| |
| |||||||
Log-Analyse und Auswertung: Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von WebsitesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.02.2014, 23:45
| #1 |
 |  Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Hallo liebes Trojaner-Board, mein Rechner wird mit zunehmender Laufzeit extrem langsam und blockiert dann auch manchmal komplett. Anfangs nach dem einschalten geht es noch, wird dann mit der Zeit immer langsamer. Dies merke ich vor allem beim öffnen von Webseiten aber auch beim öfnen von normalen Fenstern (z.b. explorer) in Windows. Ich scanne regelmäßig mit Malwarebytes and Avast - kann jedoch im Moment keine Fehler finden. Bin über jegliche Hilfe und Anmerkungen Dankbar! Chris Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:37 on 06/02/2014 (chris)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by chris (administrator) on BLACK-BOX on 06-02-2014 20:44:18
Running from C:\Users\chris\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Acer Incoporated) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Magnify.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [222240 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-17] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-03-17] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-07] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-13] (Microsoft Corporation)
HKU\S-1-5-21-3309182887-1688452900-3303579845-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4820tg&r=27360513k306l0453z135t55n1j111
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4820tg&r=27360513k306l0453z135t55n1j111
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-12]
FF Extension: Adblock Plus - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-12]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Docs) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-12]
CHR Extension: (Google Drive) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-12]
CHR Extension: (YouTube) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-12]
CHR Extension: (Google-Suche) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-12]
CHR Extension: (Google Mail) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-12]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-07] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-17] (Acer Incorporated)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-02-05] (Acer Incorporated)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-07] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-07] ()
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [50232 2011-02-16] (Novation DMS Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 20:44 - 2014-02-06 20:44 - 00016926 _____ () C:\Users\chris\Downloads\FRST.txt
2014-02-06 20:44 - 2014-02-06 20:44 - 00000000 ____D () C:\FRST
2014-02-06 20:43 - 2014-02-06 20:43 - 02079744 _____ (Farbar) C:\Users\chris\Downloads\FRST64.exe
2014-02-06 20:38 - 2014-02-06 20:38 - 00000472 _____ () C:\Users\chris\Desktop\defogger_disable.log
2014-02-06 20:37 - 2014-02-06 20:37 - 00000472 _____ () C:\Users\chris\Downloads\defogger_disable.log
2014-02-06 20:37 - 2014-02-06 20:37 - 00000000 _____ () C:\Users\chris\defogger_reenable
2014-02-06 20:33 - 2014-02-06 20:33 - 00050477 _____ () C:\Users\chris\Desktop\Defogger.exe
2014-02-03 11:21 - 2014-02-03 11:21 - 00204496 _____ (Malwarebytes) C:\Users\chris\Downloads\startuplite-setup-1.07.exe
2014-02-03 11:21 - 2014-02-03 11:21 - 00003150 _____ () C:\Windows\System32\Tasks\{8920A2C2-5AFC-4690-9AF2-EF6BFDCE8C9C}
2014-01-26 20:11 - 2014-01-26 20:11 - 00000000 ____D () C:\Users\chris\Documents\Togeo_Studios-Simple_Synths
2014-01-26 20:08 - 2014-01-26 20:11 - 98454416 _____ () C:\Users\chris\Downloads\Togeo_Studios-Simple_Synths.zip
2014-01-26 19:40 - 2014-01-26 19:40 - 00000000 ____D () C:\Users\chris\Documents\Tom Cosm - Swagger - Ableton Pack
2014-01-17 21:17 - 2014-01-17 21:28 - 79069909 _____ () C:\Users\chris\Downloads\Tom Cosm - Swagger - Ableton Pack.zip
2014-01-16 15:04 - 2014-01-16 15:04 - 18126032 _____ (Adobe Systems Inc.) C:\Users\chris\Downloads\AdobeAIRInstaller.exe
2014-01-16 08:12 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 08:12 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 08:12 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 20:34 - 2014-01-19 12:33 - 00008284 _____ () C:\Users\chris\ESt2013_******.elfo
2014-01-15 20:34 - 2014-01-19 12:32 - 00000000 ____D () C:\Users\chris\AppData\Local\.elfohilfe
2014-01-15 18:38 - 2014-01-15 18:38 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-01-15 18:36 - 2014-01-15 18:36 - 00000915 _____ () C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Standard.lnk
