| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC plötzlich langsam, hängt, ohne ersichtlichen GrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.07.2013, 20:50
| #1 |
| |  PC plötzlich langsam, hängt, ohne ersichtlichen Grund Tagchen Leute! Ich habe schon ein paar Themen im Forum gesehen, in denen dem Ersteller sehr gut weitergeholfen werden konnte, da habe ich mich auch mal rasch angemeldet und hoffe hier kann mir jemand helfen  Dann zu meinem Problem: Bis vor ca 2 Wochen lief mein PC noch perfekt. Alles rund und kein Aufhängen. Nun sind immer vermehrter Hänger und extreme Wartezeiten aufgetreten, die mich in den Wahnsinn treiben. Selbst die Audio-Ausgabe von iTunes ist betroffen, sodass jede 5 Sekunden ein Knirschen oder Hängen die Musik unerträglich macht. Auch Spiele gehen zum großen Teil nur noch sehr langsam. Daraufhin habe ich mal einen Komplett-scan durchlaufen lassen, Norton hat allerdings nur wenige Fehler angezeigt und diese auch direkt behoben - leider haben diese Behebungen nicht sonderlich viel ausgemacht und mein PC hängt nach wie vor. Ich kann mir überhaupt nicht erklären weshalb das System plötzlich so langsam ist und hoffe hier hat der ein oder andere ein paar nützliche Tipps! Meine PC Daten: Windows 7 64-Bit Intel i5-2500K 3.30GHz 8GB RAM |
|
14.07.2013, 20:52
| #2 |
| /// Malwareteam   | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Hallo und
__________________ Ich bin Christoph alias DerJazzer. Ich werde dich durch die Bereinigung begleiten und bin währenddessen dein Ansprechpartner für dieses Thema. Je nach Art der vorliegenden Infektion kann viel Arbeit und ein großer Zeiteinsatz auf dich (und auf mich) zukommen. Ein Neuaufsetzen ist damit meist als der schnellere, aber immer als der sicherere Weg zu betrachten. Für den Erfolg der Bereinigung gilt: Ich kann dir zu keinem Zeitpunkt garantieren, dass der PC nach der Bereinigung auch wirklich frei von Malware ist! Wenn du das akzeptierst, bitte ich dich, hier so lange mitzuarbeiten, bis ich dir sage, dass der PC aus meiner Sicht malwarefrei ist. Um die Bereinigung so effektiv und nervenschonend wie möglich zu gestalten, bitte ich dich, folgende Punkte ebenfalls zu beachten:
Um mir das Auswerten deiner Logs (Berichte der verwendeten Programme) zu erleichtern, bitte ich dich, diese zwischen Code-Tags zu posten. Dazu drückst du einfach den #-Button im Antwortfenster und fügst dort zwischen den eckigen Klammern dein Log ein. Das sieht dann so aus: [CODE] eingefügtes Log [/CODE] Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Dann schaun wir doch mal... Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste in deiner nächsten Antwort
__________________ |
|
14.07.2013, 21:00
| #3 |
| | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Erst einmal Danke für die flotte Antwort
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Marius (administrator) on 14-07-2013 21:55:12
Running from C:\Users\Marius\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\vsnpstd3.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Marius\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\Marius\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Marius\AppData\Local\Akamai\netsession_win.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [snpstd3] - C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll [x]
HKCU\...\Run: [EADM] - "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [3456080 2013-06-04] (Electronic Arts)
HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Marius\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent [1672616 2013-07-10] (Valve Corporation)
MountPoints2: {1e1bcbe0-29bd-11e2-ace0-806e6f6e6963} - D:\Autorun.exe
MountPoints2: {50b4744e-29bf-11e2-a7b7-e5f50e553551} - G:\pushinst.exe
MountPoints2: {73460ff9-9785-11e2-a0c6-50e549c5c524} - D:\setup.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
Startup: C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marius\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{932E5FAF-DE2D-42C7-AA9B-1778AB14C050}: [NameServer]192.168.178.1,192.168.178.61
FireFox:
========
FF ProfilePath: C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default
FF user.js: detected! => C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Battlefield Play4Free - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\battlefieldplay4free@ea.com
FF Extension: GFACE Experience Plugin - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: FoxyProxy Basic - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\foxyproxy@eric.h.jung
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\ich@maltegoetz.de
FF Extension: DownloadHelper - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (GFACE Plugin) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol\0.29.0_0\npCry29.dll (GFACE GmbH)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Extension: (Docs) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.486_0
CHR Extension: (GFACE Experience Plugin) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol\0.29.0_0
CHR Extension: (Virtual Keyboard) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.486_0
CHR Extension: (Gmail) - C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [570664 2013-04-26] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-04-24] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [390440 2013-04-26] ()
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] ()
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-02-22] ()
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1069408 2013-01-29] (LULU Software)
R2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [794464 2013-01-29] (LULU Software)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-06] (Symantec Corporation)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-09] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-09] (Windows (R) Server 2003 DDK provider)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-04-24] (AnchorFree Inc.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-05-07] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-05-07] (Symantec Corporation)
S3 L6PODHD3; C:\Windows\System32\Drivers\L6PODHD364.sys [772096 2012-07-11] (Line 6)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [36680 2013-07-14] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [36680 2013-07-14] ()
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130713.006\ENG64.SYS [126040 2013-06-06] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130713.006\ENG64.SYS [126040 2013-06-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130713.006\EX64.SYS [2098776 2013-06-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130713.006\EX64.SYS [2098776 2013-06-06] (Symantec Corporation)
R3 RDID1115; C:\Windows\System32\Drivers\rdwm1115.sys [81920 2010-09-17] (Roland Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U3 aswMBR; \??\C:\Users\Marius\AppData\Local\Temp\aswMBR.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-14 21:55 - 2013-07-14 21:55 - 00000000 ____D C:\FRST
2013-07-14 21:54 - 2013-07-14 21:54 - 01777839 _____ (Farbar) C:\Users\Marius\Downloads\FRST64.exe
2013-07-14 21:30 - 2013-07-14 21:30 - 00002338 _____ C:\Users\Marius\Desktop\aswMBR.txt
2013-07-14 21:30 - 2013-07-14 21:30 - 00000512 _____ C:\Users\Marius\Desktop\MBR.dat
2013-07-14 20:16 - 2013-07-14 21:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-14 20:15 - 2013-07-14 20:15 - 00036680 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-07-14 20:15 - 2013-07-14 20:15 - 00000000 ____D C:\Users\Marius\Desktop\mbar-1.06.0.1004
2013-07-14 20:15 - 2013-07-14 20:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-14 20:14 - 2013-07-14 20:14 - 04745728 _____ (AVAST Software) C:\Users\Marius\Downloads\aswMBR.exe
2013-07-14 20:14 - 2013-07-14 20:14 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Marius\Downloads\tdsskiller.exe
2013-07-14 20:09 - 2013-07-14 20:09 - 13399154 _____ C:\Users\Marius\Desktop\mbar-1.06.0.1004.zip
2013-07-14 17:48 - 2013-07-14 21:02 - 00001454 _____ C:\Windows\PFRO.log
2013-07-14 17:41 - 2013-07-14 17:41 - 00000000 __SHD C:\found.000
2013-07-14 17:11 - 2013-07-14 17:11 - 00869736 _____ C:\Users\Marius\Desktop\winloadr.exe
2013-07-14 17:10 - 2013-07-14 17:10 - 03469871 _____ (LIGHTNING UK!) C:\Users\Marius\Downloads\SetupImgBurn_2.5.8.0.exe
2013-07-14 17:07 - 2013-07-14 17:25 - 585750528 _____ C:\Users\Marius\Downloads\WS03SP1_RTM_1830_PX6_EN.iso
2013-07-14 17:07 - 2013-07-14 17:07 - 01528184 _____ (Microsoft Corporation) C:\Users\Marius\Downloads\GenuineCheck(2).exe
2013-07-14 16:55 - 2013-07-14 21:03 - 00000560 _____ C:\Windows\setupact.log
2013-07-14 16:55 - 2013-07-14 16:55 - 00000000 _____ C:\Windows\setuperr.log
2013-07-12 14:33 - 2013-07-12 14:33 - 01620442 _____ (Picroma ) C:\Users\Marius\Downloads\CubeSetup3.exe
2013-07-12 14:30 - 2013-07-12 14:30 - 03216358 _____ C:\Users\Marius\Downloads\CubeDemo.zip
2013-07-12 14:30 - 2013-07-12 14:30 - 00000000 ____D C:\Users\Marius\Downloads\CubeDemo
2013-07-12 14:28 - 2013-07-12 14:28 - 00292184 _____ (Microsoft Corporation) C:\Users\Marius\Downloads\dxwebsetup.exe
2013-07-12 13:45 - 2013-07-12 13:45 - 00006712 ____N C:\bootsqm.dat
2013-07-10 23:06 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 23:06 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 23:06 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 23:06 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 23:06 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 23:06 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 23:06 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 23:06 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 23:06 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 23:06 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 23:06 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 23:06 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 23:06 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 23:06 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 23:06 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 23:06 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 23:06 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 23:06 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 23:06 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 23:06 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 23:06 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 23:06 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 12:38 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 12:38 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 12:38 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 12:38 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 12:37 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 12:37 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 12:37 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-08 10:13 - 2013-07-12 14:36 - 00000000 ____D C:\Program Files (x86)\Cube World
2013-07-08 10:13 - 2013-07-08 10:13 - 00000000 ____D C:\ProgramData\Picroma
2013-07-08 10:12 - 2013-07-08 10:13 - 00000000 ____D C:\Users\Marius\Downloads\Cube World V1
2013-07-06 16:09 - 2013-07-06 16:37 - 00000000 ____D C:\Users\Marius\Downloads\usch
2013-07-04 19:32 - 2013-07-14 21:04 - 00000000 ___RD C:\Users\Marius\Dropbox
2013-07-04 19:31 - 2013-07-04 19:31 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-07-04 19:28 - 2013-07-14 21:04 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Dropbox
2013-07-03 22:38 - 2013-07-03 22:54 - 00000000 ____D C:\Users\Marius\Documents\3DMark
2013-07-03 22:38 - 2013-07-03 22:38 - 00000000 ____D C:\Users\Marius\AppData\Local\IsolatedStorage
2013-07-03 22:38 - 2013-07-03 22:38 - 00000000 ____D C:\Users\Marius\AppData\Local\Futuremark
2013-07-03 22:37 - 2013-07-03 22:37 - 00000000 ____D C:\Program Files (x86)\Futuremark
2013-07-03 22:36 - 2013-07-03 22:36 - 00001777 _____ C:\Users\Public\Desktop\3DMark.lnk
2013-07-03 22:35 - 2013-07-03 22:35 - 00000000 ____D C:\Program Files\Futuremark
2013-07-03 20:26 - 2013-07-03 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 14:50 - 2013-07-02 14:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-06-20 18:48 - 2013-06-20 18:48 - 00017568 _____ C:\Users\Marius\Desktop\dk.s20
2013-06-20 14:14 - 2013-06-20 14:14 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2013-06-19 21:30 - 2013-06-19 21:30 - 00000000 ____D C:\Users\Marius\Downloads\de_templum
2013-06-19 21:29 - 2013-06-19 21:30 - 05324841 _____ C:\Users\Marius\Downloads\de_templum.rar
2013-06-19 21:28 - 2013-06-19 21:28 - 00000000 ____D C:\Users\Marius\Downloads\jail_smart_genesis_2
2013-06-19 21:27 - 2013-06-19 21:28 - 03558301 _____ C:\Users\Marius\Downloads\jail_smart_genesis_2.rar
2013-06-19 21:18 - 2013-06-19 21:18 - 04603726 _____ C:\Users\Marius\Downloads\risk_simpsons.zip
2013-06-19 21:17 - 2013-06-19 21:17 - 05631030 _____ C:\Users\Marius\Downloads\cs_bikini.zip
2013-06-19 21:17 - 2013-06-19 21:17 - 02321240 _____ C:\Users\Marius\Downloads\cz_cs_bighouse.zip
2013-06-16 17:55 - 2013-06-16 17:55 - 03820480 _____ C:\Users\Marius\Downloads\battlelog-web-plugins_2.1.7_115(1).exe
2013-06-16 17:53 - 2013-06-16 17:53 - 03820480 _____ C:\Users\Marius\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-06-15 00:44 - 2013-06-15 00:48 - 00000000 ____D C:\Program Files (x86)\Valve
==================== One Month Modified Files and Folders =======
2013-07-14 21:55 - 2013-07-14 21:55 - 00000000 ____D C:\FRST
2013-07-14 21:54 - 2013-07-14 21:54 - 01777839 _____ (Farbar) C:\Users\Marius\Downloads\FRST64.exe
2013-07-14 21:43 - 2012-11-08 18:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 21:38 - 2012-11-14 16:29 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Skype
2013-07-14 21:35 - 2013-03-01 17:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-14 21:30 - 2013-07-14 21:30 - 00002338 _____ C:\Users\Marius\Desktop\aswMBR.txt
2013-07-14 21:30 - 2013-07-14 21:30 - 00000512 _____ C:\Users\Marius\Desktop\MBR.dat
2013-07-14 21:12 - 2009-07-14 06:45 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-14 21:12 - 2009-07-14 06:45 - 00014208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-14 21:08 - 2012-11-08 18:05 - 01123385 _____ C:\Windows\WindowsUpdate.log
