| |
| |||||||
Log-Analyse und Auswertung: Lange Wartezeit beim HochfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.02.2014, 23:16
| #1 |
 |  Lange Wartezeit beim Hochfahren Hallo, seit neustem benötigt mein Rechner sehr lange bis der Anmeldeschirm erreicht ist ( ca 1 - 2 Minuten ). Dann ist die Maus erst nach ca 1 Minute einsaztbereit. ( dieses war bis datao nicht so ). Es währe nett, wenn sich jemand mal die Logs anschauen würde um ein Softwareseitiges Problem zu erkennen. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014
Ran by Martin (administrator) on MARTIN-PC on 24-02-2014 22:57:32
Running from C:\Users\Internet\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-06-29] (CyberLink Corp.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-21] (Microsoft Corporation)
HKU\S-1-5-21-3965946322-2056396227-1143055120-1000\...\Run: [FileHippo.com] - "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
HKU\S-1-5-21-3965946322-2056396227-1143055120-1003\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default
FF Homepage: www.web.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-07-03]
FF Extension: NoSquint - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\nosquint@urandom.ca.xpi [2013-07-03]
FF Extension: NoScript - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-04-21]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-21]
==================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-05-13] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [257512 2013-02-25] (G Data Software)
==================== Drivers (Whitelisted) ====================
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-28] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [79704 2013-10-22] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [59736 2013-10-22] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-09-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-10-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-07] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-28] (G Data Software AG)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2013-10-22] (G Data Software)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-24 22:57 - 2014-02-24 22:57 - 00012541 _____ () C:\Users\Internet\Desktop\FRST.txt
2014-02-24 22:57 - 2014-02-24 22:57 - 00000000 ____D () C:\FRST
2014-02-24 22:56 - 2014-02-24 22:56 - 02156032 _____ (Farbar) C:\Users\Internet\Desktop\FRST64.exe
2014-02-15 11:22 - 2014-02-15 11:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-11 19:14 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 19:14 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-11 19:13 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 19:13 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 19:13 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-11 19:13 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 19:13 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-11 19:13 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-11 19:13 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 19:13 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-11 19:13 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-11 19:13 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-11 19:13 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-11 19:13 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-11 19:13 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-11 19:13 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-11 19:13 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-11 19:13 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-11 19:13 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 19:13 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-11 19:13 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-11 19:13 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-11 19:13 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 19:13 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-11 19:13 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-11 19:13 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-11 19:13 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-11 19:13 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-11 19:13 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-11 19:13 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-11 19:13 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-11 19:13 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 19:13 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 19:13 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-11 19:13 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-11 19:13 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-11 19:13 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 19:13 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-11 19:13 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-11 19:13 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-11 19:13 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-11 19:12 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-11 19:12 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-11 19:12 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-11 19:12 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 19:12 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 19:12 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-11 19:12 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 19:12 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-11 19:12 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 19:12 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-11 19:12 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-11 19:12 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 19:12 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 19:12 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-11 19:12 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-11 19:12 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-11 19:12 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-11 19:12 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-11 19:12 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-11 19:12 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-11 19:12 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-11 19:12 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-11 19:12 - 2013-11-27 00:29 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-11 19:12 - 2013-11-26 23:49 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-11 19:12 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-11 19:12 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-07 17:17 - 2014-02-07 17:17 - 00283120 _____ (Mozilla) C:\Users\Internet\Downloads\Firefox Setup Stub 27.0.exe
==================== One Month Modified Files and Folders =======
2014-02-24 22:57 - 2014-02-24 22:57 - 00012541 _____ () C:\Users\Internet\Desktop\FRST.txt
2014-02-24 22:57 - 2014-02-24 22:57 - 00000000 ____D () C:\FRST
2014-02-24 22:56 - 2014-02-24 22:56 - 02156032 _____ (Farbar) C:\Users\Internet\Desktop\FRST64.exe
2014-02-24 22:30 - 2013-04-21 10:39 - 00000388 _____ () C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2014-02-24 21:58 - 2013-12-02 08:56 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-24 21:58 - 2013-04-21 11:28 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-24 21:58 - 2013-04-21 11:28 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-24 21:58 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 21:58 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 21:54 - 2013-04-21 01:35 - 01395548 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 21:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 21:51 - 2009-07-14 05:51 - 00075467 _____ () C:\Windows\setupact.log
2014-02-24 21:47 - 2013-04-21 02:22 - 00000000 ____D () C:\Users\Martin
2014-02-24 21:44 - 2013-04-21 03:08 - 00000000 ____D () C:\Users\Internet
2014-02-24 21:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-16 11:01 - 2013-10-30 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 11:22 - 2014-02-15 11:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-11 19:21 - 2013-08-06 20:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-11 19:20 - 2013-04-21 10:43 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-11 19:15 - 2013-11-29 19:45 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-07 17:25 - 2013-04-21 17:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-07 17:25 - 2013-04-21 17:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-07 17:25 - 2013-04-21 02:47 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe
2014-02-07 17:20 - 2013-10-30 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-07 17:17 - 2014-02-07 17:17 - 00283120 _____ (Mozilla) C:\Users\Internet\Downloads\Firefox Setup Stub 27.0.exe
2014-02-06 13:16 - 2014-02-11 19:13 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-11 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-11 19:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-11 19:13 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-11 19:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-11 19:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-11 19:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-11 19:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-11 19:13 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-11 19:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-11 19:13 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-11 19:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-11 19:13 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-11 19:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-11 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-11 19:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-11 19:13 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-11 19:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-11 19:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 19:13 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-11 19:13 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-11 19:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 19:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-11 19:13 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-11 19:13 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-11 19:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-11 19:13 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-11 19:13 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-11 19:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-11 19:13 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-11 19:13 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-11 19:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 19:13 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 19:13 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-11 19:13 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-11 19:13 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-11 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-11 19:13 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-11 19:13 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-23 10:53
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2014
Ran by Martin at 2014-02-24 22:58:12
Running from C:\Users\Internet\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data TotalProtection 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data TotalProtection 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.5.7828 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.5.7828 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6629 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
G Data TotalProtection 2014 (HKLM-x32\...\{63DEADD1-C032-4F1F-AF76-26B166D6AC30}) (Version: 24.0.3.4 - G Data Software AG)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1713_26701 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.6005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6005 - Secunia)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Restore Points =========================
18-01-2014 17:06:36 Installed Java 7 Update 51
18-01-2014 17:16:19 Installed Java 7 Update 51 (64-bit)
18-01-2014 17:20:51 Wiederherstellungsvorgang
18-01-2014 17:34:08 Windows Update
18-01-2014 17:52:32 Removed Java 7 Update 45
18-01-2014 17:54:45 Installed Java 7 Update 51
30-01-2014 22:00:28 Geplanter Prüfpunkt
08-02-2014 15:35:06 Geplanter Prüfpunkt
11-02-2014 18:12:49 Windows Update
23-02-2014 10:00:45 Geplanter Prüfpunkt
24-02-2014 20:40:33 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {967FDA70-907C-4F58-9660-040B88F50B37} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CD701E36-DCB2-4907-BB33-B22828CDEC0B} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-06-24] (Acer)
Task: {F2179351-2679-47F7-AD13-DCF548D202EE} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2010-04-28] (Acer Incorporated)
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
==================== Loaded Modules (whitelisted) =============
2013-04-21 01:58 - 2010-05-13 06:23 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2013-08-14 09:31 - 2013-08-14 09:31 - 00335312 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2010-08-04 13:40 - 2010-08-04 13:40 - 00611872 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2010-08-04 10:47 - 2010-08-04 10:47 - 00144896 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/24/2014 10:01:30 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "H:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (02/24/2014 08:47:28 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "H:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (02/23/2014 10:54:18 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/22/2014 08:03:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/22/2014 08:03:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/21/2014 08:42:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PmmUpdate.exe, Version: 1.1.34.0, Zeitstempel: 0x4b97a6a2
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00039342
ID des fehlerhaften Prozesses: 0xc80
Startzeit der fehlerhaften Anwendung: 0xPmmUpdate.exe0
Pfad der fehlerhaften Anwendung: PmmUpdate.exe1
Pfad des fehlerhaften Moduls: PmmUpdate.exe2
Berichtskennung: PmmUpdate.exe3
Error: (02/17/2014 06:43:47 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "H:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (02/16/2014 00:04:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/16/2014 00:04:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/15/2014 04:08:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (02/24/2014 09:53:32 PM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
Error: (02/24/2014 09:52:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (02/24/2014 09:52:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (02/24/2014 09:44:33 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "G:" können nicht gelesen werden.