2014-01-15 18:26 - 2014-01-15 18:32 - 722616436 _____ () C:\Users\chris\Downloads\ableton_live_standard_9.1_64.zip
2014-01-12 19:32 - 2014-01-18 00:36 - 00000000 ___RD () C:\Users\chris\Desktop\CHRIS Project
2014-01-12 13:32 - 2014-01-15 19:56 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-12 13:32 - 2014-01-12 13:32 - 00001237 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\Users\chris\AppData\Roaming\elsterformular
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-12 13:30 - 2014-01-12 13:31 - 69755760 _____ (Landesfinanzdirektion Thüringen) C:\Users\chris\Downloads\ElsterFormular-14.4.20130909p.exe
2014-01-07 19:07 - 2014-01-07 19:15 - 960843776 _____ () C:\Users\chris\Downloads\tails-i386-0.22.iso
2014-01-07 19:02 - 2014-01-07 19:02 - 01094939 _____ (pendrivelinux.com) C:\Users\chris\Downloads\Universal-USB-Installer-1.9.5.1.exe
2014-01-07 19:00 - 2014-01-07 19:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
==================== One Month Modified Files and Folders =======
2014-02-06 20:44 - 2014-02-06 20:44 - 00016926 _____ () C:\Users\chris\Downloads\FRST.txt
2014-02-06 20:44 - 2014-02-06 20:44 - 00000000 ____D () C:\FRST
2014-02-06 20:43 - 2014-02-06 20:43 - 02079744 _____ (Farbar) C:\Users\chris\Downloads\FRST64.exe
2014-02-06 20:38 - 2014-02-06 20:38 - 00000472 _____ () C:\Users\chris\Desktop\defogger_disable.log
2014-02-06 20:37 - 2014-02-06 20:37 - 00000472 _____ () C:\Users\chris\Downloads\defogger_disable.log
2014-02-06 20:37 - 2014-02-06 20:37 - 00000000 _____ () C:\Users\chris\defogger_reenable
2014-02-06 20:37 - 2013-05-12 13:00 - 00000000 ____D () C:\Users\chris
2014-02-06 20:33 - 2014-02-06 20:33 - 00050477 _____ () C:\Users\chris\Desktop\Defogger.exe
2014-02-06 20:32 - 2013-05-14 07:52 - 00000000 ____D () C:\Users\chris\AppData\Roaming\Skype
2014-02-06 20:06 - 2013-05-12 15:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 19:47 - 2013-05-12 13:00 - 01790202 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 09:26 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 09:26 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 09:23 - 2013-05-12 22:48 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 09:23 - 2013-05-12 22:48 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 09:23 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 09:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 09:19 - 2009-07-14 05:51 - 00088793 _____ () C:\Windows\setupact.log
2014-02-05 23:01 - 2013-05-12 15:09 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-05 09:06 - 2013-05-12 15:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 09:06 - 2013-05-12 15:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 09:06 - 2013-05-12 15:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 09:28 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-03 11:53 - 2013-05-29 11:54 - 00000000 ___RD () C:\Users\chris\Dropbox
2014-02-03 11:53 - 2013-05-29 11:52 - 00000000 ____D () C:\Users\chris\AppData\Roaming\Dropbox
2014-02-03 11:21 - 2014-02-03 11:21 - 00204496 _____ (Malwarebytes) C:\Users\chris\Downloads\startuplite-setup-1.07.exe
2014-02-03 11:21 - 2014-02-03 11:21 - 00003150 _____ () C:\Windows\System32\Tasks\{8920A2C2-5AFC-4690-9AF2-EF6BFDCE8C9C}
2014-02-03 11:17 - 2013-05-14 09:13 - 00000000 ____D () C:\Users\chris\Desktop\applications
2014-01-26 20:58 - 2014-01-05 14:11 - 00000000 ____D () C:\ProgramData\Ableton
2014-01-26 20:11 - 2014-01-26 20:11 - 00000000 ____D () C:\Users\chris\Documents\Togeo_Studios-Simple_Synths
2014-01-26 20:11 - 2014-01-26 20:08 - 98454416 _____ () C:\Users\chris\Downloads\Togeo_Studios-Simple_Synths.zip
2014-01-26 19:40 - 2014-01-26 19:40 - 00000000 ____D () C:\Users\chris\Documents\Tom Cosm - Swagger - Ableton Pack
2014-01-26 19:40 - 2014-01-05 14:09 - 00000000 ____D () C:\Users\chris\AppData\Local\WinZip
2014-01-26 16:59 - 2013-05-12 15:54 - 00000000 ____D () C:\Users\chris\AppData\Local\Adobe
2014-01-19 12:33 - 2014-01-15 20:34 - 00008284 _____ () C:\Users\chris\ESt2013_******.elfo
2014-01-19 12:32 - 2014-01-15 20:34 - 00000000 ____D () C:\Users\chris\AppData\Local\.elfohilfe
2014-01-18 00:36 - 2014-01-12 19:32 - 00000000 ___RD () C:\Users\chris\Desktop\CHRIS Project
2014-01-17 21:28 - 2014-01-17 21:17 - 79069909 _____ () C:\Users\chris\Downloads\Tom Cosm - Swagger - Ableton Pack.zip
2014-01-17 11:20 - 2013-05-29 11:53 - 00000482 _____ () C:\Windows\wininit.ini
2014-01-17 11:19 - 2013-05-29 11:54 - 00001022 _____ () C:\Users\chris\Desktop\Dropbox.lnk
2014-01-17 11:19 - 2013-05-29 11:53 - 00000000 ____D () C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 15:04 - 2014-01-16 15:04 - 18126032 _____ (Adobe Systems Inc.) C:\Users\chris\Downloads\AdobeAIRInstaller.exe