2013-07-14 21:05 - 2012-11-26 20:14 - 00000376 _____ C:\Windows\Tasks\WpsUpdateTask_Marius.job
2013-07-14 21:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2013-07-14 21:04 - 2013-07-04 19:32 - 00000000 ___RD C:\Users\Marius\Dropbox
2013-07-14 21:04 - 2013-07-04 19:28 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Dropbox
2013-07-14 21:04 - 2013-05-24 19:51 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-14 21:04 - 2012-11-08 22:44 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-14 21:03 - 2013-07-14 20:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-14 21:03 - 2013-07-14 16:55 - 00000560 _____ C:\Windows\setupact.log
2013-07-14 21:03 - 2013-03-01 17:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 21:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 21:02 - 2013-07-14 17:48 - 00001454 _____ C:\Windows\PFRO.log
2013-07-14 20:15 - 2013-07-14 20:15 - 00036680 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-07-14 20:15 - 2013-07-14 20:15 - 00000000 ____D C:\Users\Marius\Desktop\mbar-1.06.0.1004
2013-07-14 20:15 - 2013-07-14 20:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-14 20:09 - 2013-07-14 20:09 - 13399154 _____ C:\Users\Marius\Desktop\mbar-1.06.0.1004.zip
2013-07-14 19:58 - 2013-03-23 10:47 - 00000000 ____D C:\Users\Marius\Documents\FIFA 12
2013-07-14 19:57 - 2013-05-03 19:03 - 00000000 ____D C:\Users\Marius\AppData\Local\Akamai
2013-07-14 17:41 - 2013-07-14 17:41 - 00000000 __SHD C:\found.000
2013-07-14 17:34 - 2012-11-11 02:29 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2013-07-14 17:34 - 2012-11-11 02:29 - 00001080 _____ C:\Windows\system32\settings.sfm
2013-07-14 17:25 - 2013-07-14 17:07 - 585750528 _____ C:\Users\Marius\Downloads\WS03SP1_RTM_1830_PX6_EN.iso
2013-07-14 17:11 - 2013-07-14 17:11 - 00869736 _____ C:\Users\Marius\Desktop\winloadr.exe
2013-07-14 17:10 - 2013-07-14 17:10 - 03469871 _____ (LIGHTNING UK!) C:\Users\Marius\Downloads\SetupImgBurn_2.5.8.0.exe
2013-07-14 17:07 - 2013-07-14 17:07 - 01528184 _____ (Microsoft Corporation) C:\Users\Marius\Downloads\GenuineCheck(2).exe
2013-07-14 16:55 - 2013-07-14 16:55 - 00000000 _____ C:\Windows\setuperr.log
2013-07-14 16:36 - 2013-05-09 19:54 - 00000000 ____D C:\Users\Marius\AppData\Local\CrashDumps
2013-07-14 16:36 - 2012-11-08 17:57 - 00000000 ____D C:\Windows\Panther
2013-07-14 11:43 - 2012-11-17 18:57 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-14 11:15 - 2012-11-08 22:34 - 00000000 ___RD C:\Users\Marius\Desktop\Spiele
2013-07-14 11:03 - 2013-01-13 15:35 - 00000000 ____D C:\Users\Marius\AppData\Local\LogMeIn Hamachi
2013-07-14 10:57 - 2012-11-08 19:46 - 00000000 ____D C:\Users\Marius\AppData\Roaming\ICQ
2013-07-13 19:06 - 2009-07-14 19:58 - 02052576 _____ C:\Windows\system32\perfh007.dat
2013-07-13 19:06 - 2009-07-14 19:58 - 00578184 _____ C:\Windows\system32\perfc007.dat
2013-07-13 19:06 - 2009-07-14 07:13 - 00006606 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 19:01 - 2012-11-09 00:07 - 00000000 ____D C:\Users\Marius\Documents\Cubase
2013-07-12 19:30 - 2013-03-01 17:12 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 19:30 - 2013-03-01 17:12 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 14:36 - 2013-07-08 10:13 - 00000000 ____D C:\Program Files (x86)\Cube World
2013-07-12 14:33 - 2013-07-12 14:33 - 01620442 _____ (Picroma ) C:\Users\Marius\Downloads\CubeSetup3.exe
2013-07-12 14:31 - 2012-12-10 13:40 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-12 14:30 - 2013-07-12 14:30 - 03216358 _____ C:\Users\Marius\Downloads\CubeDemo.zip
2013-07-12 14:30 - 2013-07-12 14:30 - 00000000 ____D C:\Users\Marius\Downloads\CubeDemo
2013-07-12 14:29 - 2012-12-10 13:40 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-12 14:28 - 2013-07-12 14:28 - 00292184 _____ (Microsoft Corporation) C:\Users\Marius\Downloads\dxwebsetup.exe
2013-07-12 13:45 - 2013-07-12 13:45 - 00006712 ____N C:\bootsqm.dat
2013-07-11 21:43 - 2012-12-06 18:31 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-07-11 21:43 - 2012-11-08 23:02 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-07-11 21:42 - 2012-11-08 23:02 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-07-11 09:06 - 2009-07-14 06:45 - 03060512 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 09:05 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 09:05 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-11 09:05 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 23:09 - 2012-11-08 19:46 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-10 15:37 - 2012-11-08 23:16 - 00000000 ____D C:\Users\Marius\Desktop\Ultra Rofler
2013-07-08 10:13 - 2013-07-08 10:13 - 00000000 ____D C:\ProgramData\Picroma
2013-07-08 10:13 - 2013-07-08 10:12 - 00000000 ____D C:\Users\Marius\Downloads\Cube World V1
2013-07-08 08:50 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-07 15:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-06 16:37 - 2013-07-06 16:09 - 00000000 ____D C:\Users\Marius\Downloads\usch
2013-07-04 19:32 - 2012-11-08 18:05 - 00000000 ____D C:\Users\Marius
2013-07-04 19:31 - 2013-07-04 19:31 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-07-04 19:31 - 2012-11-08 18:06 - 00000000 ___RD C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-04 16:01 - 2012-11-08 18:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 22:54 - 2013-07-03 22:38 - 00000000 ____D C:\Users\Marius\Documents\3DMark
2013-07-03 22:38 - 2013-07-03 22:38 - 00000000 ____D C:\Users\Marius\AppData\Local\IsolatedStorage
2013-07-03 22:38 - 2013-07-03 22:38 - 00000000 ____D C:\Users\Marius\AppData\Local\Futuremark
2013-07-03 22:37 - 2013-07-03 22:37 - 00000000 ____D C:\Program Files (x86)\Futuremark
2013-07-03 22:37 - 2012-11-08 19:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-03 22:36 - 2013-07-03 22:36 - 00001777 _____ C:\Users\Public\Desktop\3DMark.lnk
2013-07-03 22:35 - 2013-07-03 22:35 - 00000000 ____D C:\Program Files\Futuremark
2013-07-03 20:26 - 2013-07-03 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 15:51 - 2012-11-08 18:51 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Adobe
2013-07-02 14:50 - 2013-07-02 14:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-01 15:42 - 2013-02-11 22:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-01 15:42 - 2012-11-14 16:28 - 00000000 ____D C:\ProgramData\Skype
2013-06-28 20:56 - 2012-11-09 11:40 - 00000000 ____D C:\Users\Marius\AppData\Roaming\vlc
2013-06-23 21:49 - 2013-02-13 21:37 - 00000000 ____D C:\Users\Marius\AppData\Local\IW4M
2013-06-23 12:14 - 2012-11-08 23:14 - 00000000 ____D C:\Users\Marius\AppData\Roaming\.minecraft
2013-06-22 14:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-20 21:05 - 2013-04-01 23:39 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-06-20 18:48 - 2013-06-20 18:48 - 00017568 _____ C:\Users\Marius\Desktop\dk.s20
2013-06-20 17:58 - 2013-06-20 17:58 - 00154816 _____ C:\Users\Marius\Downloads\Comedian Harmonists - Mein kleiner grüner Kaktus piano cover lyrics in Description.mp4.sfk
2013-06-20 14:14 - 2013-06-20 14:14 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2013-06-20 14:04 - 2013-05-08 12:39 - 00003242 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-06-20 14:04 - 2013-05-08 12:38 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-06-19 21:35 - 2013-01-13 17:00 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Tunngle
2013-06-19 21:35 - 2013-01-13 17:00 - 00000000 ____D C:\ProgramData\Tunngle
2013-06-19 21:30 - 2013-06-19 21:30 - 00000000 ____D C:\Users\Marius\Downloads\de_templum
2013-06-19 21:30 - 2013-06-19 21:29 - 05324841 _____ C:\Users\Marius\Downloads\de_templum.rar
2013-06-19 21:28 - 2013-06-19 21:28 - 00000000 ____D C:\Users\Marius\Downloads\jail_smart_genesis_2
2013-06-19 21:28 - 2013-06-19 21:27 - 03558301 _____ C:\Users\Marius\Downloads\jail_smart_genesis_2.rar
2013-06-19 21:18 - 2013-06-19 21:18 - 04603726 _____ C:\Users\Marius\Downloads\risk_simpsons.zip
2013-06-19 21:17 - 2013-06-19 21:17 - 05631030 _____ C:\Users\Marius\Downloads\cs_bikini.zip
2013-06-19 21:17 - 2013-06-19 21:17 - 02321240 _____ C:\Users\Marius\Downloads\cz_cs_bighouse.zip
2013-06-19 11:49 - 2013-05-08 12:39 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-06-19 11:49 - 2013-05-08 12:39 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-06-16 17:55 - 2013-06-16 17:55 - 03820480 _____ C:\Users\Marius\Downloads\battlelog-web-plugins_2.1.7_115(1).exe
2013-06-16 17:55 - 2012-11-08 22:54 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 17:53 - 2013-06-16 17:53 - 03820480 _____ C:\Users\Marius\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-06-15 00:48 - 2013-06-15 00:44 - 00000000 ____D C:\Program Files (x86)\Valve
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-06 17:51
==================== End Of Log ============================
--- --- --- |
|
14.07.2013, 21:01
| #4 |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Die Addition.txt hätte ich auch gerne, habe ich gerade vergessen zu erwähnen, sorry
__________________ Keep Jazzing!  DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
14.07.2013, 21:05
| #5 |
| | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013 Ran by Marius at 2013-07-14 21:56:39 Running from C:\Users\Marius\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.3.0.29082) 3DMark (x32 Version: 1.1) 7-Zip 9.22 (x64 edition) (Version: 9.22.00.0) Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.0.0) Adobe After Effects CS4 (x32 Version: 9) Adobe After Effects CS4 Presets (x32 Version: 9) Adobe After Effects CS4 Template Projects & Footage (x32 Version: 9) Adobe After Effects CS4 Third Party Content (x32 Version: 9) Adobe AIR (x32 Version: 1.1.0.5790) Adobe Anchor Service CS4 (x32 Version: 2.0) Adobe Anchor Service x64 CS4 (Version: 2.0) Adobe Bridge CS4 (x32 Version: 3) Adobe CMaps CS4 (x32 Version: 2.0) Adobe CMaps x64 CS4 (Version: 2.0) Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0) Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0) Adobe Color JA Extra Settings CS4 (x32 Version: 2.0) Adobe Color NA Extra Settings CS4 (x32 Version: 2.0) Adobe Color Video Profiles AE CS4 (x32 Version: 2.0) Adobe Color Video Profiles CS CS4 (x32 Version: 2.0) Adobe Creative Suite 4 Master Collection (x32 Version: 4.0) Adobe CS4 American English Speech Analysis Models (x32 Version: 1) Adobe CSI CS4 (x32 Version: 1) Adobe CSI CS4 x64 (Version: 1) Adobe Default Language CS4 (x32 Version: 2.0) Adobe Device Central CS4 (x32 Version: 2) Adobe Drive CS4 (x32 Version: 1) Adobe Drive CS4 x64 (Version: 1) Adobe Dynamiclink Support (x32 Version: 1) Adobe Encore CS4 Codecs (x32 Version: 4) Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0) Adobe Extension Manager CS4 (x32 Version: 2.0) Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Adobe Fonts All (x32 Version: 2.0) Adobe Fonts All x64 (Version: 2.0) Adobe InDesign CS4 (x32 Version: 6.0) Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0) Adobe InDesign CS4 Common Base Files (x32 Version: 6.0) Adobe InDesign CS4 Icon Handler (x32 Version: 6.0) Adobe InDesign CS4 Icon Handler x64 (Version: 6.0) Adobe Linguistics CS4 (x32 Version: 4.0.0) Adobe Linguistics CS4 x64 (Version: 4.0.0) Adobe Media Encoder CS4 (x32 Version: 1.0) Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0) Adobe Media Encoder CS4 Dolby (x32 Version: 1.0) Adobe Media Encoder CS4 Exporter (x32 Version: 1.0) Adobe Media Encoder CS4 Importer (x32 Version: 1.0) Adobe MotionPicture Color Files CS4 (x32 Version: 2.0) Adobe Output Module (x32 Version: 2.0) Adobe PDF Library Files CS4 (x32 Version: 9.0) Adobe PDF Library Files x64 CS4 (Version: 9.0) Adobe Photoshop CS4 (64 Bit) (Version: 11.0) Adobe Photoshop CS4 (x32 Version: 11.0) Adobe Photoshop CS4 Support (x32 Version: 11.0) Adobe Premiere Pro CS4 (x32 Version: 4) Adobe Premiere Pro CS4 Functional Content (x32 Version: 4) Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4) Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02) Adobe Search for Help (x32 Version: 1.0) Adobe Service Manager Extension (x32 Version: 1.0) Adobe Setup (x32 Version: 2.0) Adobe SGM CS4 (x32 Version: 3.0) Adobe SING CS4 (x32 Version: 2.0) Adobe Soundbooth CS4 Codecs (x32 Version: 2) Adobe Type Support CS4 (x32 Version: 9.0) Adobe Type Support x64 CS4 (Version: 9.0) Adobe Update Manager CS4 (x32 Version: 6.0.0) Adobe WinSoft Linguistics Plugin (x32 Version: 1.1) Adobe WinSoft Linguistics Plugin x64 (Version: 1.1) Adobe XMP Panels CS4 (x32 Version: 2.0) AdobeColorCommonSetCMYK (x32 Version: 2.0) AdobeColorCommonSetRGB (x32 Version: 2.0) Age of Empires III (x32 Version: 1.00.0000) Akamai NetSession Interface (HKCU) AMD Accelerated Video Transcoding (Version: 12.5.100.21219) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.903.