Error: (02/24/2014 09:38:08 PM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
Error: (02/24/2014 09:37:16 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (02/24/2014 09:37:16 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (02/24/2014 08:39:39 PM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}
Error: (02/24/2014 08:38:39 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (02/24/2014 08:38:39 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Microsoft Office Sessions:
=========================
Error: (02/24/2014 10:01:30 PM) (Source: Windows Backup)(User: )
Description: H:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (02/24/2014 08:47:28 PM) (Source: Windows Backup)(User: )
Description: H:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (02/23/2014 10:54:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (02/22/2014 08:03:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Internet\Desktop\ESETSmartInstaller.exe
Error: (02/22/2014 08:03:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Internet\Desktop\ESETSmartInstaller.exe
Error: (02/21/2014 08:42:27 PM) (Source: Application Error)(User: )
Description: PmmUpdate.exe1.1.34.04b97a6a2ole32.dll6.1.7601.175144ce7b96fc000000500039342c8001cf2f2776c26943C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exeC:\Windows\syswow64\ole32.dll4ad7afd9-9b30-11e3-aefe-f80f412d7612
Error: (02/17/2014 06:43:47 PM) (Source: Windows Backup)(User: )
Description: H:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (02/16/2014 00:04:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Internet\Desktop\ESETSmartInstaller.exe
Error: (02/16/2014 00:04:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Internet\Desktop\ESETSmartInstaller.exe
Error: (02/15/2014 04:08:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Internet\Desktop\ESETSmartInstaller.exe
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 4061.18 MB
Available physical RAM: 2616.16 MB
Total Pagefile: 8120.53 MB
Available Pagefile: 6286.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:224.04 GB) (Free:181.65 GB) NTFS
Drive d: (Data) (Fixed) (Total:224.04 GB) (Free:215.27 GB) NTFS
Drive e: (AVK_17Feb14) (CDROM) (Total:0.25 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9E8B7E1A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=224 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=224 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.24.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Martin :: MARTIN-PC [Administrator] 24.02.2014 21:53:49 mbam-log-2014-02-24 (21-53-49).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 357926 Laufzeit: 1 Stunde(n), 1 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)
__________________ Unsere Probleme sind von Menschen gemacht, darum können sie auch von Menschen gelöst werden. John F. Kennedy |
|
25.02.2014, 07:54
| #2 |
| /// the machine /// TB-Ausbilder    | Lange Wartezeit beim Hochfahren Hi,
__________________gibt es mehrere Benutzerkonten? Haben alle das Problem?
__________________ |
|
25.02.2014, 20:39
| #3 |
| | Lange Wartezeit beim Hochfahren Hallo Schrauber,
__________________das Problem besteht nur bis ich zur Auswahl komme, mit welchem Konto ich mich anmelden möchte. Also beim Hochfahren bis zum Anmeldebildschirm. Diese Zeitspanne ist deutlich verlängert. Auch das sich der Mauszeiger im Anmeldebildschirm bewegen lässt ( ca 1 Minute ). Wenn es dann geht, fährt der Rechner mit beiden Konten normal hoch. Hallo, in der Zwischenzeit habe ich noch einen Scan mit Emisoft gemacht. Es wurden 2 Sachen gefunden, welche ich nichtin die Qurantäne verschoben habe. Code:
ATTFilter Emsisoft Anti-Malware - Version 8.1
Letztes Update: 25.02.2014 19:09:38
Benutzerkonto: Martin-PC\Martin
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 25.02.2014 19:10:03
Value: HKEY_USERS\S-1-5-21-3965946322-2056396227-1143055120-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-3965946322-2056396227-1143055120-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS gefunden: Setting.DisableRegistryTools (A)
Gescannt 188675
Gefunden 2
Scan Ende: 25.02.2014 19:56:14
Scan Zeit: 0:46:11
__________________ |
|
26.02.2014, 14:43
| #4 |
| /// the machine /// TB-Ausbilder | Lange Wartezeit beim Hochfahren Die kannste beide löschen lassen. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.02.2014, 18:23
| #5 |
| | Lange Wartezeit beim Hochfahren Hallo Schrauber, hier die Log`s Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.26.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Martin :: MARTIN-PC [administrator]
26.02.2014 17:56:28
mbar-log-2014-02-26 (17-56-28).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 248895
Time elapsed: 10 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSS hat einen Fund: Code:
ATTFilter 18:16:33.0045 3748 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:16:35.0073 3748 ============================================================
18:16:35.0073 3748 Current date / time: 2014/02/26 18:16:35.0073
18:16:35.0073 3748 SystemInfo:
18:16:35.0073 3748
18:16:35.0073 3748 OS Version: 6.1.7601 ServicePack: 1.0
18:16:35.0073 3748 Product type: Workstation
18:16:35.0073 3748 ComputerName: MARTIN-PC
18:16:35.0073 3748 UserName: Martin
18:16:35.0073 3748 Windows directory: C:\Windows
18:16:35.0073 3748 System windows directory: C:\Windows
18:16:35.0073 3748 Running under WOW64
18:16:35.0073 3748 Processor architecture: Intel x64
18:16:35.0073 3748 Number of processors: 2
18:16:35.0073 3748 Page size: 0x1000
18:16:35.0073 3748 Boot type: Normal boot
18:16:35.0073 3748 ============================================================
18:16:35.0712 3748 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:16:36.0118 3748 ============================================================
18:16:36.0118 3748 \Device\Harddisk0\DR0:
18:16:36.0118 3748 MBR partitions:
18:16:36.0118 3748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2328800, BlocksNum 0x32000
18:16:36.0118 3748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x235A800, BlocksNum 0x1C015800
18:16:36.0118 3748 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E370000, BlocksNum 0x1C015830
18:16:36.0118 3748 ============================================================
18:16:36.0149 3748 C: <-> \Device\Harddisk0\DR0\Partition2
18:16:36.0180 3748 D: <-> \Device\Harddisk0\DR0\Partition3
18:16:36.0180 3748 ============================================================
18:16:36.0180 3748 Initialize success
18:16:36.0180 3748 ============================================================
18:17:03.0809 3608 ============================================================
18:17:03.0809 3608 Scan started
18:17:03.0809 3608 Mode: Manual; SigCheck; TDLFS;
18:17:03.0809 3608 ============================================================
18:17:04.0308 3608 ================ Scan system memory ========================
18:17:04.0308 3608 System memory - ok
18:17:04.0308 3608 ================ Scan services =============================
18:17:04.0495 3608 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:17:04.0901 3608 1394ohci - ok
18:17:05.0010 3608 [ 797E1068EE061C5DEE668F0DC6B3C601 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
18:17:05.0119 3608 a2acc - ok
18:17:05.0369 3608 [ 133E9D8945F8ADAA60101902DB7467B3 ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
18:17:05.0525 3608 a2AntiMalware - ok
18:17:05.0572 3608 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
18:17:05.0618 3608 A2DDA - ok
18:17:05.0650 3608 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:17:05.0712 3608 ACPI - ok
18:17:05.0759 3608 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:17:05.0868 3608 AcpiPmi - ok
18:17:05.0930 3608 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:17:05.0977 3608 adp94xx - ok
18:17:05.0993 3608 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:17:06.0055 3608 adpahci - ok
18:17:06.0055 3608 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:17:06.0102 3608 adpu320 - ok
18:17:06.0149 3608 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:17:06.0305 3608 AeLookupSvc - ok
18:17:06.0336 3608 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
18:17:06.0430 3608 AFD - ok
18:17:06.0476 3608 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:17:06.0523 3608 agp440 - ok
18:17:06.0554 3608 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:17:06.0601 3608 ALG - ok
18:17:06.0632 3608 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:17:06.0679 3608 aliide - ok
18:17:06.0695 3608 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:17:06.0742 3608 amdide - ok
18:17:06.0773 3608 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:17:06.0866 3608 AmdK8 - ok
18:17:06.0882 3608 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:17:06.0944 3608 AmdPPM - ok
18:17:06.0976 3608 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:17:07.0022 3608 amdsata - ok
18:17:07.0038 3608 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:17:07.0085 3608 amdsbs - ok
18:17:07.0116 3608 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:17:07.0163 3608 amdxata - ok
18:17:07.0225 3608 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:17:07.0350 3608 AppID - ok
18:17:07.0381 3608 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:17:07.0490 3608 AppIDSvc - ok
18:17:07.0522 3608 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
18:17:07.0600 3608 Appinfo - ok
18:17:07.0646 3608 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:17:07.0693 3608 arc - ok
18:17:07.0693 3608 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:17:07.0740 3608 arcsas - ok
18:17:08.0083 3608 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:17:08.0130 3608 aspnet_state - ok
18:17:08.0161 3608 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:17:08.0270 3608 AsyncMac - ok
