E-71B5B48965E7}" = lport=138 | protocol=17 | dir=in | app=system | 
"{8E110DC1-1484-4064-AB3F-070080B118A8}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 | 
"{981EA679-E565-4E8E-866B-0582EDDAAB6F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{99DD4529-2A34-4E64-82B4-37A1F1F0F2A7}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BB0DF932-645D-49BC-B7A8-1B6073CE81CE}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BB719113-C896-46EC-8B91-F6E4B79762C3}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{D9A925CA-84BC-4955-B74D-7F05628C0C2B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DB811316-21CA-430C-B2F6-8C061D149978}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 | 
"{DD508265-3D18-45B7-863F-3689A80E5043}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DF63E9D5-06C7-47A2-8B81-E69A0B47F4AC}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{E5D52606-AA88-40E2-8226-C91F0C3CFC3D}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{FC111CBB-7313-4098-8DBC-1FB1FCF615D3}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BCBC8AE-E0BC-4167-AFA7-39C1BB6CD80F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{11117E6A-1736-4019-A248-207A33D87E2D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{33AC2BD8-F168-4D64-87DA-D806C0C326D0}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe | 
"{42FEFD8D-926F-4366-9FD2-6AD66F959C87}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{4E2A4A1E-05D4-4AF3-AA0B-613C75C278BD}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"{5B937418-6C87-44BE-8CFE-2036249AA692}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{601C672F-6A94-4315-931E-CD11BA99885A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{620A3614-2356-403F-87BF-705E576766AC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{6E1FBA79-AD1B-43F3-B2D4-94574937BAD2}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe | 
"{6F08BFB0-E6E9-4B56-B20A-9820DC096CD5}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{712A008D-EC6D-4AA4-A0C9-CE73B32E0A44}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{77803F52-3595-4610-B34E-48B98DB0EA0D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{797EA615-CEA5-46BF-9DE1-4261F9CDF5C1}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe | 
"{7E0C4F18-4F8E-4FD0-BD76-A865E6FA6692}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{88839F37-DA99-4415-A5D3-39B86EE699B7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{95980F3F-C832-4F99-A7D6-F226B8EEDC40}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{96D18B54-F7D7-4192-BED7-9C6A3B5A0D26}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{97F55C3A-A388-4F41-AAED-3B40A6CB4E4E}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{A0FCA058-CA8B-4E5B-A9B2-863E3DE030CE}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{AF8FC720-6DE3-4556-B559-2E0CBED2B43A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{B5B421FC-EF10-4C0E-8C80-ED63EAEFA50A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{B8C771AE-C75B-4B34-82A7-D6BC502A4227}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{BFD6FB21-EE16-4E8A-BE9B-FBE99D97150B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{C01B41CC-4868-40B5-B364-70CBDD235CDF}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe | 
"{C40B7114-69B0-4FD8-A51E-D8FFBA9AA830}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C524996C-E8E5-4C80-B44A-D146C1097BC3}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"{E329FEA2-F557-4DE6-8225-8710021F7D98}" = dir=in | app=c:\program files\rapidsolution\audials 9\audials.exe | 
"{FC614412-1C7B-426A-A598-5B8E85474092}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"TCP Query User{75C6C2AA-A2F8-4A93-AF54-81BA53679074}C:\program files\rapidsolution\audials 9\audials.exe" = protocol=6 | dir=in | app=c:\program files\rapidsolution\audials 9\audials.exe | 
"TCP Query User{F7AF2262-1E3E-42D5-A02C-07223F6FB9BA}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"UDP Query User{20D1A69B-8E08-4C9C-A2B8-38614BF096CA}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"UDP Query User{A247A102-2700-4D2A-BBB9-26DE1AE4386E}C:\program files\rapidsolution\audials 9\audials.exe" = protocol=17 | dir=in | app=c:\program files\rapidsolution\audials 9\audials.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Hilfe
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{368FCA18-C510-4F87-B60E-192B9BDBAE3D}" = CorelDRAW Graphics Suite X5
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5A6E169C-EAB6-4453-AAD0-2B1206FA5C59}" = Internet Explorer
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68EE5C41-2F79-4F36-BE85-22A814F55AF7}" = CorelDRAW Graphics Suite X5 - ES
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73ABAA0E-70F0-4048-AD43-A5F5A13A198D}" = Audials
"{75674E4C-CDE5-4E64-8014-FDF6D9204C4B}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F18CFF8-8259-4148-AD00-2EE572754E92}" = CorelDRAW Graphics Suite X5 - FR
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{BFE9A442-5D4B-4372-B994-FB4BCEA78662}" = CorelDRAW Graphics Suite X5 - NL
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CBB61DCB-A313-C855-1A42-F2091A212C5D}" = simfy
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}" = CorelDRAW Graphics Suite X5 - IT
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast" = avast! Pro Antivirus
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PokerStars" = PokerStars
"Security Task Manager" = Security Task Manager 1.8d
"Simfy" = simfy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4080211103-1574637863-4162524130-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.03.2013 11:18:58 | Computer Name = cb-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 15.03.2013 11:11:13 | Computer Name = cb-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
Error - 15.03.2013 11:19:34 | Computer Name = cb-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
 
< End of report >

Alt 15.03.2013, 19:20   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Leistungsprobleme, Browserprobleme etc. - Standard

Leistungsprobleme, Browserprobleme etc.


Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 1 von 2 1 2

Themen zu Leistungsprobleme, Browserprobleme etc.
ad-aware, aswrvrt.sys, autorun, com surrogate, com surrogate funktioniert nicht mehr, defender, error, excel, flash player, format, homepage, index, install.exe, ladebildschirm, langsam, launch, leistungsprobleme, logfile, mozilla, office 2007, officejet, popup, realtek, registry, scan, security, software, svchost.exe, symantec, udp, vista, visual studio


« Windows Vista PC zeigt nach dem Booten nur mehr einen weissen Bildschirm an | Startseite "deltasearch.com", wenn Mozilla geöffnet wird »


Ähnliche Themen: Leistungsprobleme, Browserprobleme etc.


  1. Windows Explorer stürzt ab, extreme Leistungsprobleme!
    Log-Analyse und Auswertung - 15.04.2015 (3)
  2. Browserprobleme und Virenbefahl?
    Plagegeister aller Art und deren Bekämpfung - 27.03.2015 (1)
  3. Browserprobleme (snapdo\sweetdreams) und unbekannte Programme
    Plagegeister aller Art und deren Bekämpfung - 19.05.2014 (11)
  4. Browserprobleme, Viren-/Malwarefunde: PSW.Delf.OCM , Black.F , Trash.Gen
    Log-Analyse und Auswertung - 13.08.2012 (12)
  5. Rechner mit Trojaner infiziert, ua. boot -und Browserprobleme
    Log-Analyse und Auswertung - 11.08.2011 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Leistungsprobleme, Browserprobleme etc. - Hi, erst ma grossen Respekt, für dieses Forum!!! Ich fang gleich ma an: Angriffsblockierung durch Norton 360 gehabt, seit dem ist alles komisch. Firefox ist langsam, stürzt regelmässig ab. Auch - Leistungsprobleme, Browserprobleme etc....
Archiv
Du betrachtest: Leistungsprobleme, Browserprobleme etc. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131