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.71219.1540) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Ashampoo Burning Studio 2012 v.10.0.15 (x32 Version: 10.0.15) ASIO4ALL (x32 Version: 2.11 Beta1) Autodesk 3ds Max 2014 64-bit Populate Data (Version: 1.0.0.1) Autodesk Backburner 2014 (x32 Version: 14.0.0.0) Autodesk Composite 2014 (Version: 9.0.0.0) Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1) Autodesk Download Manager (x32 Version: 2.0.6.0) Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (Version: 1.2.0.0) Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (Version: 16.0) Autodesk Material Library 2014 (x32 Version: 4.0.32.600) Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.32.600) Autodesk Material Library Medium Resolution Image Library 2014 (x32 Version: 4.0.32.600) Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161) Avid License Control (x32 Version: 3.0.0) AVM FRITZ!WLAN (x32) Battlefield 3™ (x32 Version: 1.4.0.0) Battlefield Play4Free (x32) Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0) Battlelog Web Plugins (x32 Version: 2.1.7) BEHRINGER USB AUDIO DRIVER Bonjour (Version: 3.0.0.10) Brother MFC-7440N (x32 Version: 1.00) Brother P-touch Editor 5.0 (x32 Version: 5.0.2210) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485) Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485) CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485) CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485) CCC Help Czech (x32 Version: 2012.1219.1520.27485) CCC Help Danish (x32 Version: 2012.1219.1520.27485) CCC Help Dutch (x32 Version: 2012.1219.1520.27485) CCC Help English (x32 Version: 2012.1219.1520.27485) CCC Help Finnish (x32 Version: 2012.1219.1520.27485) CCC Help French (x32 Version: 2012.1219.1520.27485) CCC Help German (x32 Version: 2012.1219.1520.27485) CCC Help Greek (x32 Version: 2012.1219.1520.27485) CCC Help Hungarian (x32 Version: 2012.1219.1520.27485) CCC Help Italian (x32 Version: 2012.1219.1520.27485) CCC Help Japanese (x32 Version: 2012.1219.1520.27485) CCC Help Korean (x32 Version: 2012.1219.1520.27485) CCC Help Norwegian (x32 Version: 2012.1219.1520.27485) CCC Help Polish (x32 Version: 2012.1219.1520.27485) CCC Help Portuguese (x32 Version: 2012.1219.1520.27485) CCC Help Russian (x32 Version: 2012.1219.1520.27485) CCC Help Spanish (x32 Version: 2012.1219.1520.27485) CCC Help Swedish (x32 Version: 2012.1219.1520.27485) CCC Help Thai (x32 Version: 2012.1219.1520.27485) CCC Help Turkish (x32 Version: 2012.1219.1520.27485) ccc-utility64 (Version: 2012.1219.1521.27485) CCleaner (Version: 3.28) Connect (x32 Version: 1.0.0.1) Counter-Strike 1.6 (x32 Version: 1.00.0000) Creative Audio-Systemsteuerung (x32 Version: 3.00) Creative Software AutoUpdate (x32 Version: 1.40) Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02) Crysis® 2 (x32 Version: 1.9.0.0) CSI-Mord in 3 Dimensionen 1.0 (x32 Version: 1.0) Cube World version 0.0.1 (x32 Version: 0.0.1) Dead Space™ (x32 Version: 1.0.222.0) Dolby Home Theater v4 (x32 Version: 7.2.8000.13) Dropbox (HKCU Version: 2.2.9) Drumtracker (x32 Version: 1.0.2) DVD Decrypter (Remove Only) (x32) EA SPORTS online 2004 (x32) ESN Sonar (x32 Version: 0.70.4) Etron USB3.0 Host Controller (x32 Version: 0.115) EVEREST Home Edition v2.20 (x32 Version: 2.20) EZplayer pro (x32 Version: 1.0.4) Far Cry 3 (x32 Version: 1.05) FIFA 12 (x32 Version: 1.6.0.0) FileMaker Pro 11 (x32 Version: 11.0.3.0) Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.26.0) FormatFactory 3.0.1 (x32 Version: 3.0.1) Free Studio version 5.7.7.1031 (x32 Version: 5.7.7.1031) Futuremark SystemInfo (x32 Version: 4.17.0) Google Chrome (x32 Version: 28.0.1500.72) Google Update Helper (x32 Version: 1.3.21.153) Hotspot Shield 2.93 (x32 Version: 2.93) ICQ7M (x32 Version: 7.8) ImgBurn (x32 Version: 2.5.8.0) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) IrfanView (remove only) (x32 Version: 4.35) iTunes (Version: 11.0.3.42) iZotope Ozone 5 (x32 Version: 5.02) Java 7 Update 11 (x32 Version: 7.0.110) Java Auto Updater (x32 Version: 2.1.9.0) Kingsoft Office 2012 (8.1.0.3333) (x32 Version: 8.1.0.3333) kuler (x32 Version: 2.0) Line 6 Uninstaller (x32 Version: ) LogMeIn Hamachi (x32 Version: 2.1.0.374) M&Ms - Die Geheimformeln (x32) MAGIX Music Maker 16 Premium Download-Version (x32 Version: 16.0.0.30) MAGIX Screenshare (x32 Version: 4.3.6.1987) MAGIX Speed burnR (x32 Version: 7.0.1.27) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual FoxPro OLE DB Provider (x32 Version: 1.0.0) MorphVOX Pro (x32 Version: 4.4.5) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 22.0) MSI Afterburner 2.3.1 (x32 Version: 2.3.1) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Need for Speed™ Most Wanted (x32) Neuratron PhotoScore Lite (x32 Version: 7.0.2) New Deshaker 8.1.0.2 (x32 Version: 8.1.0.2) Norton Internet Security CBE (x32 Version: 20.4.0.40) Octava SD4 (x32 Version: 5.01) odesk 3ds Max 2014 (Version: 16.0.420.0) OpenAL (x32) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) Origin (x32 Version: 9.0.15.65) PDF Settings CS4 (x32 Version: 9.0) Photoshop Camera Raw (x32 Version: 5.0) Photoshop Camera Raw_x64 (Version: 5.0) Pixel Bender Toolkit (x32 Version: 1.0) PlayClaw 4 (x32 Version: 4) PunkBuster Services (x32 Version: 0.993) QuickTime (x32 Version: 7.60.92.0) Rapture3D 2.5.1 Game (x32) Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6519) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662) Samsung_MonSetup (x32 Version: 1.00.0000) Shockwave (x32) Sibelius 7 OpenType Fonts (x32 Version: 7.1.3) Sibelius 7.1.0.54 (Version: 7.1.0.54) SimCity™ (x32 Version: 1.0.0.0) Skype™ 6.5 (x32 Version: 6.5.158) Soda PDF 5 (x32 Version: 5.0.133.9133) Sony Vegas Pro 8.0 (x32 Version: 8.0.260) SpeedFan (remove only) (x32) SPORE™ (x32 Version: 1.00.0000) Steam (x32 Version: 1.0.0.0) Steinberg Cubase 5 (x32 Version: 5.1.0) Steinberg Drum Loop Expansion 01 (x32 Version: 1.0.0.1) Steinberg Groove Agent ONE Content (x32 Version: 1.0.0.003) Steinberg HALionOne (x32 Version: 1.1.0.457) Steinberg HALionOne Additional Content Set 01 (x32 Version: 1.0.0.001) Steinberg HALionOne Expression Set (x32 Version: 1.0.1.0) Steinberg HALionOne GM Drum Set (x32 Version: 1.0.1.457) Steinberg HALionOne GM Set (x32 Version: 1.0.1.457) Steinberg HALionOne Pro Set (x32 Version: 1.0.1.457) Steinberg HALionOne Studio Drum Set (x32 Version: 1.0.1.457) Steinberg HALionOne Studio Set (x32 Version: 1.0.1.457) Steinberg LoopMash Content (x32 Version: 1.0.0.005) Steinberg REVerence Content 01 (x32 Version: 1.0.0.006) Suite Shared Configuration CS4 (x32 Version: 1.0) Superior Drummer 64 bit (Version: 2.3.0) Superior Drummer Installer (x32 Version: 2.2.1) Sweet Home 3D version 3.7 (x32) System Shock 2 (x32) TeamSpeak 3 Client (Version: 3.0.6) TeamViewer 8 (x32 Version: 8.0.16642) Text-To-Speech-Runtime (x32 Version: 1.0.0.0) Toontrack solo (x32 Version: 1.2.2) Tunngle beta (x32) UEFA EURO 2004 (x32) UM-ONE-Treiber Unreal Development Kit: 2013-02 Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1) Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1) Uplay (x32 Version: 2.0) VLC media player 2.0.2 (Version: 2.0.2) VLC media player 2.0.4 (x32 Version: 2.0.4) Wireshark 1.8.4 (64-bit) (x32 Version: 1.8.4) WordToPDF 2.9 (x32 Version: 2.9) XSplit (x32 Version: 1.2.1301.2501) ==================== Restore Points ========================= 10-07-2013 20:03:12 Windows Update 14-07-2013 18:59:56 Malwarebytes Anti-Rootkit Restore Point ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {04BC27A3-9F2F-4051-B5A0-A3F5AD404BB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated) Task: {0E95904C-ED01-4D9C-A90B-E6B14E40D434} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe No File Task: {197833D3-E845-4656-BB25-88CB61D1E8FB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {2C06AF32-013D-487F-BFA7-154F416DC263} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe No File Task: {5ACAC852-B5F3-4970-B0E0-71DFBC3AC216} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-19] (Piriform Ltd) Task: {974AB6BA-9959-4A41-9EC4-185524B36775} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {9EBB4908-72D6-464E-8E91-A756A05AFF65} - System32\Tasks\WpsUpdateTask_Marius => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03] (Zhuhai Kingsoft Office-software Co.,Ltd) Task: {A5F0FE82-1169-43DA-84FD-EBC8C387EFBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-01] (Google Inc.) Task: {B3648FEC-1C42-4ED5-A6C9-467ABFCD8CE3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation) Task: {E599307D-623A-4977-8D01-542C632129D1} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe No File Task: {EBFF7DE7-5222-4820-BE40-D03E233CFB61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-01] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\WpsUpdateTask_Marius.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/14/2013 07:57:31 PM) (Source: MsiInstaller) (User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können. Error: (07/14/2013 07:55:46 PM) (Source: MsiInstaller) (User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können. Error: (07/14/2013 05:27:32 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (07/14/2013 04:25:01 PM) (Source: Application Hang) (User: ) Description: Programm QuickTimePlayer.exe, Version 7.60.92.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c90 Startzeit: 01ce809d9903743a Endzeit: 19 Anwendungspfad: C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe Berichts-ID: f38ddaa8-ec90-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 03:43:08 PM) (Source: MsiInstaller) (User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können. Error: (07/14/2013 03:42:40 PM) (Source: MsiInstaller) (User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können. Error: (07/14/2013 03:42:34 PM) (Source: Application Hang) (User: ) Description: Programm SuperMeatBoy.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9f4 Startzeit: 01ce8096988b6201 Endzeit: 0 Anwendungspfad: c:\program files (x86)\steam\steamapps\common\super meat boy\SuperMeatBoy.exe Berichts-ID: 52ac544e-ec8a-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 02:34:20 PM) (Source: Application Hang) (User: ) Description: Programm Steam.exe, Version 1.82.67.49 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a14 Startzeit: 01ce806fded016a1 Endzeit: 18 Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe Berichts-ID: a9ed7ebb-ec81-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 02:05:13 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Cubase5.exe, Version: 5.1.0.105, Zeitstempel: 0x4a1d7379 Name des fehlerhaften Moduls: Cubase5.exe, Version: 5.1.0.105, Zeitstempel: 0x4a1d7379 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00a058c2 ID des fehlerhaften Prozesses: 0x1f74 Startzeit der fehlerhaften Anwendung: 0xCubase5.exe0 Pfad der fehlerhaften Anwendung: Cubase5.exe1 Pfad des fehlerhaften Moduls: Cubase5.exe2 Berichtskennung: Cubase5.exe3 Error: (07/14/2013 00:58:18 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: Borderlands2.exe, Version: 1.0.10.24011, Zeitstempel: 0x51cb7785 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a Ausnahmecode: 0x00000001 Fehleroffset: 0x0000c41f ID des fehlerhaften Prozesses: 0x1478 Startzeit der fehlerhaften Anwendung: 0xBorderlands2.exe0 Pfad der fehlerhaften Anwendung: Borderlands2.exe1 Pfad des fehlerhaften Moduls: Borderlands2.exe2 Berichtskennung: Borderlands2.exe3 System errors: ============= Error: (07/14/2013 09:56:42 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:56:30 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:56 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:40 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:19 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:17 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:07 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:05 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:55:02 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Error: (07/14/2013 09:54:49 PM) (Source: atapi) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort5 gefunden. Microsoft Office Sessions: ========================= Error: (07/14/2013 07:57:31 PM) (Source: MsiInstaller)(User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/14/2013 07:55:46 PM) (Source: MsiInstaller)(User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/14/2013 05:27:32 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Marius\Downloads\SoftonicDownloader_fuer_av-voice-changer-software.exe Error: (07/14/2013 04:25:01 PM) (Source: Application Hang)(User: ) Description: QuickTimePlayer.exe7.60.92.01c9001ce809d9903743a19C:\Program Files (x86)\QuickTime\QuickTimePlayer.exef38ddaa8-ec90-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 03:43:08 PM) (Source: MsiInstaller)(User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/14/2013 03:42:40 PM) (Source: MsiInstaller)(User: Marius-PC) Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Marius\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/14/2013 03:42:34 PM) (Source: Application Hang)(User: ) Description: SuperMeatBoy.exe0.0.0.09f401ce8096988b62010c:\program files (x86)\steam\steamapps\common\super meat boy\SuperMeatBoy.exe52ac544e-ec8a-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 02:34:20 PM) (Source: Application Hang)(User: ) Description: Steam.exe1.82.67.49a1401ce806fded016a118C:\Program Files (x86)\Steam\Steam.exea9ed7ebb-ec81-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 02:05:13 PM) (Source: Application Error)(User: ) Description: Cubase5.exe5.1.0.1054a1d7379Cubase5.exe5.1.0.1054a1d7379c000000500a058c21f7401ce8087bdc9897aC:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exeC:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exea2c07bfc-ec7d-11e2-b6eb-001a4f9e75ed Error: (07/14/2013 00:58:18 PM) (Source: Application Error)(User: ) Description: Borderlands2.exe1.0.10.2401151cb7785KERNELBASE.dll6.1.7601.1801550b83c8a000000010000c41f147801ce8081088ada9bC:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exeC:\Windows\syswow64\KERNELBASE.dll49bba002-ec74-11e2-b6eb-001a4f9e75ed CodeIntegrity Errors: =================================== Date: 2012-12-19 19:15:27.520 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\Marius\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-12-19 19:15:27.489 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\Marius\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-12-19 19:15:14.355 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\Marius\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-12-19 19:15:14.322 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\Marius\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-11-08 20:32:52.249 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\Marius\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-11-08 20:32:52.229 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Users\Marius\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-11-08 20:32:51.609 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2012-11-08 20:32:51.589 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 8109.12 MB Available physical RAM: 4738.7 MB Total Pagefile: 16216.42 MB Available Pagefile: 12466.77 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:30.66 GB) NTFS (Disk=0 Partition=2) Drive d: (ARMPXEVL_EN) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS Drive e: () (Fixed) (Total:195.31 GB) (Free:57.38 GB) NTFS (Disk=1 Partition=1) ==>[System with boot components (obtained from reading drive)] Drive f: () (Fixed) (Total:270.44 GB) (Free:28.78 GB) NTFS (Disk=1 Partition=2) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 65A89AB2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 466 GB) (Disk ID: FC53FC53) Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=270 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