18:17:08.0302 3608 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:17:08.0348 3608 atapi - ok
18:17:08.0395 3608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:17:08.0504 3608 AudioEndpointBuilder - ok
18:17:08.0520 3608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:17:08.0614 3608 AudioSrv - ok
18:17:08.0941 3608 [ D793B533BDF9FC05538C10CD16A17EF8 ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
18:17:09.0019 3608 AVKProxy - ok
18:17:09.0097 3608 [ ACC74C59DB93E9936ADB92A4B67ABD35 ] AVKService C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
18:17:09.0160 3608 AVKService - ok
18:17:09.0238 3608 [ 9A8CF91B325979752FDB9F5C476EA3F5 ] AVKWCtl C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
18:17:09.0347 3608 AVKWCtl - ok
18:17:09.0378 3608 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:17:09.0487 3608 AxInstSV - ok
18:17:09.0534 3608 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:17:09.0628 3608 b06bdrv - ok
18:17:09.0659 3608 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:17:09.0737 3608 b57nd60a - ok
18:17:09.0768 3608 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:17:09.0862 3608 BDESVC - ok
18:17:09.0877 3608 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:17:09.0955 3608 Beep - ok
18:17:10.0018 3608 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:17:10.0111 3608 BFE - ok
18:17:10.0142 3608 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:17:10.0252 3608 BITS - ok
18:17:10.0298 3608 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:17:10.0361 3608 blbdrive - ok
18:17:10.0392 3608 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:17:10.0454 3608 bowser - ok
18:17:10.0486 3608 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:17:10.0595 3608 BrFiltLo - ok
18:17:10.0595 3608 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:17:10.0673 3608 BrFiltUp - ok
18:17:10.0720 3608 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:17:10.0829 3608 Browser - ok
18:17:10.0844 3608 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:17:10.0938 3608 Brserid - ok
18:17:10.0954 3608 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:17:11.0016 3608 BrSerWdm - ok
18:17:11.0047 3608 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:17:11.0125 3608 BrUsbMdm - ok
18:17:11.0141 3608 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:17:11.0203 3608 BrUsbSer - ok
18:17:11.0234 3608 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:17:11.0297 3608 BTHMODEM - ok
18:17:11.0344 3608 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:17:11.0437 3608 bthserv - ok
18:17:11.0484 3608 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:17:11.0578 3608 cdfs - ok
18:17:11.0624 3608 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:17:11.0687 3608 cdrom - ok
18:17:11.0734 3608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:17:11.0827 3608 CertPropSvc - ok
18:17:11.0858 3608 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:17:11.0936 3608 circlass - ok
18:17:11.0968 3608 [ B794DCF38C965FA2F93C45A7C3D582C5 ] cleanhlp C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
18:17:12.0030 3608 cleanhlp - ok
18:17:12.0061 3608 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:17:12.0124 3608 CLFS - ok
18:17:12.0233 3608 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:17:12.0280 3608 clr_optimization_v2.0.50727_32 - ok
18:17:12.0311 3608 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:17:12.0358 3608 clr_optimization_v2.0.50727_64 - ok
18:17:12.0436 3608 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:17:12.0498 3608 clr_optimization_v4.0.30319_32 - ok
18:17:12.0514 3608 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:17:12.0576 3608 clr_optimization_v4.0.30319_64 - ok
18:17:12.0607 3608 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:17:12.0670 3608 CmBatt - ok
18:17:12.0701 3608 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:17:12.0748 3608 cmdide - ok
18:17:12.0763 3608 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
18:17:12.0857 3608 CNG - ok
18:17:12.0872 3608 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:17:12.0919 3608 Compbatt - ok
18:17:12.0950 3608 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:17:13.0013 3608 CompositeBus - ok
18:17:13.0044 3608 COMSysApp - ok
18:17:13.0060 3608 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:17:13.0106 3608 crcdisk - ok
18:17:13.0138 3608 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:17:13.0231 3608 CryptSvc - ok
18:17:13.0278 3608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:17:13.0387 3608 DcomLaunch - ok
18:17:13.0418 3608 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:17:13.0528 3608 defragsvc - ok
18:17:13.0559 3608 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:17:13.0652 3608 DfsC - ok
18:17:13.0699 3608 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:17:13.0777 3608 Dhcp - ok
18:17:13.0808 3608 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:17:13.0886 3608 discache - ok
18:17:13.0933 3608 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:17:13.0980 3608 Disk - ok
18:17:14.0011 3608 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:17:14.0089 3608 Dnscache - ok
18:17:14.0136 3608 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:17:14.0230 3608 dot3svc - ok
18:17:14.0261 3608 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:17:14.0354 3608 DPS - ok
18:17:14.0401 3608 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:17:14.0464 3608 drmkaud - ok
18:17:14.0510 3608 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:17:14.0573 3608 DXGKrnl - ok
18:17:14.0620 3608 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
18:17:14.0682 3608 e1yexpress - ok
18:17:14.0729 3608 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:17:14.0838 3608 EapHost - ok
18:17:15.0025 3608 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:17:15.0212 3608 ebdrv - ok
18:17:15.0244 3608 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
18:17:15.0322 3608 EFS - ok
18:17:15.0368 3608 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:17:15.0462 3608 ehRecvr - ok
18:17:15.0493 3608 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:17:15.0571 3608 ehSched - ok
18:17:15.0602 3608 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:17:15.0665 3608 elxstor - ok
18:17:15.0696 3608 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:17:15.0758 3608 ErrDev - ok
18:17:15.0821 3608 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:17:15.0914 3608 EventSystem - ok
18:17:15.0961 3608 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:17:16.0039 3608 exfat - ok
18:17:16.0102 3608 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:17:16.0195 3608 fastfat - ok
18:17:16.0242 3608 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:17:16.0336 3608 Fax - ok
18:17:16.0351 3608 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:17:16.0429 3608 fdc - ok
18:17:16.0445 3608 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:17:16.0554 3608 fdPHost - ok
18:17:16.0570 3608 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:17:16.0663 3608 FDResPub - ok
18:17:16.0694 3608 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:17:16.0741 3608 FileInfo - ok
18:17:16.0757 3608 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:17:16.0850 3608 Filetrace - ok
18:17:16.0866 3608 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:17:16.0928 3608 flpydisk - ok
18:17:16.0975 3608 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:17:17.0022 3608 FltMgr - ok
18:17:17.0116 3608 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:17:17.0225 3608 FontCache - ok
18:17:17.0256 3608 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:17:17.0303 3608 FontCache3.0.0.0 - ok
18:17:17.0334 3608 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:17:17.0381 3608 FsDepends - ok
18:17:17.0412 3608 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:17:17.0459 3608 Fs_Rec - ok
18:17:17.0490 3608 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:17:17.0537 3608 fvevol - ok
18:17:17.0568 3608 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:17:17.0615 3608 gagp30kx - ok
18:17:17.0693 3608 [ AE214EC12D54D455E7CFAE686C451B66 ] GDBackupSvc C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
18:17:17.0771 3608 GDBackupSvc - ok
18:17:17.0802 3608 [ 04E86E408C505EA00C45777347905616 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
18:17:17.0849 3608 GDBehave - ok
18:17:17.0880 3608 [ 468C7CF02FDC148F6B7A0F7B9CFDFA52 ] gddcd C:\Windows\system32\drivers\gddcd64.sys
18:17:17.0927 3608 gddcd - ok
18:17:17.0942 3608 [ D1A43593FA26A0F950B9CDD5DB9EA44D ] gddcv C:\Windows\system32\drivers\gddcv64.sys
18:17:17.0989 3608 gddcv - ok
18:17:18.0052 3608 [ 536796A4D5DFA2BCED71F7C2CC907DF6 ] GDFwSvc C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
18:17:18.0176 3608 GDFwSvc - ok
18:17:18.0192 3608 [ 318BA73C601AACAC3036124B6BBFBE2E ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
18:17:18.0239 3608 GDMnIcpt - ok
18:17:18.0270 3608 [ 7CA2CB5F8190F7E4123AED0C7E50AF24 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
18:17:18.0317 3608 GDPkIcpt - ok
18:17:18.0348 3608 [ 9EEB5020DD885D81C64F763EADC02923 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
18:17:18.0410 3608 GDScan - ok
18:17:18.0457 3608 [ C32EF90495334F14EA53909AE1798A3E ] GDTunerSvc C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
18:17:18.0551 3608 GDTunerSvc - ok
18:17:18.0582 3608 [ 3029AA9AA2A3CD7C7B35B9F7D1933FDB ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
18:17:18.0629 3608 gdwfpcd - ok
18:17:18.0660 3608 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:17:18.0769 3608 gpsvc - ok