2014-01-16 10:21 - 2009-07-14 05:45 - 00426520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 08:20 - 2013-07-15 22:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 08:19 - 2013-05-12 16:26 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:58 - 2013-05-12 12:51 - 00155112 _____ () C:\Windows\PFRO.log
2014-01-15 19:56 - 2014-01-12 13:32 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-15 18:38 - 2014-01-15 18:38 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-01-15 18:36 - 2014-01-15 18:36 - 00000915 _____ () C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Standard.lnk
2014-01-15 18:32 - 2014-01-15 18:26 - 722616436 _____ () C:\Users\chris\Downloads\ableton_live_standard_9.1_64.zip
2014-01-13 15:03 - 2014-01-05 14:13 - 00000000 ____D () C:\Users\chris\Documents\Ableton
2014-01-12 13:32 - 2014-01-12 13:32 - 00001237 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\Users\chris\AppData\Roaming\elsterformular
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-12 13:31 - 2014-01-12 13:30 - 69755760 _____ (Landesfinanzdirektion Thüringen) C:\Users\chris\Downloads\ElsterFormular-14.4.20130909p.exe
2014-01-07 19:15 - 2014-01-07 19:07 - 960843776 _____ () C:\Users\chris\Downloads\tails-i386-0.22.iso
2014-01-07 19:02 - 2014-01-07 19:02 - 01094939 _____ (pendrivelinux.com) C:\Users\chris\Downloads\Universal-USB-Installer-1.9.5.1.exe
2014-01-07 19:00 - 2014-01-07 19:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-07 19:00 - 2013-05-12 15:09 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-07 19:00 - 2013-05-12 15:09 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-07 19:00 - 2013-05-12 15:09 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-07 19:00 - 2013-05-12 15:09 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-07 19:00 - 2013-05-12 15:09 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-07 19:00 - 2013-05-12 15:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-07 19:00 - 2013-05-12 15:09 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
Some content of TEMP:
====================
C:\Users\chris\AppData\Local\Temp\Ableton Swapper.exe
C:\Users\chris\AppData\Local\Temp\COMAP.EXE
C:\Users\chris\AppData\Local\Temp\GoogleUpdateSetup_1.3.21.169.exe
C:\Users\chris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\chris\AppData\Local\Temp\_is7BA1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 14:03
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-02-2014
Ran by chris at 2014-02-06 20:44:44
Running from C:\Users\chris\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Ableton Live 9 Standard (Version: 9.0.0.0 - Ableton)
Acer Arcade Deluxe (x32 Version: 4.0.7511 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.0.7511 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6317 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.11.2 - Suyin Optronics Corp)
Acer eRecovery Management (x32 Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (x32 Version: 5.02.3002 - Acer Incorporated)
Acer Registration (x32 Version: 1.03.3002 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0222.2010 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3001 - Acer Incorporated)
Acer VCM (x32 Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.23 - Atheros Communications Inc.)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0303.420.7651 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0303.420.7651 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help English (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help French (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help German (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0303.420.7651 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0303.420.7651 - ATI) Hidden
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
dBpoweramp Music Converter (x32 Version: Release 14.4 - Illustrate)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Druckerdeinstallation für EPSON Stylus S20 Series (Version: - SEIKO EPSON Corporation)
ElsterFormular (x32 Version: 15.0.13315 - Landesfinanzdirektion Thüringen)
Haali Media Splitter (x32 Version: - )
Identity Card (x32 Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.01.1002 - Intel Corporation)
ITCH for Novation TWITCH (x32 Version: 1.8.2 - Serato Audio Research)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 4.0.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (x32 Version: - MixMeister Technology LLC)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Novation USB Audio Driver 2.1 (Version: 2.1 - Novation DMS Ltd.)