|
14.07.2013, 21:14
| #6 |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Erstmal nicht viel Auffälliges zu sehen... Schritt 1 Biite noch die Berichte von Norton posten. Schritt 2 Ich sehe in den Logs, dass du mehrere der von uns verwendeten Tools heruntergeladen hast (zB MBAM, TDSSKiller etc.). Bitte poste alle vorhandenen Logs.
__________________ --> PC plötzlich langsam, hängt, ohne ersichtlichen Grund |
|
14.07.2013, 21:20
| #7 |
| | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Ich befürchte, die Norton Berichte habe ich nicht mehr... Von den erwähnten Programmen hab ich nur aswMBR drüber sannen lassen: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-14 21:06:57
-----------------------------
21:06:57.453 OS Version: Windows x64 6.1.7601 Service Pack 1
21:06:57.453 Number of processors: 4 586 0x2A07
21:06:57.454 ComputerName: MARIUS-PC UserName: Marius
21:07:01.087 Initialize success
21:09:35.458 AVAST engine defs: 13071400
21:09:42.604 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-5
21:09:42.604 Disk 0 Vendor: ST1000DM005_HD103SJ 1AJ100E5 Size: 953869MB BusType: 3
21:09:42.604 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-b
21:09:42.604 Disk 1 Vendor: Hitachi_HDP725050GLA360 GM4OA52A Size: 476940MB BusType: 3
21:09:42.760 Disk 0 MBR read successfully
21:09:42.760 Disk 0 MBR scan
21:09:42.760 Disk 0 Windows 7 default MBR code
21:09:42.776 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:09:42.791 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
21:09:42.807 Disk 0 scanning C:\Windows\system32\drivers
21:09:57.496 Service scanning
21:10:21.337 Modules scanning
21:10:21.337 Disk 0 trace - called modules:
21:10:21.868 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:10:21.868 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ae1060]
21:10:21.868 3 CLASSPNP.SYS[fffff88001a5643f] -> nt!IofCallDriver -> [0xfffffa800781e580]
21:10:21.883 5 ACPI.sys[fffff88000f377a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-5[0xfffffa8007843060]
21:10:22.804 AVAST engine scan C:\Windows
21:10:34.507 AVAST engine scan C:\Windows\system32
21:14:33.805 AVAST engine scan C:\Windows\system32\drivers
21:14:52.652 AVAST engine scan C:\Users\Marius
21:22:51.692 File: C:\Users\Marius\Documents\desktop2 **INFECTED** Win32:Sirefef-PL [Rtk]
21:23:48.892 File: C:\Users\Marius\Downloads\rapidgatordownloader.exe **INFECTED** Win32:Downloader-TBH [Adw]
21:25:36.411 AVAST engine scan C:\ProgramData
21:30:00.815 Scan finished successfully
21:30:24.406 Disk 0 MBR has been saved successfully to "C:\Users\Marius\Desktop\MBR.dat"
21:30:24.422 The log file has been saved successfully to "C:\Users\Marius\Desktop\aswMBR.txt"
|
|
14.07.2013, 21:30
| #8 | |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Ok. Was kannst du mir zu folgenden Dateien sagen: Zitat:
Schritt 1 Bitte gehe zu Start --> Systemsteuerung --> Software und deinstalliere die folgende Software: Code:
ATTFilter Hotspot Shield 2.93 (x32 Version: 2.93)
Schritt 3 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 4 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Bitte poste in deiner nächsten Antwort
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
14.07.2013, 22:06
| #9 |
| | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Zu desktop2 und rapidgatordownloader.exe kann ich leider nichts sagen, vorallem desktop2 verwundert mich, da sie nicht sichtbar ist. CubeDemo ist eine Tech-Demo des Spiels Cube World, um zu testen, ob das Spiel auf meinem PC funktioniert; Die Datei "dk.s20" lässt sich mit dem Programm "Superior Drummer 2.0" öffnen und beinhaltet ein selbst gestaltetes Drumkit. Hotspotshield wurde deinstalliert. TDSSKiller-Log: Code:
ATTFilter 22:45:11.0276 6932 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:45:11.0666 6932 ============================================================
22:45:11.0666 6932 Current date / time: 2013/07/14 22:45:11.0666
22:45:11.0666 6932 SystemInfo:
22:45:11.0666 6932
22:45:11.0666 6932 OS Version: 6.1.7601 ServicePack: 1.0
22:45:11.0666 6932 Product type: Workstation
22:45:11.0666 6932 ComputerName: MARIUS-PC
22:45:11.0666 6932 UserName: Marius
22:45:11.0666 6932 Windows directory: C:\Windows
22:45:11.0666 6932 System windows directory: C:\Windows
22:45:11.0666 6932 Running under WOW64
22:45:11.0666 6932 Processor architecture: Intel x64
22:45:11.0666 6932 Number of processors: 4
22:45:11.0666 6932 Page size: 0x1000
22:45:11.0666 6932 Boot type: Normal boot
22:45:11.0666 6932 ============================================================
22:45:13.0304 6932 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:45:13.0304 6932 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:45:13.0319 6932 Drive \Device\Harddisk2\DR2 - Size: 0x1CEC00000 (7.23 Gb), SectorSize: 0x200, Cylinders: 0x3AF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:45:13.0319 6932 ============================================================
22:45:13.0319 6932 \Device\Harddisk0\DR0:
22:45:13.0319 6932 MBR partitions:
22:45:13.0319 6932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
22:45:13.0319 6932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0x21CE27A9
22:45:13.0319 6932 \Device\Harddisk1\DR1:
22:45:13.0319 6932 MBR partitions:
22:45:13.0319 6932 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:45:13.0319 6932 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
22:45:13.0319 6932 \Device\Harddisk2\DR2:
22:45:13.0319 6932 MBR partitions:
22:45:13.0319 6932 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0xD68, BlocksNum 0xE75298
22:45:13.0319 6932 ============================================================
22:45:13.0350 6932 C: <-> \Device\Harddisk1\DR1\Partition2
22:45:13.0382 6932 E: <-> \Device\Harddisk0\DR0\Partition1
22:45:13.0397 6932 F: <-> \Device\Harddisk0\DR0\Partition2
22:45:13.0397 6932 ============================================================
22:45:13.0397 6932 Initialize success
22:45:13.0397 6932 ============================================================
22:45:36.0256 2740 ============================================================
22:45:36.0256 2740 Scan started
22:45:36.0256 2740 Mode: Manual; SigCheck; TDLFS;
22:45:36.0256 2740 ============================================================
22:45:38.0738 2740 ================ Scan system memory ========================
22:45:38.0738 2740 System memory - ok
22:45:38.0738 2740 ================ Scan services =============================
22:45:39.0440 2740 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:45:39.0549 2740 1394ohci - ok
22:45:39.0580 2740 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:45:39.0642 2740 ACPI - ok
22:45:39.0658 2740 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:45:39.0720 2740 AcpiPmi - ok
22:45:39.0767 2740 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
22:45:39.0798 2740 adfs - ok
22:45:39.0986 2740 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:45:39.0986 2740 AdobeARMservice - ok
22:45:40.0110 2740 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:45:40.0126 2740 AdobeFlashPlayerUpdateSvc - ok
22:45:40.0157 2740 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:45:40.0173 2740 adp94xx - ok
22:45:40.0204 2740 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:45:40.0235 2740 adpahci - ok
22:45:40.0282 2740 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:45:40.0313 2740 adpu320 - ok
22:45:40.0344 2740 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:45:40.0438 2740 AeLookupSvc - ok
22:45:40.0500 2740 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:45:40.0563 2740 AFD - ok
22:45:40.0578 2740 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:45:40.0594 2740 agp440 - ok
22:45:40.0610 2740 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:45:40.0656 2740 ALG - ok
22:45:40.0688 2740 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:45:40.0703 2740 aliide - ok
22:45:40.0750 2740 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:45:40.0812 2740 AMD External Events Utility - ok
22:45:40.0828 2740 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:45:40.0845 2740 amdide - ok
22:45:40.0891 2740 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:45:40.0954 2740 AmdK8 - ok
22:45:42.0061 2740 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:45:42.0217 2740 amdkmdag - ok
22:45:42.0264 2740 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:45:42.0311 2740 amdkmdap - ok
22:45:42.0342 2740 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:45:42.0389 2740 AmdPPM - ok
22:45:42.0420 2740 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:45:42.0436 2740 amdsata - ok
22:45:42.0467 2740 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:45:42.0483 2740 amdsbs - ok
22:45:42.0483 2740 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:45:42.0498 2740 amdxata - ok
22:45:42.0576 2740 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
22:45:42.0607 2740 AppHostSvc - ok
22:45:42.0654 2740 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:45:42.0717 2740 AppID - ok
22:45:42.0732 2740 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:45:42.0810 2740 AppIDSvc - ok
22:45:42.0841 2740 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
22:45:42.0888 2740 Appinfo - ok
22:45:42.0951 2740 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:45:42.0966 2740 Apple Mobile Device - ok
22:45:42.0982 2740 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:45:42.0982 2740 arc - ok
22:45:43.0013 2740 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:45:43.0029 2740 arcsas - ok
22:45:43.0169 2740 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:45:43.0216 2740 aspnet_state - ok
22:45:43.0231 2740 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:45:43.0325 2740 AsyncMac - ok
22:45:43.0356 2740 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:45:43.0356 2740 atapi - ok
22:45:43.0403 2740 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:45:43.0465 2740 AtiHDAudioService - ok
22:45:43.0497 2740 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:45:43.0543 2740 AudioEndpointBuilder - ok
22:45:43.0575 2740 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:45:43.0590 2740 AudioSrv - ok
22:45:43.0653 2740 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
22:45:43.0684 2740 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
22:45:43.0684 2740 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
22:45:43.0715 2740 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
22:45:43.0731 2740 avmeject - ok
22:45:43.0809 2740 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:45:43.0840 2740 AxInstSV - ok
22:45:43.0888 2740 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:45:43.0919 2740 b06bdrv - ok
22:45:43.0981 2740 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:45:44.0028 2740 b57nd60a - ok
22:45:44.0059 2740 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:45:44.0090 2740 BDESVC - ok
22:45:44.0106 2740 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:45:44.0153 2740 Beep - ok
22:45:44.0215 2740 [ B62ABDC39B36184B6B8B9E71A8685F52 ] BEHRINGER_2902 C:\Windows\system32\Drivers\BUSB2902.sys
22:45:44.0231 2740 BEHRINGER_2902 - ok
22:45:44.0309 2740 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:45:44.0356 2740 BFE - ok
22:45:44.0652 2740 [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130702.001\BHDrvx64.sys
22:45:44.0683 2740 BHDrvx64 - ok
22:45:44.0730 2740 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:45:44.0761 2740 BITS - ok
22:45:44.0792 2740 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:45:44.0839 2740 blbdrive - ok
22:45:44.0933 2740 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:45:44.0948 2740 Bonjour Service - ok
22:45:44.0980 2740 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:45:45.0042 2740 bowser - ok
22:45:45.0073 2740 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:45:45.0167 2740 BrFiltLo - ok
22:45:45.0182 2740 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:45:45.0214 2740 BrFiltUp - ok
22:45:45.0260 2740 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:45:45.0292 2740 Browser - ok
22:45:45.0338 2740 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:45:45.0401 2740 Brserid - ok
22:45:45.0432 2740 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:45:45.0479 2740 BrSerWdm - ok
22:45:45.0510 2740 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:45:45.0541 2740 BrUsbMdm - ok
22:45:45.0557 2740 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:45:45.0572 2740 BrUsbSer - ok
22:45:45.0604 2740 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:45:45.0635 2740 BTHMODEM - ok
22:45:45.0682 2740 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:45:45.0744 2740 bthserv - ok
22:45:45.0760 2740 [ AEC85FF9A00DD9EE7605AFC66949F228 ] BUSB_AUDIO_WDM C:\Windows\system32\drivers\busbwdm.sys
22:45:45.0775 2740 BUSB_AUDIO_WDM - ok
22:45:45.0853 2740 [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
22:45:45.0869 2740 ccSet_NIS - ok
22:45:45.0900 2740 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:45:45.0962 2740 cdfs - ok
22:45:46.0009 2740 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:45:46.0040 2740 cdrom - ok
22:45:46.0072 2740 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:45:46.0134 2740 CertPropSvc - ok
22:45:46.0165 2740 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:45:46.0196 2740 circlass - ok
22:45:46.0228 2740 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:45:46.0243 2740 CLFS - ok
22:45:46.0290 2740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:45:46.0306 2740 clr_optimization_v2.0.50727_32 - ok
22:45:46.0399 2740 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:45:46.0415 2740 clr_optimization_v2.0.50727_64 - ok