18:17:18.0816 3608 [ 380B83300E019065C3B5FA47136F8356 ] GRD C:\Windows\system32\drivers\GRD.sys
18:17:18.0863 3608 GRD - ok
18:17:18.0910 3608 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:17:18.0956 3608 GREGService - ok
18:17:18.0972 3608 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:17:19.0050 3608 hcw85cir - ok
18:17:19.0081 3608 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:17:19.0144 3608 HdAudAddService - ok
18:17:19.0190 3608 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:17:19.0253 3608 HDAudBus - ok
18:17:19.0284 3608 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:17:19.0346 3608 HidBatt - ok
18:17:19.0378 3608 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:17:19.0440 3608 HidBth - ok
18:17:19.0471 3608 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:17:19.0534 3608 HidIr - ok
18:17:19.0580 3608 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:17:19.0674 3608 hidserv - ok
18:17:19.0721 3608 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:17:19.0783 3608 HidUsb - ok
18:17:19.0830 3608 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:17:19.0924 3608 hkmsvc - ok
18:17:19.0955 3608 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:17:20.0033 3608 HomeGroupListener - ok
18:17:20.0064 3608 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:17:20.0158 3608 HomeGroupProvider - ok
18:17:20.0189 3608 [ 29F589B1543DD7AB2086C95B152B0C3D ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
18:17:20.0236 3608 HookCentre - ok
18:17:20.0267 3608 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:17:20.0314 3608 HpSAMD - ok
18:17:20.0360 3608 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:17:20.0470 3608 HTTP - ok
18:17:20.0501 3608 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:17:20.0548 3608 hwpolicy - ok
18:17:20.0579 3608 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:17:20.0626 3608 i8042prt - ok
18:17:20.0704 3608 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:17:20.0750 3608 IAANTMON - ok
18:17:20.0782 3608 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:17:20.0828 3608 iaStor - ok
18:17:20.0875 3608 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:17:20.0938 3608 iaStorV - ok
18:17:21.0078 3608 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:17:21.0187 3608 idsvc - ok
18:17:21.0218 3608 IEEtwCollectorService - ok
18:17:21.0780 3608 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:17:22.0154 3608 igfx - ok
18:17:22.0201 3608 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:17:22.0248 3608 iirsp - ok
18:17:22.0310 3608 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
18:17:22.0373 3608 IKEEXT - ok
18:17:22.0466 3608 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:17:22.0576 3608 IntcAzAudAddService - ok
18:17:22.0607 3608 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:17:22.0685 3608 IntcHdmiAddService - ok
18:17:22.0716 3608 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:17:22.0763 3608 intelide - ok
18:17:22.0794 3608 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:17:22.0856 3608 intelppm - ok
18:17:22.0888 3608 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:17:22.0997 3608 IPBusEnum - ok
18:17:23.0028 3608 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:17:23.0137 3608 IpFilterDriver - ok
18:17:23.0184 3608 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:17:23.0246 3608 iphlpsvc - ok
18:17:23.0278 3608 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:17:23.0356 3608 IPMIDRV - ok
18:17:23.0371 3608 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:17:23.0465 3608 IPNAT - ok
18:17:23.0496 3608 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:17:23.0605 3608 IRENUM - ok
18:17:23.0636 3608 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:17:23.0683 3608 isapnp - ok
18:17:23.0699 3608 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:17:23.0761 3608 iScsiPrt - ok
18:17:23.0777 3608 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:17:23.0839 3608 kbdclass - ok
18:17:23.0855 3608 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:17:23.0917 3608 kbdhid - ok
18:17:23.0948 3608 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
18:17:23.0995 3608 KeyIso - ok
18:17:24.0026 3608 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:17:24.0089 3608 KSecDD - ok
18:17:24.0104 3608 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:17:24.0151 3608 KSecPkg - ok
18:17:24.0198 3608 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:17:24.0292 3608 ksthunk - ok
18:17:24.0323 3608 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:17:24.0463 3608 KtmRm - ok
18:17:24.0510 3608 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:17:24.0604 3608 LanmanServer - ok
18:17:24.0635 3608 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:17:24.0728 3608 LanmanWorkstation - ok
18:17:24.0791 3608 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:17:24.0884 3608 lltdio - ok
18:17:24.0947 3608 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:17:25.0072 3608 lltdsvc - ok
18:17:25.0087 3608 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:17:25.0181 3608 lmhosts - ok
18:17:25.0212 3608 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:17:25.0259 3608 LSI_FC - ok
18:17:25.0274 3608 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:17:25.0337 3608 LSI_SAS - ok
18:17:25.0352 3608 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:17:25.0399 3608 LSI_SAS2 - ok
18:17:25.0415 3608 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:17:25.0462 3608 LSI_SCSI - ok
18:17:25.0493 3608 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:17:25.0602 3608 luafv - ok
18:17:25.0633 3608 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:17:25.0711 3608 Mcx2Svc - ok
18:17:25.0727 3608 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:17:25.0774 3608 megasas - ok
18:17:25.0789 3608 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:17:25.0836 3608 MegaSR - ok
18:17:25.0883 3608 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:17:25.0976 3608 MMCSS - ok
18:17:25.0992 3608 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:17:26.0070 3608 Modem - ok
18:17:26.0117 3608 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:17:26.0179 3608 monitor - ok
18:17:26.0226 3608 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:17:26.0273 3608 mouclass - ok
18:17:26.0304 3608 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:17:26.0351 3608 mouhid - ok
18:17:26.0398 3608 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:17:26.0444 3608 mountmgr - ok
18:17:26.0507 3608 [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:17:26.0554 3608 MozillaMaintenance - ok
18:17:26.0585 3608 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:17:26.0632 3608 mpio - ok
18:17:26.0647 3608 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:17:26.0725 3608 mpsdrv - ok
18:17:26.0772 3608 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:17:26.0881 3608 MpsSvc - ok
18:17:26.0912 3608 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:17:26.0975 3608 MRxDAV - ok
18:17:27.0022 3608 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:17:27.0100 3608 mrxsmb - ok
18:17:27.0115 3608 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:17:27.0193 3608 mrxsmb10 - ok
18:17:27.0224 3608 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:17:27.0271 3608 mrxsmb20 - ok
18:17:27.0287 3608 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:17:27.0334 3608 msahci - ok
18:17:27.0365 3608 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:17:27.0427 3608 msdsm - ok
18:17:27.0443 3608 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:17:27.0505 3608 MSDTC - ok
18:17:27.0552 3608 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:17:27.0646 3608 Msfs - ok
18:17:27.0661 3608 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:17:27.0755 3608 mshidkmdf - ok
18:17:27.0802 3608 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:17:27.0848 3608 msisadrv - ok
18:17:27.0895 3608 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:17:27.0989 3608 MSiSCSI - ok
18:17:28.0004 3608 msiserver - ok
18:17:28.0036 3608 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:17:28.0145 3608 MSKSSRV - ok
18:17:28.0176 3608 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:17:28.0270 3608 MSPCLOCK - ok
18:17:28.0285 3608 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:17:28.0379 3608 MSPQM - ok
18:17:28.0410 3608 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:17:28.0457 3608 MsRPC - ok
18:17:28.0519 3608 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:17:28.0566 3608 mssmbios - ok
18:17:28.0597 3608 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:17:28.0691 3608 MSTEE - ok
18:17:28.0722 3608 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:17:28.0800 3608 MTConfig - ok
18:17:28.0831 3608 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:17:28.0878 3608 Mup - ok
18:17:28.0925 3608 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:17:28.0972 3608 mwlPSDFilter - ok
18:17:28.0987 3608 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:17:29.0034 3608 mwlPSDNServ - ok
18:17:29.0050 3608 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:17:29.0096 3608 mwlPSDVDisk - ok
18:17:29.0159 3608 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
18:17:29.0206 3608 MWLService - ok
18:17:29.0237 3608 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:17:29.0330 3608 napagent - ok
18:17:29.0393 3608 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:17:29.0471 3608 NativeWifiP - ok
18:17:29.0564 3608 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:17:29.0627 3608 NDIS - ok
18:17:29.0658 3608 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:17:29.0752 3608 NdisCap - ok