22:45:46.0508 2740 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:45:46.0618 2740 clr_optimization_v4.0.30319_32 - ok
22:45:46.0633 2740 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:45:46.0680 2740 clr_optimization_v4.0.30319_64 - ok
22:45:46.0711 2740 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:45:46.0742 2740 CmBatt - ok
22:45:46.0758 2740 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:45:46.0774 2740 cmdide - ok
22:45:46.0805 2740 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
22:45:46.0852 2740 CNG - ok
22:45:46.0867 2740 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:45:46.0867 2740 Compbatt - ok
22:45:46.0898 2740 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:45:46.0945 2740 CompositeBus - ok
22:45:46.0945 2740 COMSysApp - ok
22:45:47.0039 2740 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:45:47.0054 2740 cphs - ok
22:45:47.0101 2740 cpuz136 - ok
22:45:47.0117 2740 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:45:47.0132 2740 crcdisk - ok
22:45:47.0210 2740 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
22:45:47.0257 2740 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:45:47.0257 2740 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:45:47.0304 2740 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:45:47.0335 2740 CryptSvc - ok
22:45:47.0366 2740 [ 148C9C111291C41D6B2ABFB6FBB43856 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
22:45:47.0382 2740 CT20XUT - ok
22:45:47.0398 2740 [ 148C9C111291C41D6B2ABFB6FBB43856 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
22:45:47.0413 2740 CT20XUT.SYS - ok
22:45:47.0429 2740 [ 397FBD4454E5B2FB77E55D1013DF548C ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
22:45:47.0444 2740 ctac32k - ok
22:45:47.0460 2740 [ 50A8CD4DF066FE57D0C473A2645988CC ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
22:45:47.0476 2740 ctaud2k - ok
22:45:47.0554 2740 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:45:47.0616 2740 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
22:45:47.0616 2740 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
22:45:47.0694 2740 [ 6F9C3C6C78F5296F4BC7102FB0F7CB65 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
22:45:47.0710 2740 CTEXFIFX - ok
22:45:47.0725 2740 [ 6F9C3C6C78F5296F4BC7102FB0F7CB65 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
22:45:47.0756 2740 CTEXFIFX.SYS - ok
22:45:47.0772 2740 [ AE78CA7EE865A28AC841211DB655ACF3 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
22:45:47.0772 2740 CTHWIUT - ok
22:45:47.0788 2740 [ AE78CA7EE865A28AC841211DB655ACF3 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
22:45:47.0788 2740 CTHWIUT.SYS - ok
22:45:47.0819 2740 [ 757776E207CA5E71E4A16BD1260AE1F2 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
22:45:47.0834 2740 ctprxy2k - ok
22:45:47.0881 2740 [ 9B111EE2F488A8D9C21A13ED4C777795 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
22:45:47.0897 2740 ctsfm2k - ok
22:45:47.0945 2740 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:45:48.0023 2740 DcomLaunch - ok
22:45:48.0054 2740 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:45:48.0116 2740 defragsvc - ok
22:45:48.0147 2740 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:45:48.0194 2740 DfsC - ok
22:45:48.0210 2740 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:45:48.0241 2740 Dhcp - ok
22:45:48.0257 2740 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:45:48.0288 2740 discache - ok
22:45:48.0303 2740 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:45:48.0303 2740 Disk - ok
22:45:48.0335 2740 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:45:48.0381 2740 Dnscache - ok
22:45:48.0397 2740 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:45:48.0444 2740 dot3svc - ok
22:45:48.0475 2740 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:45:48.0522 2740 DPS - ok
22:45:48.0569 2740 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:45:48.0600 2740 drmkaud - ok
22:45:48.0631 2740 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:45:48.0647 2740 DXGKrnl - ok
22:45:48.0693 2740 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:45:48.0740 2740 EapHost - ok
22:45:48.0959 2740 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:45:49.0021 2740 ebdrv - ok
22:45:49.0052 2740 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
22:45:49.0068 2740 eeCtrl - ok
22:45:49.0115 2740 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:45:49.0161 2740 EFS - ok
22:45:49.0193 2740 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:45:49.0224 2740 elxstor - ok
22:45:49.0239 2740 [ 683DCAF0D4EFC3F95A32E8924849202D ] emupia C:\Windows\system32\drivers\emupia2k.sys
22:45:49.0255 2740 emupia - ok
22:45:49.0317 2740 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:45:49.0333 2740 EraserUtilRebootDrv - ok
22:45:49.0364 2740 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:45:49.0395 2740 ErrDev - ok
22:45:49.0442 2740 [ 3DBC10CBC436288801FAEE66DE91AE47 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
22:45:49.0489 2740 EtronHub3 - ok
22:45:49.0505 2740 [ DE261095A2220D400D9603E1E42D4185 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
22:45:49.0520 2740 EtronXHCI - ok
22:45:49.0536 2740 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:45:49.0598 2740 EventSystem - ok
22:45:49.0629 2740 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:45:49.0676 2740 exfat - ok
22:45:49.0707 2740 Fabs - ok
22:45:49.0723 2740 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:45:49.0801 2740 fastfat - ok
22:45:49.0848 2740 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:45:49.0895 2740 Fax - ok
22:45:49.0926 2740 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:45:49.0957 2740 fdc - ok
22:45:49.0988 2740 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:45:50.0035 2740 fdPHost - ok
22:45:50.0051 2740 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:45:50.0066 2740 FDResPub - ok
22:45:50.0082 2740 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:45:50.0097 2740 FileInfo - ok
22:45:50.0097 2740 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:45:50.0144 2740 Filetrace - ok
22:45:50.0269 2740 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
22:45:50.0347 2740 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
22:45:50.0347 2740 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
22:45:50.0394 2740 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:45:50.0409 2740 FLEXnet Licensing Service - ok
22:45:50.0487 2740 [ ECC329F6104EE208C24C4A8C1B4A9D14 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
22:45:50.0534 2740 FLEXnet Licensing Service 64 - ok
22:45:50.0550 2740 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:45:50.0550 2740 flpydisk - ok
22:45:50.0565 2740 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:45:50.0581 2740 FltMgr - ok
22:45:50.0659 2740 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:45:50.0690 2740 FontCache - ok
22:45:50.0753 2740 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:45:50.0753 2740 FontCache3.0.0.0 - ok
22:45:50.0784 2740 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:45:50.0815 2740 FsDepends - ok
22:45:50.0862 2740 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:45:50.0862 2740 Fs_Rec - ok
22:45:50.0940 2740 [ B99C240DEA85007044E178C1C9C75659 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
22:45:50.0971 2740 Futuremark SystemInfo Service - ok
22:45:51.0003 2740 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:45:51.0034 2740 fvevol - ok
22:45:51.0097 2740 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
22:45:51.0128 2740 FWLANUSB - ok
22:45:51.0144 2740 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:45:51.0159 2740 gagp30kx - ok
22:45:51.0175 2740 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
22:45:51.0190 2740 gdrv - ok
22:45:51.0222 2740 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:45:51.0222 2740 GEARAspiWDM - ok
22:45:51.0268 2740 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:45:51.0346 2740 gpsvc - ok
22:45:51.0424 2740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:45:51.0440 2740 gupdate - ok
22:45:51.0440 2740 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:45:51.0456 2740 gupdatem - ok
22:45:51.0534 2740 [ 076F366B87575ADC7D152C7A34ACB3DC ] ha20x22k C:\Windows\system32\drivers\ha20x22k.sys
22:45:51.0565 2740 ha20x22k - ok
22:45:51.0830 2740 [ 4A7533EB52DC9D1847E7F78DEE1CE322 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
22:45:51.0892 2740 ha20x2k - ok
22:45:51.0939 2740 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
22:45:51.0939 2740 hamachi - ok
22:45:52.0454 2740 [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:45:52.0548 2740 Hamachi2Svc - ok
22:45:52.0594 2740 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:45:52.0610 2740 hcw85cir - ok
22:45:52.0657 2740 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:45:52.0719 2740 HdAudAddService - ok
22:45:52.0766 2740 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:45:52.0782 2740 HDAudBus - ok
22:45:52.0813 2740 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:45:52.0860 2740 HidBatt - ok
22:45:52.0875 2740 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:45:52.0906 2740 HidBth - ok
22:45:52.0922 2740 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:45:52.0984 2740 HidIr - ok
22:45:53.0016 2740 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:45:53.0078 2740 hidserv - ok
22:45:53.0109 2740 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:45:53.0109 2740 HidUsb - ok
22:45:53.0140 2740 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:45:53.0172 2740 hkmsvc - ok
22:45:53.0203 2740 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:45:53.0250 2740 HomeGroupListener - ok
22:45:53.0281 2740 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:45:53.0296 2740 HomeGroupProvider - ok
22:45:53.0328 2740 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:45:53.0343 2740 HpSAMD - ok
22:45:53.0390 2740 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:45:53.0452 2740 HTTP - ok
22:45:53.0468 2740 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:45:53.0484 2740 hwpolicy - ok
22:45:53.0515 2740 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:45:53.0530 2740 i8042prt - ok
22:45:53.0577 2740 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:45:53.0593 2740 iaStorV - ok
22:45:53.0655 2740 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:45:53.0686 2740 idsvc - ok
22:45:54.0014 2740 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130712.001\IDSvia64.sys
22:45:54.0045 2740 IDSVia64 - ok
22:45:54.0201 2740 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:45:54.0342 2740 igfx - ok
22:45:54.0357 2740 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:45:54.0373 2740 iirsp - ok
22:45:54.0435 2740 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
22:45:54.0482 2740 IISADMIN - ok
22:45:54.0498 2740 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:45:54.0591 2740 IKEEXT - ok
22:45:54.0700 2740 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:45:54.0747 2740 IntcAzAudAddService - ok
22:45:54.0794 2740 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:45:54.0825 2740 intelide - ok
22:45:54.0856 2740 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:45:54.0872 2740 intelppm - ok
22:45:54.0888 2740 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:45:54.0934 2740 IPBusEnum - ok
22:45:54.0950 2740 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:45:55.0028 2740 IpFilterDriver - ok
22:45:55.0075 2740 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:45:55.0122 2740 iphlpsvc - ok
22:45:55.0137 2740 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:45:55.0153 2740 IPMIDRV - ok
22:45:55.0184 2740 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:45:55.0246 2740 IPNAT - ok
22:45:55.0324 2740 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:45:55.0356 2740 iPod Service - ok
22:45:55.0371 2740 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:45:55.0418 2740 IRENUM - ok
22:45:55.0434 2740 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:45:55.0434 2740 isapnp - ok
22:45:55.0449 2740 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:45:55.0465 2740 iScsiPrt - ok
22:45:55.0480 2740 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:45:55.0480 2740 kbdclass - ok
22:45:55.0512 2740 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:45:55.0543 2740 kbdhid - ok
22:45:55.0558 2740 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:45:55.0574 2740 KeyIso - ok
22:45:55.0605 2740 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:45:55.0605 2740 KSecDD - ok
22:45:55.0621 2740 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:45:55.0636 2740 KSecPkg - ok
22:45:55.0652 2740 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:45:55.0699 2740 ksthunk - ok
22:45:55.0714 2740 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:45:55.0746 2740 KtmRm - ok
22:45:55.0824 2740 [ FA3764DB641FD2B313FEF18D636C52BC ] L6PODHD3 C:\Windows\system32\Drivers\L6PODHD364.sys
22:45:55.0870 2740 L6PODHD3 - ok
22:45:55.0917 2740 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:45:55.0964 2740 LanmanServer - ok
22:45:55.0995 2740 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:45:56.0011 2740 LanmanWorkstation - ok
22:45:56.0042 2740 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:45:56.0104 2740 lltdio - ok
22:45:56.0136 2740 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:45:56.0182 2740 lltdsvc - ok
22:45:56.0214 2740 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:45:56.0245 2740 lmhosts - ok
22:45:56.0292 2740 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:45:56.0307 2740 LSI_FC - ok
22:45:56.0323 2740 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:45:56.0338 2740 LSI_SAS - ok
22:45:56.0354 2740 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:45:56.0370 2740 LSI_SAS2 - ok
22:45:56.0385 2740 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:45:56.0401 2740 LSI_SCSI - ok