18:17:29.0783 3608 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:17:29.0876 3608 NdisTapi - ok
18:17:29.0923 3608 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:17:30.0017 3608 Ndisuio - ok
18:17:30.0110 3608 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:17:30.0220 3608 NdisWan - ok
18:17:30.0251 3608 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:17:30.0344 3608 NDProxy - ok
18:17:30.0391 3608 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:17:30.0485 3608 NetBIOS - ok
18:17:30.0532 3608 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:17:30.0625 3608 NetBT - ok
18:17:30.0641 3608 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
18:17:30.0703 3608 Netlogon - ok
18:17:30.0766 3608 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:17:30.0859 3608 Netman - ok
18:17:30.0906 3608 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:30.0968 3608 NetMsmqActivator - ok
18:17:30.0968 3608 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:31.0031 3608 NetPipeActivator - ok
18:17:31.0046 3608 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:17:31.0156 3608 netprofm - ok
18:17:31.0171 3608 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:31.0234 3608 NetTcpActivator - ok
18:17:31.0234 3608 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:17:31.0296 3608 NetTcpPortSharing - ok
18:17:31.0343 3608 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:17:31.0390 3608 nfrd960 - ok
18:17:31.0436 3608 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:17:31.0514 3608 NlaSvc - ok
18:17:31.0530 3608 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:17:31.0608 3608 Npfs - ok
18:17:31.0639 3608 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:17:31.0733 3608 nsi - ok
18:17:31.0764 3608 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:17:31.0858 3608 nsiproxy - ok
18:17:31.0982 3608 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:17:32.0076 3608 Ntfs - ok
18:17:32.0107 3608 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:17:32.0201 3608 Null - ok
18:17:32.0248 3608 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:17:32.0294 3608 nvraid - ok
18:17:32.0326 3608 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:17:32.0372 3608 nvstor - ok
18:17:32.0404 3608 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:17:32.0450 3608 nv_agp - ok
18:17:32.0482 3608 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:17:32.0544 3608 ohci1394 - ok
18:17:32.0606 3608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:17:32.0716 3608 p2pimsvc - ok
18:17:32.0731 3608 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:17:32.0794 3608 p2psvc - ok
18:17:32.0825 3608 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:17:32.0872 3608 Parport - ok
18:17:32.0903 3608 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:17:32.0965 3608 partmgr - ok
18:17:32.0981 3608 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:17:33.0043 3608 PcaSvc - ok
18:17:33.0090 3608 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:17:33.0137 3608 pci - ok
18:17:33.0168 3608 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:17:33.0215 3608 pciide - ok
18:17:33.0262 3608 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:17:33.0308 3608 pcmcia - ok
18:17:33.0324 3608 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:17:33.0371 3608 pcw - ok
18:17:33.0402 3608 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:17:33.0511 3608 PEAUTH - ok
18:17:33.0745 3608 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:17:33.0808 3608 PerfHost - ok
18:17:34.0042 3608 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:17:34.0182 3608 pla - ok
18:17:34.0229 3608 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:17:34.0322 3608 PlugPlay - ok
18:17:34.0354 3608 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:17:34.0416 3608 PNRPAutoReg - ok
18:17:34.0463 3608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:17:34.0510 3608 PNRPsvc - ok
18:17:34.0588 3608 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:17:34.0697 3608 PolicyAgent - ok
18:17:34.0744 3608 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:17:34.0853 3608 Power - ok
18:17:34.0900 3608 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:17:34.0993 3608 PptpMiniport - ok
18:17:35.0024 3608 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:17:35.0102 3608 Processor - ok
18:17:35.0165 3608 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:17:35.0227 3608 ProfSvc - ok
18:17:35.0243 3608 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
18:17:35.0290 3608 ProtectedStorage - ok
18:17:35.0352 3608 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:17:35.0446 3608 Psched - ok
18:17:35.0508 3608 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
18:17:35.0539 3608 PSI - ok
18:17:35.0602 3608 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:17:35.0711 3608 ql2300 - ok
18:17:35.0726 3608 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:17:35.0789 3608 ql40xx - ok
18:17:35.0820 3608 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:17:35.0882 3608 QWAVE - ok
18:17:35.0914 3608 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:17:35.0976 3608 QWAVEdrv - ok
18:17:35.0992 3608 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:17:36.0085 3608 RasAcd - ok
18:17:36.0132 3608 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:17:36.0226 3608 RasAgileVpn - ok
18:17:36.0257 3608 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:17:36.0335 3608 RasAuto - ok
18:17:36.0366 3608 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:17:36.0475 3608 Rasl2tp - ok
18:17:36.0569 3608 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:17:36.0678 3608 RasMan - ok
18:17:36.0725 3608 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:17:36.0818 3608 RasPppoe - ok
18:17:36.0850 3608 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:17:36.0943 3608 RasSstp - ok
18:17:37.0006 3608 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:17:37.0115 3608 rdbss - ok
18:17:37.0146 3608 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:17:37.0208 3608 rdpbus - ok
18:17:37.0240 3608 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:17:37.0333 3608 RDPCDD - ok
18:17:37.0364 3608 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:17:37.0458 3608 RDPENCDD - ok
18:17:37.0489 3608 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:17:37.0598 3608 RDPREFMP - ok
18:17:37.0645 3608 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:17:37.0723 3608 RdpVideoMiniport - ok
18:17:37.0770 3608 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:17:37.0848 3608 RDPWD - ok
18:17:37.0910 3608 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:17:37.0957 3608 rdyboost - ok
18:17:37.0973 3608 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:17:38.0082 3608 RemoteAccess - ok
18:17:38.0129 3608 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:17:38.0254 3608 RemoteRegistry - ok
18:17:38.0300 3608 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
18:17:38.0332 3608 RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:17:38.0332 3608 RichVideo - detected UnsignedFile.Multi.Generic (1)
18:17:38.0378 3608 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:17:38.0456 3608 RpcEptMapper - ok
18:17:38.0472 3608 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:17:38.0550 3608 RpcLocator - ok
18:17:38.0597 3608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:17:38.0675 3608 RpcSs - ok
18:17:38.0737 3608 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:17:38.0831 3608 rspndr - ok
18:17:38.0862 3608 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
18:17:38.0909 3608 SamSs - ok
18:17:38.0940 3608 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:17:39.0002 3608 sbp2port - ok
18:17:39.0034 3608 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:17:39.0143 3608 SCardSvr - ok
18:17:39.0174 3608 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:17:39.0283 3608 scfilter - ok
18:17:39.0361 3608 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:17:39.0455 3608 Schedule - ok
18:17:39.0502 3608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:17:39.0580 3608 SCPolicySvc - ok
18:17:39.0626 3608 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:17:39.0689 3608 SDRSVC - ok
18:17:39.0720 3608 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:17:39.0814 3608 secdrv - ok
18:17:39.0860 3608 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:17:39.0938 3608 seclogon - ok
18:17:40.0032 3608 [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:17:40.0094 3608 Secunia PSI Agent - ok
18:17:40.0157 3608 [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:17:40.0219 3608 Secunia Update Agent - ok
18:17:40.0250 3608 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:17:40.0328 3608 SENS - ok
18:17:40.0360 3608 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:17:40.0438 3608 SensrSvc - ok
18:17:40.0469 3608 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:17:40.0547 3608 Serenum - ok
18:17:40.0594 3608 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:17:40.0640 3608 Serial - ok
18:17:40.0672 3608 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:17:40.0734 3608 sermouse - ok
18:17:40.0812 3608 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:17:40.0921 3608 SessionEnv - ok
18:17:40.0952 3608 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:17:41.0030 3608 sffdisk - ok
18:17:41.0062 3608 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:17:41.0124 3608 sffp_mmc - ok
18:17:41.0140 3608 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:17:41.0218 3608 sffp_sd - ok
18:17:41.0264 3608 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:17:41.0327 3608 sfloppy - ok
18:17:41.0374 3608 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:17:41.0467 3608 SharedAccess - ok