22:45:56.0401 2740 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:45:56.0463 2740 luafv - ok
22:45:56.0494 2740 [ 31C6AFFFAD7C733A65F888929548BC22 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
22:45:56.0510 2740 mbamchameleon - ok
22:45:56.0541 2740 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:45:56.0557 2740 megasas - ok
22:45:56.0572 2740 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:45:56.0604 2740 MegaSR - ok
22:45:56.0619 2740 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:45:56.0635 2740 MEIx64 - ok
22:45:56.0822 2740 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2014_64 C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
22:45:56.0838 2740 mi-raysat_3dsmax2014_64 ( UnsignedFile.Multi.Generic ) - warning
22:45:56.0838 2740 mi-raysat_3dsmax2014_64 - detected UnsignedFile.Multi.Generic (1)
22:45:56.0869 2740 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:45:56.0900 2740 MMCSS - ok
22:45:56.0931 2740 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:45:57.0009 2740 Modem - ok
22:45:57.0025 2740 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:45:57.0072 2740 monitor - ok
22:45:57.0103 2740 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:45:57.0118 2740 mouclass - ok
22:45:57.0134 2740 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:45:57.0150 2740 mouhid - ok
22:45:57.0181 2740 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:45:57.0196 2740 mountmgr - ok
22:45:57.0243 2740 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:45:57.0259 2740 MozillaMaintenance - ok
22:45:57.0290 2740 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:45:57.0321 2740 mpio - ok
22:45:57.0321 2740 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:45:57.0384 2740 mpsdrv - ok
22:45:57.0430 2740 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:45:57.0493 2740 MpsSvc - ok
22:45:57.0555 2740 [ CD22D2563039DDA6793F7624719363A7 ] MQAC C:\Windows\system32\drivers\mqac.sys
22:45:57.0586 2740 MQAC - ok
22:45:57.0618 2740 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:45:57.0649 2740 MRxDAV - ok
22:45:57.0680 2740 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:45:57.0727 2740 mrxsmb - ok
22:45:57.0742 2740 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:45:57.0774 2740 mrxsmb10 - ok
22:45:57.0789 2740 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:45:57.0805 2740 mrxsmb20 - ok
22:45:57.0836 2740 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:45:57.0852 2740 msahci - ok
22:45:57.0883 2740 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:45:57.0898 2740 msdsm - ok
22:45:57.0914 2740 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:45:57.0930 2740 MSDTC - ok
22:45:57.0961 2740 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:45:57.0992 2740 Msfs - ok
22:45:58.0008 2740 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:45:58.0071 2740 mshidkmdf - ok
22:45:58.0102 2740 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:45:58.0102 2740 msisadrv - ok
22:45:58.0133 2740 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:45:58.0165 2740 MSiSCSI - ok
22:45:58.0165 2740 msiserver - ok
22:45:58.0180 2740 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:45:58.0243 2740 MSKSSRV - ok
22:45:58.0243 2740 [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ C:\Windows\system32\mqsvc.exe
22:45:58.0274 2740 MSMQ - ok
22:45:58.0305 2740 [ 59ED174FD4314B0218DC91F9BFA6CD3D ] MSMQTriggers C:\Windows\system32\mqtgsvc.exe
22:45:58.0321 2740 MSMQTriggers - ok
22:45:58.0321 2740 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:45:58.0336 2740 MSPCLOCK - ok
22:45:58.0352 2740 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:45:58.0367 2740 MSPQM - ok
22:45:58.0430 2740 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:45:58.0445 2740 MsRPC - ok
22:45:58.0477 2740 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:45:58.0492 2740 mssmbios - ok
22:45:58.0508 2740 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:45:58.0539 2740 MSTEE - ok
22:45:58.0555 2740 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:45:58.0570 2740 MTConfig - ok
22:45:58.0586 2740 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:45:58.0586 2740 Mup - ok
22:45:58.0648 2740 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:45:58.0711 2740 napagent - ok
22:45:58.0742 2740 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:45:58.0789 2740 NativeWifiP - ok
22:45:58.0851 2740 [ 56540E526B46E379A476FB5BC381B290 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130713.006\ENG64.SYS
22:45:58.0867 2740 NAVENG - ok
22:45:59.0288 2740 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130713.006\EX64.SYS
22:45:59.0319 2740 NAVEX15 - ok
22:45:59.0397 2740 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:45:59.0428 2740 NDIS - ok
22:45:59.0459 2740 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:45:59.0506 2740 NdisCap - ok
22:45:59.0537 2740 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:45:59.0569 2740 NdisTapi - ok
22:45:59.0600 2740 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:45:59.0615 2740 Ndisuio - ok
22:45:59.0647 2740 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:45:59.0709 2740 NdisWan - ok
22:45:59.0725 2740 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:45:59.0803 2740 NDProxy - ok
22:45:59.0818 2740 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:45:59.0849 2740 NetBIOS - ok
22:45:59.0865 2740 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:45:59.0896 2740 NetBT - ok
22:45:59.0912 2740 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:45:59.0912 2740 Netlogon - ok
22:45:59.0943 2740 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:46:00.0005 2740 Netman - ok
22:46:00.0083 2740 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:00.0099 2740 NetMsmqActivator - ok
22:46:00.0115 2740 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:00.0130 2740 NetPipeActivator - ok
22:46:00.0146 2740 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:46:00.0193 2740 netprofm - ok
22:46:00.0193 2740 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:00.0208 2740 NetTcpActivator - ok
22:46:00.0208 2740 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:00.0208 2740 NetTcpPortSharing - ok
22:46:00.0239 2740 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:46:00.0239 2740 nfrd960 - ok
22:46:00.0349 2740 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
22:46:00.0364 2740 NIS - ok
22:46:00.0411 2740 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:46:00.0458 2740 NlaSvc - ok
22:46:00.0458 2740 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:46:00.0489 2740 Npfs - ok
22:46:00.0505 2740 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:46:00.0583 2740 nsi - ok
22:46:00.0598 2740 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:46:00.0629 2740 nsiproxy - ok
22:46:00.0707 2740 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:46:00.0754 2740 Ntfs - ok
22:46:00.0770 2740 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:46:00.0801 2740 Null - ok
22:46:00.0832 2740 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:46:00.0848 2740 nvraid - ok
22:46:00.0879 2740 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:46:00.0879 2740 nvstor - ok
22:46:00.0910 2740 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:46:00.0926 2740 nv_agp - ok
22:46:00.0941 2740 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:46:00.0973 2740 ohci1394 - ok
22:46:01.0004 2740 [ A29A80A1CF63D0DC27EEFCAF27D34664 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
22:46:01.0004 2740 ossrv - ok
22:46:01.0066 2740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:46:01.0129 2740 p2pimsvc - ok
22:46:01.0144 2740 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:46:01.0175 2740 p2psvc - ok
22:46:01.0191 2740 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:46:01.0207 2740 Parport - ok
22:46:01.0238 2740 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:46:01.0269 2740 partmgr - ok
22:46:01.0300 2740 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:46:01.0331 2740 PcaSvc - ok
22:46:01.0347 2740 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:46:01.0378 2740 pci - ok
22:46:01.0409 2740 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:46:01.0425 2740 pciide - ok
22:46:01.0456 2740 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:46:01.0487 2740 pcmcia - ok
22:46:01.0503 2740 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:46:01.0503 2740 pcw - ok
22:46:01.0534 2740 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:46:01.0597 2740 PEAUTH - ok
22:46:02.0595 2740 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:46:02.0626 2740 PerfHost - ok
22:46:02.0704 2740 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:46:02.0782 2740 pla - ok
22:46:02.0829 2740 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:46:02.0860 2740 PlugPlay - ok
22:46:03.0001 2740 PnkBstrA - ok
22:46:03.0032 2740 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:46:03.0063 2740 PNRPAutoReg - ok
22:46:03.0125 2740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:46:03.0141 2740 PNRPsvc - ok
22:46:03.0219 2740 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:46:03.0297 2740 PolicyAgent - ok
22:46:03.0359 2740 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:46:03.0453 2740 Power - ok
22:46:03.0515 2740 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:46:03.0578 2740 PptpMiniport - ok
22:46:03.0609 2740 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:46:03.0625 2740 Processor - ok
22:46:03.0656 2740 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:46:03.0703 2740 ProfSvc - ok
22:46:03.0703 2740 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:46:03.0718 2740 ProtectedStorage - ok
22:46:03.0749 2740 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:46:03.0796 2740 Psched - ok
22:46:04.0217 2740 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:46:04.0264 2740 ql2300 - ok
22:46:04.0295 2740 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:46:04.0295 2740 ql40xx - ok
22:46:04.0327 2740 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:46:04.0358 2740 QWAVE - ok
22:46:04.0373 2740 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:46:04.0420 2740 QWAVEdrv - ok
22:46:04.0436 2740 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:46:04.0483 2740 RasAcd - ok
22:46:04.0514 2740 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:46:04.0545 2740 RasAgileVpn - ok
22:46:04.0561 2740 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:46:04.0592 2740 RasAuto - ok
22:46:04.0607 2740 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:46:04.0670 2740 Rasl2tp - ok
22:46:04.0732 2740 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:46:04.0810 2740 RasMan - ok
22:46:04.0841 2740 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:46:04.0919 2740 RasPppoe - ok
22:46:04.0935 2740 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:46:05.0013 2740 RasSstp - ok
22:46:05.0029 2740 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:46:05.0060 2740 rdbss - ok
22:46:05.0107 2740 [ EE9745B8AEBB02C08FC1FF5655F8AF55 ] RDID1115 C:\Windows\system32\Drivers\rdwm1115.sys
22:46:05.0138 2740 RDID1115 - ok
22:46:05.0186 2740 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:46:05.0248 2740 rdpbus - ok
22:46:05.0295 2740 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:46:05.0326 2740 RDPCDD - ok
22:46:05.0342 2740 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:46:05.0388 2740 RDPENCDD - ok
22:46:05.0404 2740 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:46:05.0420 2740 RDPREFMP - ok
22:46:05.0482 2740 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:46:05.0513 2740 RdpVideoMiniport - ok
22:46:05.0544 2740 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:46:05.0576 2740 RDPWD - ok
22:46:05.0607 2740 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:46:05.0638 2740 rdyboost - ok
22:46:05.0685 2740 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:46:05.0763 2740 RemoteAccess - ok
22:46:05.0778 2740 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:46:05.0841 2740 RemoteRegistry - ok
22:46:05.0888 2740 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
22:46:05.0934 2740 RMCAST - ok
22:46:05.0950 2740 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:46:05.0981 2740 RpcEptMapper - ok
22:46:05.0981 2740 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:46:05.0997 2740 RpcLocator - ok
22:46:06.0059 2740 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:46:06.0106 2740 RpcSs - ok
22:46:06.0137 2740 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:46:06.0184 2740 rspndr - ok
22:46:06.0262 2740 [ 6FA271B6816AFFAEF640808FC51AC8AF ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
22:46:06.0278 2740 RTCore64 - ok
22:46:06.0324 2740 [ C20F64FCD5E2B40310A1774495877ACD ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
22:46:06.0356 2740 RTHDMIAzAudService - ok
22:46:06.0387 2740 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:46:06.0402 2740 RTL8167 - ok
22:46:06.0418 2740 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:46:06.0434 2740 SamSs - ok
22:46:06.0449 2740 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:46:06.0465 2740 sbp2port - ok
22:46:06.0527 2740 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:46:06.0574 2740 SCardSvr - ok
22:46:06.0590 2740 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:46:06.0621 2740 scfilter - ok
22:46:06.0761 2740 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:46:06.0839 2740 Schedule - ok
22:46:06.0886 2740 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:46:06.0917 2740 SCPolicySvc - ok
22:46:06.0980 2740 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
22:46:06.0995 2740 ScreamBAudioSvc - ok
22:46:07.0026 2740 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:46:07.0058 2740 SDRSVC - ok
22:46:07.0089 2740 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:46:07.0120 2740 secdrv - ok
22:46:07.0151 2740 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:46:07.0182 2740 seclogon - ok
22:46:07.0214 2740 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:46:07.0245 2740 SENS - ok
22:46:07.0260 2740 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:46:07.0276 2740 SensrSvc - ok
22:46:07.0307 2740 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:46:07.0338 2740 Serenum - ok
22:46:07.0354 2740 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:46:07.0385 2740 Serial - ok
22:46:07.0432 2740 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:46:07.0479 2740 sermouse - ok
22:46:07.0510 2740 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:46:07.0572 2740 SessionEnv - ok
22:46:07.0604 2740 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:46:07.0635 2740 sffdisk - ok
22:46:07.0650 2740 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:46:07.0666 2740 sffp_mmc - ok
22:46:07.0682 2740 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:46:07.0713 2740 sffp_sd - ok
22:46:07.0713 2740 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:46:07.0728 2740 sfloppy - ok
22:46:07.0760 2740 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:46:07.0791 2740 SharedAccess - ok
22:46:07.0822 2740 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:46:07.0838 2740 ShellHWDetection - ok
22:46:07.0869 2740 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:46:07.0884 2740 SiSRaid2 - ok
22:46:07.0900 2740 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:46:07.0916 2740 SiSRaid4 - ok
22:46:07.0978 2740 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:46:07.0994 2740 SkypeUpdate - ok
22:46:08.0025 2740 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:46:08.0072 2740 Smb - ok
22:46:08.0103 2740 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:46:08.0134 2740 SNMPTRAP - ok
22:46:09.0928 2740 [ 37D91C6385BB1104D67925FC43800ED0 ] SNPSTD3 C:\Windows\system32\DRIVERS\snpstd3.sys
22:46:10.0115 2740 SNPSTD3 - ok
22:46:10.0474 2740 [ 369E4401CCDFDE3E81BB91898FDEF7C5 ] Soda PDF 5 Helper Service C:\Program Files (x86)\Soda PDF 5\HelperService.exe
22:46:10.0505 2740 Soda PDF 5 Helper Service - ok
22:46:10.0692 2740 [ AAE0A4F03EC12E02B0830AD93BAD9F58 ] Soda PDF 5 Service C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
22:46:10.0724 2740 Soda PDF 5 Service - ok
22:46:10.0848 2740 [ 0FFE35F0B0CD5A324BBE22F02569AE3B ] speedfan C:\Windows\syswow64\speedfan.sys
22:46:10.0864 2740 speedfan - ok
22:46:10.0895 2740 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:46:10.0911 2740 spldr - ok
22:46:10.0973 2740 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:46:11.0020 2740 Spooler - ok
22:46:11.0519 2740 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:46:11.0597 2740 sppsvc - ok
22:46:11.0628 2740 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:46:11.0691 2740 sppuinotify - ok
22:46:12.0034 2740 [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
22:46:12.0050 2740 SRTSP - ok
22:46:12.0065 2740 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
22:46:12.0081 2740 SRTSPX - ok
22:46:12.0237 2740 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:46:12.0316 2740 srv - ok
22:46:12.0331 2740 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:46:12.0363 2740 srv2 - ok
22:46:12.0378 2740 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:46:12.0394 2740 srvnet - ok
22:46:12.0409 2740 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:46:12.0456 2740 SSDPSRV - ok
22:46:12.0456 2740 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:46:12.0487 2740 SstpSvc - ok
22:46:12.0534 2740 Steam Client Service - ok
22:46:12.0550 2740 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:46:12.0565 2740 stexstor - ok
22:46:12.0643 2740 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:46:12.0690 2740 stisvc - ok
22:46:12.0721 2740 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:46:12.0737 2740 swenum - ok
22:46:12.0768 2740 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:46:12.0831 2740 swprv - ok
22:46:13.0002 2740 [ 52DC0048D667757A8A2E4C87182890AC ] SymDS C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
22:46:13.0049 2740 SymDS - ok
22:46:13.0111 2740 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
22:46:13.0158 2740 SymEFA - ok
22:46:13.0189 2740 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
22:46:13.0205 2740 SymEvent - ok
22:46:13.0299 2740 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
22:46:13.0314 2740 SymIRON - ok
22:46:13.0533 2740 [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
22:46:13.0548 2740 SymNetS - ok
22:46:13.0969 2740 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:46:14.0047 2740 SysMain - ok
22:46:14.0079 2740 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:46:14.0125 2740 TabletInputService - ok
22:46:14.0157 2740 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
22:46:14.0188 2740 tap0901t - ok
22:46:14.0235 2740 [ 83C57F165F0216E5CE40D7E4E00DC76D ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
22:46:14.0250 2740 taphss6 - ok
22:46:14.0266 2740 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:46:14.0328 2740 TapiSrv - ok
22:46:14.0375 2740 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:46:14.0391 2740 TBS - ok
22:46:14.0578 2740 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:46:14.0625 2740 Tcpip - ok
22:46:14.0640 2740 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:46:14.0671 2740 TCPIP6 - ok
22:46:14.0718 2740 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:46:14.0765 2740 tcpipreg - ok
22:46:14.0812 2740 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:46:14.0843 2740 TDPIPE - ok
22:46:14.0859 2740 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:46:14.0890 2740 TDTCP - ok
22:46:14.0921 2740 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:46:14.0952 2740 tdx - ok
22:46:15.0093 2740 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
22:46:15.0139 2740 TeamViewer8 - ok
22:46:15.0171 2740 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:46:15.0186 2740 TermDD - ok
22:46:15.0202 2740 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:46:15.0233 2740 TermService - ok
22:46:15.0264 2740 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:46:15.0295 2740 Themes - ok
22:46:15.0311 2740 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:46:15.0342 2740 THREADORDER - ok
22:46:15.0373 2740 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:46:15.0405 2740 TrkWks - ok
22:46:15.0436 2740 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:46:15.0483 2740 TrustedInstaller - ok
22:46:15.0514 2740 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:46:15.0561 2740 tssecsrv - ok
22:46:15.0592 2740 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:46:15.0607 2740 TsUsbFlt - ok
22:46:15.0639 2740 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:46:15.0670 2740 tunnel - ok
22:46:15.0748 2740 [ 0F744A57BFA0B92AA5A626CF7DD2A667 ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
22:46:15.0779 2740 TunngleService - ok
22:46:15.0795 2740 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:46:15.0826 2740 uagp35 - ok
22:46:15.0857 2740 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:46:15.0919 2740 udfs - ok
22:46:15.0935 2740 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:46:15.0966 2740 UI0Detect - ok
22:46:15.0982 2740 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:46:15.0997 2740 uliagpkx - ok
22:46:16.0013 2740 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:46:16.0029 2740 umbus - ok
22:46:16.0044 2740 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:46:16.0060 2740 UmPass - ok
22:46:16.0075 2740 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:46:16.0107 2740 upnphost - ok
22:46:16.0153 2740 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:46:16.0169 2740 USBAAPL64 - ok
22:46:16.0200 2740 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:46:16.0231 2740 usbaudio - ok
22:46:16.0247 2740 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:46:16.0278 2740 usbccgp - ok
22:46:16.0325 2740 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:46:16.0325 2740 usbcir - ok
22:46:16.0356 2740 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:46:16.0356 2740 usbehci - ok
22:46:16.0372 2740 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:46:16.0403 2740 usbhub - ok
22:46:16.0403 2740 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:46:16.0419 2740 usbohci - ok
22:46:16.0450 2740 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:46:16.0481 2740 usbprint - ok
22:46:16.0512 2740 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:46:16.0543 2740 usbscan - ok
22:46:16.0543 2740 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:46:16.0559 2740 USBSTOR - ok
22:46:16.0575 2740 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:46:16.0590 2740 usbuhci - ok
22:46:16.0606 2740 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:46:16.0653 2740 UxSms - ok
22:46:16.0668 2740 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:46:16.0684 2740 VaultSvc - ok
22:46:16.0699 2740 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:46:16.0699 2740 vdrvroot - ok
22:46:16.0746 2740 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:46:16.0793 2740 vds - ok
22:46:16.0824 2740 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:46:16.0871 2740 vga - ok
22:46:16.0887 2740 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:46:16.0949 2740 VgaSave - ok
22:46:16.0980 2740 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:46:16.0996 2740 vhdmp - ok
22:46:17.0027 2740 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:46:17.0043 2740 viaide - ok
22:46:17.0089 2740 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:46:17.0121 2740 volmgr - ok
22:46:17.0167 2740 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:46:17.0183 2740 volmgrx - ok
22:46:17.0214 2740 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:46:17.0230 2740 volsnap - ok
22:46:17.0261 2740 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:46:17.0261 2740 vsmraid - ok
22:46:17.0355 2740 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:46:17.0433 2740 VSS - ok
22:46:17.0448 2740 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:46:17.0464 2740 vwifibus - ok
22:46:17.0589 2740 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:46:17.0682 2740 W32Time - ok
22:46:17.0776 2740 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
22:46:17.0823 2740 W3SVC - ok
22:46:17.0838 2740 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:46:17.0885 2740 WacomPen - ok
22:46:17.0947 2740 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:46:17.0994 2740 WANARP - ok
22:46:17.0994 2740 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:46:18.0010 2740 Wanarpv6 - ok
22:46:18.0057 2740 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
22:46:18.0057 2740 WAS - ok
22:46:18.0166 2740 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:46:18.0197 2740 wbengine - ok
22:46:18.0228 2740 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:46:18.0244 2740 WbioSrvc - ok
22:46:18.0291 2740 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:46:18.0322 2740 wcncsvc - ok
22:46:18.0353 2740 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:46:18.0369 2740 WcsPlugInService - ok
22:46:18.0384 2740 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:46:18.0400 2740 Wd - ok
22:46:18.0447 2740 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:46:18.0478 2740 Wdf01000 - ok
22:46:18.0493 2740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:46:18.0493 2740 WdiServiceHost - ok
22:46:18.0509 2740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:46:18.0509 2740 WdiSystemHost - ok
22:46:18.0540 2740 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:46:18.0556 2740 WebClient - ok
22:46:18.0587 2740 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:46:18.0618 2740 Wecsvc - ok
22:46:18.0634 2740 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:46:18.0712 2740 wercplsupport - ok
22:46:18.0743 2740 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:46:18.0774 2740 WerSvc - ok
22:46:18.0790 2740 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:46:18.0821 2740 WfpLwf - ok
22:46:18.0837 2740 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:46:18.0852 2740 WIMMount - ok
22:46:18.0868 2740 WinDefend - ok
22:46:18.0868 2740 WinHttpAutoProxySvc - ok
22:46:18.0930 2740 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:46:18.0993 2740 Winmgmt - ok
22:46:19.0524 2740 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:46:19.0602 2740 WinRM - ok
22:46:19.0649 2740 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:46:19.0680 2740 WinUsb - ok
22:46:19.0711 2740 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:46:19.0742 2740 Wlansvc - ok
22:46:19.0774 2740 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:46:19.0789 2740 WmiAcpi - ok
22:46:19.0805 2740 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:46:19.0836 2740 wmiApSrv - ok
22:46:19.0867 2740 WMPNetworkSvc - ok
22:46:19.0898 2740 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:46:19.0914 2740 WPCSvc - ok
22:46:19.0945 2740 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:46:19.0961 2740 WPDBusEnum - ok
22:46:20.0008 2740 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:46:20.0070 2740 ws2ifsl - ok
22:46:20.0086 2740 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:46:20.0148 2740 wscsvc - ok
22:46:20.0148 2740 WSearch - ok
22:46:20.0522 2740 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:46:20.0569 2740 wuauserv - ok
22:46:20.0616 2740 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:46:20.0663 2740 WudfPf - ok
22:46:20.0678 2740 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:46:20.0710 2740 WUDFRd - ok
22:46:20.0725 2740 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:46:20.0741 2740 wudfsvc - ok
22:46:20.0772 2740 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:46:20.0803 2740 WwanSvc - ok
22:46:20.0834 2740 [ 754C8BF43F0DD4B54865F174A62761E9 ] XENfiltv C:\Windows\system32\drivers\XENfiltv.sys
22:46:20.0850 2740 XENfiltv - ok
22:46:20.0881 2740 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
22:46:20.0912 2740 xnacc - ok