18:17:41.0498 3608 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:17:41.0608 3608 ShellHWDetection - ok
18:17:41.0639 3608 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:17:41.0701 3608 SiSRaid2 - ok
18:17:41.0748 3608 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:17:41.0795 3608 SiSRaid4 - ok
18:17:41.0826 3608 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:17:41.0920 3608 Smb - ok
18:17:41.0982 3608 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:17:42.0060 3608 SNMPTRAP - ok
18:17:42.0076 3608 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:17:42.0122 3608 spldr - ok
18:17:42.0200 3608 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:17:42.0294 3608 Spooler - ok
18:17:42.0544 3608 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:17:42.0715 3608 sppsvc - ok
18:17:42.0778 3608 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:17:42.0871 3608 sppuinotify - ok
18:17:42.0949 3608 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:17:43.0043 3608 srv - ok
18:17:43.0090 3608 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:17:43.0152 3608 srv2 - ok
18:17:43.0183 3608 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:17:43.0261 3608 srvnet - ok
18:17:43.0308 3608 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:17:43.0417 3608 SSDPSRV - ok
18:17:43.0448 3608 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:17:43.0526 3608 SstpSvc - ok
18:17:43.0558 3608 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:17:43.0604 3608 stexstor - ok
18:17:43.0682 3608 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:17:43.0792 3608 stisvc - ok
18:17:43.0823 3608 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:17:43.0870 3608 swenum - ok
18:17:43.0916 3608 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:17:44.0026 3608 swprv - ok
18:17:44.0244 3608 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:17:44.0369 3608 SysMain - ok
18:17:44.0416 3608 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:17:44.0478 3608 TabletInputService - ok
18:17:44.0540 3608 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:17:44.0665 3608 TapiSrv - ok
18:17:44.0696 3608 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:17:44.0790 3608 TBS - ok
18:17:44.0868 3608 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:17:44.0993 3608 Tcpip - ok
18:17:45.0055 3608 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:17:45.0133 3608 TCPIP6 - ok
18:17:45.0180 3608 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:17:45.0242 3608 tcpipreg - ok
18:17:45.0305 3608 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:17:45.0383 3608 TDPIPE - ok
18:17:45.0445 3608 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:17:45.0508 3608 TDTCP - ok
18:17:45.0570 3608 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:17:45.0664 3608 tdx - ok
18:17:45.0710 3608 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:17:45.0757 3608 TermDD - ok
18:17:45.0804 3608 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:17:45.0913 3608 TermService - ok
18:17:45.0960 3608 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:17:46.0022 3608 Themes - ok
18:17:46.0069 3608 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:17:46.0147 3608 THREADORDER - ok
18:17:46.0194 3608 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:17:46.0288 3608 TrkWks - ok
18:17:46.0366 3608 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:17:46.0459 3608 TrustedInstaller - ok
18:17:46.0506 3608 [ 59BD43714E1034A913F019413905D387 ] TS4NT C:\Windows\system32\Drivers\TS4nt.sys
18:17:46.0553 3608 TS4NT - ok
18:17:46.0615 3608 [ DAC791D10D1BBB3E85628E64C0A6F76B ] TSNxGService C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
18:17:46.0662 3608 TSNxGService - ok
18:17:46.0693 3608 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:17:46.0787 3608 tssecsrv - ok
18:17:46.0834 3608 [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:17:46.0912 3608 TsUsbFlt - ok
18:17:46.0974 3608 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:17:47.0052 3608 tunnel - ok
18:17:47.0099 3608 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:17:47.0146 3608 uagp35 - ok
18:17:47.0192 3608 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:17:47.0302 3608 udfs - ok
18:17:47.0380 3608 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:17:47.0442 3608 UI0Detect - ok
18:17:47.0489 3608 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:17:47.0551 3608 uliagpkx - ok
18:17:47.0582 3608 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:17:47.0660 3608 umbus - ok
18:17:47.0707 3608 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:17:47.0785 3608 UmPass - ok
18:17:47.0910 3608 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:17:47.0957 3608 Updater Service - ok
18:17:48.0019 3608 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:17:48.0128 3608 upnphost - ok
18:17:48.0191 3608 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
18:17:48.0284 3608 usbccgp - ok
18:17:48.0331 3608 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:17:48.0409 3608 usbcir - ok
18:17:48.0440 3608 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:17:48.0503 3608 usbehci - ok
18:17:48.0534 3608 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:17:48.0612 3608 usbhub - ok
18:17:48.0643 3608 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:17:48.0706 3608 usbohci - ok
18:17:48.0752 3608 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:17:48.0830 3608 usbprint - ok
18:17:48.0862 3608 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:17:48.0940 3608 usbscan - ok
18:17:48.0971 3608 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:17:49.0064 3608 USBSTOR - ok
18:17:49.0096 3608 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:17:49.0142 3608 usbuhci - ok
18:17:49.0174 3608 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:17:49.0267 3608 UxSms - ok
18:17:49.0298 3608 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
18:17:49.0345 3608 VaultSvc - ok
18:17:49.0392 3608 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:17:49.0454 3608 vdrvroot - ok
18:17:49.0486 3608 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:17:49.0595 3608 vds - ok
18:17:49.0642 3608 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:17:49.0704 3608 vga - ok
18:17:49.0720 3608 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:17:49.0829 3608 VgaSave - ok
18:17:49.0860 3608 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:17:49.0907 3608 vhdmp - ok
18:17:49.0938 3608 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:17:49.0985 3608 viaide - ok
18:17:50.0016 3608 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:17:50.0078 3608 volmgr - ok
18:17:50.0141 3608 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:17:50.0219 3608 volmgrx - ok
18:17:50.0281 3608 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:17:50.0344 3608 volsnap - ok
18:17:50.0390 3608 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:17:50.0437 3608 vsmraid - ok
18:17:50.0578 3608 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:17:50.0718 3608 VSS - ok
18:17:50.0749 3608 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:17:50.0812 3608 vwifibus - ok
18:17:50.0843 3608 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:17:50.0936 3608 W32Time - ok
18:17:50.0983 3608 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:17:51.0030 3608 WacomPen - ok
18:17:51.0092 3608 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:17:51.0186 3608 WANARP - ok
18:17:51.0217 3608 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:17:51.0295 3608 Wanarpv6 - ok
18:17:51.0451 3608 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:17:51.0576 3608 wbengine - ok
18:17:51.0623 3608 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:17:51.0701 3608 WbioSrvc - ok
18:17:51.0763 3608 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:17:51.0826 3608 wcncsvc - ok
18:17:51.0872 3608 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:17:51.0966 3608 WcsPlugInService - ok
18:17:51.0997 3608 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:17:52.0044 3608 Wd - ok
18:17:52.0122 3608 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:17:52.0184 3608 Wdf01000 - ok
18:17:52.0216 3608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:17:52.0356 3608 WdiServiceHost - ok
18:17:52.0372 3608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:17:52.0434 3608 WdiSystemHost - ok
18:17:52.0496 3608 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
18:17:52.0574 3608 WebClient - ok
18:17:52.0606 3608 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:17:52.0699 3608 Wecsvc - ok
18:17:52.0730 3608 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:17:52.0840 3608 wercplsupport - ok
18:17:52.0871 3608 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:17:52.0949 3608 WerSvc - ok
18:17:52.0996 3608 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:17:53.0074 3608 WfpLwf - ok
18:17:53.0105 3608 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:17:53.0152 3608 WIMMount - ok
18:17:53.0198 3608 WinDefend - ok
18:17:53.0245 3608 WinHttpAutoProxySvc - ok
18:17:53.0308 3608 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:17:53.0401 3608 Winmgmt - ok
18:17:53.0573 3608 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:17:53.0729 3608 WinRM - ok
18:17:53.0822 3608 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:17:53.0885 3608 WinUsb - ok
18:17:53.0947 3608 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:17:54.0025 3608 Wlansvc - ok
18:17:54.0072 3608 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:17:54.0134 3608 WmiAcpi - ok
18:17:54.0181 3608 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:17:54.0244 3608 wmiApSrv - ok