22:46:20.0959 2740 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
22:46:20.0990 2740 xusb21 - ok
22:46:21.0006 2740 ================ Scan global ===============================
22:46:21.0037 2740 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:46:21.0068 2740 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:46:21.0084 2740 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:46:21.0100 2740 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:46:21.0115 2740 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:46:21.0115 2740 [Global] - ok
22:46:21.0115 2740 ================ Scan MBR ==================================
22:46:21.0115 2740 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
22:46:21.0474 2740 \Device\Harddisk0\DR0 - ok
22:46:21.0505 2740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:46:23.0299 2740 \Device\Harddisk1\DR1 - ok
22:46:23.0315 2740 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
22:46:23.0455 2740 \Device\Harddisk2\DR2 - ok
22:46:23.0455 2740 ================ Scan VBR ==================================
22:46:23.0455 2740 [ 23AEEB4CC6DA3588EB432D6702F938BB ] \Device\Harddisk0\DR0\Partition1
22:46:23.0455 2740 \Device\Harddisk0\DR0\Partition1 - ok
22:46:23.0455 2740 [ B55A973E833FBC657E9F7CAAB3A78214 ] \Device\Harddisk0\DR0\Partition2
22:46:23.0455 2740 \Device\Harddisk0\DR0\Partition2 - ok
22:46:23.0471 2740 [ CA3E504576BEAD9560E488BAF593CF11 ] \Device\Harddisk1\DR1\Partition1
22:46:23.0471 2740 \Device\Harddisk1\DR1\Partition1 - ok
22:46:23.0486 2740 [ B07E417C85F303EF79388915E5F543E7 ] \Device\Harddisk1\DR1\Partition2
22:46:23.0502 2740 \Device\Harddisk1\DR1\Partition2 - ok
22:46:23.0502 2740 [ F821B88FB3FF372DB6D6F9CBB5826287 ] \Device\Harddisk2\DR2\Partition1
22:46:23.0502 2740 \Device\Harddisk2\DR2\Partition1 - ok
22:46:23.0502 2740 ============================================================
22:46:23.0502 2740 Scan finished
22:46:23.0502 2740 ============================================================
22:46:23.0518 5680 Detected object count: 5
22:46:23.0518 5680 Actual detected object count: 5
22:46:57.0547 5680 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:57.0547 5680 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:46:57.0547 5680 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:57.0547 5680 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:46:57.0563 5680 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:57.0563 5680 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:46:57.0563 5680 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:57.0563 5680 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:46:57.0563 5680 mi-raysat_3dsmax2014_64 ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:57.0563 5680 mi-raysat_3dsmax2014_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:04.0335 6516 Deinitialize success
MBAR-Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
Database version: v2013.07.14.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Marius :: MARIUS-PC [administrator]
14.07.2013 22:52:50
mbar-log-2013-07-14 (22-52-50).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 300649
Time elapsed: 11 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
14.07.2013, 22:31
| #10 |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Schritt 1 Scan mit SystemLook Lade SystemLook_x64 von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. Download Mirror #1 - Download Mirror #2
Schritt 2 Scan mit Combofix
Bitte poste in deiner naechsten Antwort
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
15.07.2013, 21:22
| #11 |
| | PC plötzlich langsam, hängt, ohne ersichtlichen Grund SystemLook-Log: Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 07:02 on 15/07/2013 by Marius
Administrator - Elevation successful
========== dir ==========
C:\Users\Marius\Documents\desktop2 - Unable to find folder.
-= EOF =-
Code:
ATTFilter ComboFix 13-07-15.01 - Marius 15.07.2013 22:10:32.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8109.6166 [GMT 2:00]
ausgeführt von:: c:\users\Marius\Desktop\ComboFix.exe
AV: Norton Internet Security CBE *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security CBE *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security CBE *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\SysWow64\frapsvid.dll
E:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-15 bis 2013-07-15 ))))))))))))))))))))))))))))))
.
.
2013-07-15 20:17 . 2013-07-15 20:17 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2013-07-15 20:17 . 2013-07-15 20:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-14 20:52 . 2013-07-14 21:05 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-14 19:55 . 2013-07-14 19:55 -------- d-----w- C:\FRST
2013-07-14 18:15 . 2013-07-14 18:15 -------- d-----w- c:\programdata\Malwarebytes
2013-07-14 15:41 . 2013-07-14 15:41 -------- d-----w- C:\found.000
2013-07-10 10:38 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-10 10:38 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-10 10:38 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-10 10:38 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 10:38 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 10:38 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 10:38 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 10:38 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 10:38 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-10 10:38 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-10 10:38 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 10:37 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 10:37 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 10:37 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 10:37 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 10:37 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 10:37 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 10:37 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-10 10:37 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-08 08:13 . 2013-07-12 12:36 -------- d-----w- c:\program files (x86)\Cube World
2013-07-08 08:13 . 2013-07-08 08:13 -------- d-----w- c:\programdata\Picroma
2013-07-04 17:32 . 2013-07-15 19:40 -------- d-----r- c:\users\Marius\Dropbox
2013-07-04 17:28 . 2013-07-15 19:44 -------- d-----w- c:\users\Marius\AppData\Roaming\Dropbox
2013-07-03 20:38 . 2013-07-03 20:38 -------- d-----w- c:\users\Marius\AppData\Local\Futuremark
2013-07-03 20:38 . 2013-07-03 20:38 -------- d-----w- c:\users\Marius\AppData\Local\IsolatedStorage
2013-07-03 20:37 . 2013-07-03 20:37 -------- d-----w- c:\program files (x86)\Futuremark
2013-07-03 20:35 . 2013-07-03 20:35 -------- d-----w- c:\program files\Futuremark
2013-07-02 12:50 . 2013-07-02 12:50 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-15 19:37 . 2013-03-13 14:12 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-07-11 19:43 . 2012-12-06 16:31 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-11 19:43 . 2012-11-08 21:02 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-11 19:42 . 2012-11-08 21:02 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-10 21:09 . 2012-11-08 17:46 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 18:43 . 2012-11-08 16:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 18:43 . 2012-11-08 16:51 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 05:51 . 2013-06-12 11:25 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 11:25 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 11:25 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 11:25 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 11:25 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 11:25 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 11:25 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 11:25 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:25 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:25 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 11:26 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 11:26 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 11:26 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-02 00:06 . 2012-11-08 16:38 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-26 05:51 . 2013-06-12 11:26 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-12 11:26 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-04-25 23:30 . 2013-06-12 11:25 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-04-24 19:28 . 2013-04-24 19:28 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-04-24 19:18 . 2013-04-24 19:18 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-04-17 07:02 . 2013-06-12 11:26 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24 . 2013-06-12 11:26 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2010-06-24 11:22 . 2012-11-08 16:26 210202 ----a-w- c:\program files (x86)\fix_esc_photoshop.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}"= "c:\program files (x86)\Soda PDF 5\PDFIEPlugin.dll" [2013-01-29 654688]
.
[HKEY_CLASSES_ROOT\clsid\{f335aba2-fdb4-4644-92b2-5cc4b0fc91d6}]
[HKEY_CLASSES_ROOT\SodaPDF5_IEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{DC275339-6DF9-41FB-AFB8-03BC81FBD9E5}]
[HKEY_CLASSES_ROOT\SodaPDF5_IEPlugin.PDFIEConverter]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-06-04 3456080]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"Akamai NetSession Interface"="c:\users\Marius\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-07-10 1672616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
.
c:\users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marius\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-7-3 29337928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO;c:\windows\system32\Drivers\BUSB2902.sys;c:\windows\SYSNATIVE\Drivers\BUSB2902.sys [x]
R3 BUSB_AUDIO_WDM;BEHRINGER USB WDM AUDIO;c:\windows\system32\drivers\busbwdm.sys;c:\windows\SYSNATIVE\drivers\busbwdm.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S4 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-14 09:36 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 18:43]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-01 15:12]
.
2013-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-01 15:12]
.
2013-07-15 c:\windows\Tasks\WpsUpdateTask_Marius.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\Marius\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"MsmqIntCert"="mqrt.dll" [2010-11-20 247808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box;*.local;<local>
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube Download - c:\users\Marius\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Marius\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: Interfaces\{932E5FAF-DE2D-42C7-AA9B-1778AB14C050}: NameServer = 192.168.178.1,192.168.178.61
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-807425896-2730886537-3051887822-1000\Software\SecuROM\License information*]
"datasecu"=hex:90,5b,d0,60,37,88,69,c7,6c,5d,72,5f,47,db,fc,e5,62,b7,65,95,21,
c8,78,57,e2,32,9d,63,24,f3,f5,f2,fc,01,61,8e,d1,dc,dc,52,51,9c,82,6f,87,39,\
"rkeysecu"=hex:07,ae,a5,6c,c1,b3,3f,e9,b0,fa,6d,8f,65,20,6d,7d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-15 22:19:52
ComboFix-quarantined-files.txt 2013-07-15 20:19
.
Vor Suchlauf: 17 Verzeichnis(se), 35.907.817.472 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 35.583.578.112 Bytes frei
.
- - End Of File - - 8C127850C7F6B20BE1939D055F0E3537
72B8CE41AF0DE751C946802B3ED844B4
|
|
15.07.2013, 21:31
| #12 |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Mmmh, immer noch nichts Auffälliges: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte poste mir beide Logs und zusätzlich ein neues FRST-Log. Besteht die Problematik immernoch? / Ist eine Verbesserung zu erkennen?
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
15.07.2013, 21:47
| #13 |
| | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Ja, Verbesserungen sind schon zu merken! AdwCleaner-Log: Code:
ATTFilter # AdwCleaner v2.305 - Datei am 15/07/2013 um 22:35:29 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Marius - MARIUS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marius\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\foxydeal.sqlite
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Marius\AppData\Roaming\dvdvideosoftiehelpers
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\prefs.js
C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\7p3o0kvp.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.72
Datei : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1947 octets] - [15/07/2013 22:35:29]
########## EOF - C:\AdwCleaner[S1].txt - [2007 octets] ##########
JRT-Log: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 7 Home Premium x64
Ran by Marius on 15.07.2013 at 22:41:51,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
~~~ Files
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Marius\AppData\Roaming\mozilla\firefox\profiles\7p3o0kvp.default\minidumps [113 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2013 at 22:45:00,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
15.07.2013, 22:01
| #14 |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Ok, dann kontrollieren wir nochmal: Schritt 1 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Schritt 4 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste in deiner nächsten Antwort
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
18.07.2013, 10:49
| #15 |
| /// Malwareteam | PC plötzlich langsam, hängt, ohne ersichtlichen Grund Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist!
__________________ Keep Jazzing! DerJazzer Imperare sibi maximum imperium est. ©Seneca Wenn du uns unterstützen möchtest | http://www.anaesthesist-werden.de/ |
|
| Themen zu PC plötzlich langsam, hängt, ohne ersichtlichen Grund |
| angemeldet, angezeigt, daten, direkt, fehler, forum, hängt, itunes, langsam, leute, musik, norton, pc hängt, plötzlich, problem, ram, sekunden, spiele, system, theme, themen, tipps, woche, wochen, überhaupt |
WARNUNG an die MITLESER: 
Linear-Darstellung