18:17:54.0290 3608 WMPNetworkSvc - ok
18:17:54.0322 3608 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:17:54.0384 3608 WPCSvc - ok
18:17:54.0415 3608 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:17:54.0493 3608 WPDBusEnum - ok
18:17:54.0524 3608 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:17:54.0618 3608 ws2ifsl - ok
18:17:54.0649 3608 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:17:54.0727 3608 wscsvc - ok
18:17:54.0743 3608 WSearch - ok
18:17:54.0836 3608 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:17:54.0946 3608 wuauserv - ok
18:17:54.0977 3608 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:17:55.0070 3608 WudfPf - ok
18:17:55.0102 3608 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:17:55.0164 3608 WUDFRd - ok
18:17:55.0195 3608 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:17:55.0258 3608 wudfsvc - ok
18:17:55.0289 3608 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:17:55.0382 3608 WwanSvc - ok
18:17:55.0414 3608 ================ Scan global ===============================
18:17:55.0445 3608 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:17:55.0460 3608 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:17:55.0476 3608 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:17:55.0492 3608 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:17:55.0507 3608 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:17:55.0523 3608 [Global] - ok
18:17:55.0523 3608 ================ Scan MBR ==================================
18:17:55.0538 3608 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:17:55.0757 3608 \Device\Harddisk0\DR0 - ok
18:17:55.0757 3608 ================ Scan VBR ==================================
18:17:55.0757 3608 [ C865E07B3B0B145278BA8E8F5310755F ] \Device\Harddisk0\DR0\Partition1
18:17:55.0757 3608 \Device\Harddisk0\DR0\Partition1 - ok
18:17:55.0772 3608 [ A095E65D56301F2729FC19601BB3E057 ] \Device\Harddisk0\DR0\Partition2
18:17:55.0772 3608 \Device\Harddisk0\DR0\Partition2 - ok
18:17:55.0804 3608 [ 7144DF73999BB890CDD7DA51C50339FF ] \Device\Harddisk0\DR0\Partition3
18:17:55.0804 3608 \Device\Harddisk0\DR0\Partition3 - ok
18:17:55.0819 3608 ============================================================
18:17:55.0819 3608 Scan finished
18:17:55.0819 3608 ============================================================
18:17:55.0835 4212 Detected object count: 1
18:17:55.0835 4212 Actual detected object count: 1
18:18:20.0577 4212 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
18:18:20.0577 4212 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________ Unsere Probleme sind von Menschen gemacht, darum können sie auch von Menschen gelöst werden. John F. Kennedy |
|
27.02.2014, 14:30
| #6 |
| /// the machine /// TB-Ausbilder | Lange Wartezeit beim Hochfahren Is alles in ordnung. Poste bitte nochmal ein frisches FRST log. Seit wann genau is das so?
__________________ --> Lange Wartezeit beim Hochfahren |
|
27.02.2014, 19:31
| #7 |
| | Lange Wartezeit beim Hochfahren Hallo Schrauber, das Problem besteht seit Montag. Am Sonntag war noch alles im grünen Bereich. Mir ist aufgefallen, dass es zwar sehr lange dauert bis ich zum Anmeldebildschirm komme und die Maus sich nicht bewegen lässt. Aber wenn ich mich angemeldet habe ist die Ladezeit der einzelnen Programme im Autostart schneller geworden. Gefühlt würde ich sagen, dass die Ladezeit der 2 Schritte ( bis zum Anmeldebereich bzw. bis Windows komplett hochgefahren ist ) getauscht wurden. Bis auf die Probleme mit der Maus natürlich. Hier das Log von FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Martin (administrator) on MARTIN-PC on 27-02-2014 19:18:10
Running from C:\Users\Internet\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-06-29] (CyberLink Corp.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-21] (Microsoft Corporation)
HKU\S-1-5-21-3965946322-2056396227-1143055120-1000\...\Run: [FileHippo.com] - "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
HKU\S-1-5-21-3965946322-2056396227-1143055120-1003\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default
FF Homepage: www.web.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-07-03]
FF Extension: NoSquint - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\nosquint@urandom.ca.xpi [2013-07-03]
FF Extension: NoScript - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-04-21]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fgf08hpx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-21]
==================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-05-13] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [257512 2013-02-25] (G Data Software)
==================== Drivers (Whitelisted) ====================
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-09-28] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [79704 2013-10-22] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [59736 2013-10-22] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-09-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2013-09-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-10-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2013-10-07] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-09-28] (G Data Software AG)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2013-10-22] (G Data Software)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-27 19:18 - 2014-02-27 19:18 - 00012586 _____ () C:\Users\Internet\Desktop\FRST.txt
2014-02-27 19:17 - 2014-02-27 19:17 - 00000000 ____D () C:\Users\Internet\Desktop\FRST-OlderVersion
2014-02-26 22:50 - 2014-02-26 22:50 - 00003544 ____N () C:\bootsqm.dat
2014-02-26 18:15 - 2014-02-26 18:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Internet\Desktop\tdsskiller.exe
2014-02-26 17:47 - 2014-02-26 18:10 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-26 17:47 - 2014-02-26 17:56 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-26 17:46 - 2014-02-26 18:10 - 00000000 ____D () C:\Users\Martin\Desktop\mbar
2014-02-26 17:46 - 2014-02-26 17:55 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-26 17:43 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 17:43 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-26 17:41 - 2014-02-26 17:41 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Internet\Desktop\mbar-1.07.0.1009.exe
2014-02-25 19:08 - 2014-02-26 19:18 - 00000000 ____D () C:\Users\Martin\Documents\Anti-Malware
2014-02-25 19:06 - 2014-02-25 19:07 - 223658912 _____ (Emsisoft GmbH ) C:\Users\Internet\Downloads\EmsisoftAntiMalwareSetup.exe
2014-02-24 22:57 - 2014-02-27 19:18 - 00000000 ____D () C:\FRST
2014-02-24 22:56 - 2014-02-27 19:17 - 02155520 _____ (Farbar) C:\Users\Internet\Desktop\FRST64.exe
2014-02-15 11:22 - 2014-02-15 11:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-11 19:14 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 19:14 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-11 19:13 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 19:13 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 19:13 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-11 19:13 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 19:13 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-11 19:13 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-11 19:13 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 19:13 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-11 19:13 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-11 19:13 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-11 19:13 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-11 19:13 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-11 19:13 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-11 19:13 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-11 19:13 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-11 19:13 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-11 19:13 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 19:13 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-11 19:13 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-11 19:13 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-11 19:13 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 19:13 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-11 19:13 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-11 19:13 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-11 19:13 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-11 19:13 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-11 19:13 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-11 19:13 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-11 19:13 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-11 19:13 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 19:13 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 19:13 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-11 19:13 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-11 19:13 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-11 19:13 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 19:13 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-11 19:13 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-11 19:13 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-11 19:13 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-11 19:12 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-11 19:12 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-11 19:12 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-11 19:12 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 19:12 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 19:12 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-11 19:12 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 19:12 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 19:12 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-11 19:12 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 19:12 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-11 19:12 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-11 19:12 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 19:12 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 19:12 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-11 19:12 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-11 19:12 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-11 19:12 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-11 19:12 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-11 19:12 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-11 19:12 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-11 19:12 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-11 19:12 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-11 19:12 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-11 19:12 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-07 17:17 - 2014-02-07 17:17 - 00283120 _____ (Mozilla) C:\Users\Internet\Downloads\Firefox Setup Stub 27.0.exe
==================== One Month Modified Files and Folders =======
2014-02-27 19:19 - 2014-02-27 19:18 - 00012586 _____ () C:\Users\Internet\Desktop\FRST.txt
2014-02-27 19:18 - 2014-02-24 22:57 - 00000000 ____D () C:\FRST
2014-02-27 19:17 - 2014-02-27 19:17 - 00000000 ____D () C:\Users\Internet\Desktop\FRST-OlderVersion
2014-02-27 19:17 - 2014-02-24 22:56 - 02155520 _____ (Farbar) C:\Users\Internet\Desktop\FRST64.exe
2014-02-27 19:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-27 19:15 - 2009-07-14 05:51 - 00075859 _____ () C:\Windows\setupact.log
2014-02-26 22:58 - 2013-04-21 01:35 - 01471570 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 22:58 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 22:58 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 22:57 - 2013-12-02 08:56 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 22:57 - 2013-04-21 11:28 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 22:57 - 2013-04-21 11:28 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 22:50 - 2014-02-26 22:50 - 00003544 ____N () C:\bootsqm.dat
2014-02-26 22:00 - 2013-04-21 10:39 - 00000388 _____ () C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2014-02-26 21:19 - 2013-04-21 01:32 - 00138038 _____ () C:\Windows\PFRO.log
2014-02-26 19:18 - 2014-02-25 19:08 - 00000000 ____D () C:\Users\Martin\Documents\Anti-Malware
2014-02-26 18:15 - 2014-02-26 18:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Internet\Desktop\tdsskiller.exe
2014-02-26 18:10 - 2014-02-26 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-26 18:10 - 2014-02-26 17:46 - 00000000 ____D () C:\Users\Martin\Desktop\mbar
2014-02-26 17:56 - 2014-02-26 17:47 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-26 17:55 - 2014-02-26 17:46 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-26 17:41 - 2014-02-26 17:41 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Internet\Desktop\mbar-1.07.0.1009.exe
2014-02-25 19:07 - 2014-02-25 19:06 - 223658912 _____ (Emsisoft GmbH ) C:\Users\Internet\Downloads\EmsisoftAntiMalwareSetup.exe
2014-02-24 21:47 - 2013-04-21 02:22 - 00000000 ____D () C:\Users\Martin
2014-02-24 21:44 - 2013-04-21 03:08 - 00000000 ____D () C:\Users\Internet
2014-02-24 21:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-16 11:01 - 2013-10-30 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 11:22 - 2014-02-15 11:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-11 19:21 - 2013-08-06 20:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-11 19:20 - 2013-04-21 10:43 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-11 19:15 - 2013-11-29 19:45 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-07 17:25 - 2013-04-21 17:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-07 17:25 - 2013-04-21 17:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-07 17:25 - 2013-04-21 02:47 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe
2014-02-07 17:20 - 2013-10-30 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-07 17:17 - 2014-02-07 17:17 - 00283120 _____ (Mozilla) C:\Users\Internet\Downloads\Firefox Setup Stub 27.0.exe
2014-02-06 13:16 - 2014-02-11 19:13 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-11 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-11 19:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-11 19:13 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-11 19:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-11 19:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-11 19:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-11 19:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-11 19:13 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-11 19:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-11 19:13 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-11 19:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-11 19:13 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-11 19:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-11 19:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-11 19:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-11 19:13 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-11 19:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-11 19:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 19:13 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-11 19:13 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-11 19:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 19:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-11 19:13 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-11 19:13 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-11 19:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-11 19:13 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-11 19:13 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-11 19:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-11 19:13 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-11 19:13 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-11 19:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 19:13 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 19:13 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-11 19:13 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-11 19:13 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-11 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-11 19:13 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-11 19:13 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-23 10:53
==================== End Of Log ============================
--- --- ---
__________________ Unsere Probleme sind von Menschen gemacht, darum können sie auch von Menschen gelöst werden. John F. Kennedy |
|
28.02.2014, 20:12
| #8 |
| /// the machine /// TB-Ausbilder | Lange Wartezeit beim Hochfahren Alles sauber. Schuss ins Blaue: deinstalliere mal GDATA komplett und teste ohne.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.03.2014, 21:49
| #9 |
| | Lange Wartezeit beim Hochfahren Hallo Schrauber, erstmmal Danke, dass du dich um dieses merkwürdigen Problem "kümmerst". So nun zu den Fakten: Geschrieben erledigt. G Data deinstalliert - Probiert - Ergebniss das gleiche. Ob mit oder ohne G Data ist die Zeit bis zum Anmeldebildschirm gleich ( zu ) lang. Und auch das Problem mit der Maus ist identisch. Selbst wenn ich im Boot Vorgang die F12 Taste aktiviere um in das Menü zu gelangen, wo abgefragt wird, von welchem Medium man booten möchte, dauert es sehr lange, um in dieses Menü zu gelangen. Nun folgende Fragen. 1. Da du geschrieben hast, dass die Log´s sauber sind besteht die Möglichkeit, das System tiefer zu untersuchen, so dass ein Softwareseitigen Problem ausgeschlossen werden kann? 2. Könnte ein Hardwareseitiges Problem bestehen?
__________________ Unsere Probleme sind von Menschen gemacht, darum können sie auch von Menschen gelöst werden. John F. Kennedy |
|
02.03.2014, 18:52
| #10 |
| /// the machine /// TB-Ausbilder | Lange Wartezeit beim Hochfahren Wenn Du schon bei Boot in das Menü von F12 solange brauchst, ist es definitiv kein Software Problem. Das ist hardware, aber was ist die Frage.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.03.2014, 08:27
| #11 |
| | Lange Wartezeit beim Hochfahren Hallo Schrauber, also mann mann eine Infektion ausschließen oder? Gibt es eien Diagnosetool um die Hardware zu testen? Gruß HSK
__________________ Unsere Probleme sind von Menschen gemacht, darum können sie auch von Menschen gelöst werden. John F. Kennedy |
|
04.03.2014, 09:07
| #12 |
| /// the machine /// TB-Ausbilder | Lange Wartezeit beim Hochfahren Was für ein Hersteller?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.03.2014, 09:09
| #13 |
| | Lange Wartezeit beim Hochfahren Es handelt sich um einen PC von Acer.
__________________ Unsere Probleme sind von Menschen gemacht, darum können sie auch von Menschen gelöst werden. John F. Kennedy |
|
05.03.2014, 08:58
| #14 |
| /// the machine /// TB-Ausbilder | Lange Wartezeit beim Hochfahren Dann bitte mal beim Acer Support anfragen bzw auf der Seite schauen, dort sollte sich was finden was halt wirklich passt. Hardware testen ist immer schwierig.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Lange Wartezeit beim Hochfahren |
| administrator, antivirus, browser, defender, dll, error, explorer, firewall, flash player, helper, home, homepage, internet, maus, mozilla, problem, realtek, registry, rundll, scan, secunia psi, security, services.exe, svchost.exe, system, tracker, winlogon.exe |
Linear-Darstellung