NTI Backup Now 5 (x32 Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Optical Drive Power Management (x32 Version: 1.01.3006 - Acer Incorporated)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (Version: 14.0.6.0 - Synaptics Incorporated)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
Welcome Center (x32 Version: 1.01.3002 - Acer Incorporated)
WIDCOMM Bluetooth Software (Version: 6.3.0.4300 - Broadcom Corporation)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinZip 18.0 (Version: 18.0.10661 - WinZip Computing, S.L. )
==================== Restore Points =========================
21-01-2014 09:03:48 Windows Update
24-01-2014 16:46:07 Windows Update
28-01-2014 08:08:35 Windows Update
31-01-2014 09:37:37 Windows Update
04-02-2014 08:32:39 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {379F0879-5EAC-43AF-A108-E01E42F31E86} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-07] (AVAST Software)
Task: {5418912F-BA7F-401D-9F90-42E484195A17} - System32\Tasks\{AF6C7C59-F000-4DA8-9370-341F9B0FB380} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {6E7F5A3B-48F3-4BF8-9636-8C59D004389D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {8BC0E775-D157-4556-954A-ACF2DA4CEA19} - System32\Tasks\{9DBA2934-98EE-4162-85D5-16ECED83BE1A} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {B347F6C3-D00B-4347-A948-B0FCEE8BE4B6} - System32\Tasks\{4AC7A996-9031-4F31-BE4C-4A37655BA2FF} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-26 10:46 - 2010-03-26 10:46 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-05-12 12:53 - 2013-05-12 12:53 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-03 20:53 - 2012-08-03 20:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-05 23:01 - 2014-02-05 10:22 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020500\algo.dll
2014-02-06 19:45 - 2014-02-06 13:08 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020600\algo.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-04-15 12:03 - 2009-12-24 01:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-04-15 12:47 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-12-03 19:12 - 2013-12-03 19:12 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-03 19:07 - 2014-01-03 19:07 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2014 00:01:53 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.11.0.102, Zeitstempel: 0x5284fb74
Name des fehlerhaften Moduls: Skype.exe, Version: 6.11.0.102, Zeitstempel: 0x5284fb74
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00212421
ID des fehlerhaften Prozesses: 0x448
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (01/30/2014 02:04:38 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/27/2014 06:57:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/26/2014 09:43:57 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1754
Startzeit: 01cf1ac693bd44e8
Endzeit: 51
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 90d85404-86ca-11e3-894b-c80aa974bc5d
Error: (01/18/2014 10:56:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/15/2014 04:53:12 PM) (Source: Application Hang) (User: )
Description: Programm mbam.exe, Version 1.75.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1aa8
Startzeit: 01cf12091d417985
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Berichts-ID: edf6c716-7dfc-11e3-9294-c80aa974bc5d
Error: (01/15/2014 11:37:55 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/13/2014 06:15:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16428, Zeitstempel: 0x525b664c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x1be8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (01/13/2014 01:10:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/11/2014 11:58:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_9_900_170.exe, Version: 11.9.900.170, Zeitstempel: 0x529b79bf
Name des fehlerhaften Moduls: FlashPlayerPlugin_11_9_900_170.exe, Version: 11.9.900.170, Zeitstempel: 0x529b79bf
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017b60
ID des fehlerhaften Prozesses: 0x11e0
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_9_900_170.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_9_900_170.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_9_900_170.exe2
Berichtskennung: FlashPlayerPlugin_11_9_900_170.exe3
System errors:
=============
Error: (01/31/2014 00:34:09 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/30/2014 11:07:22 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UYAB",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7E686523-FD6D-44F8-B738-040B9E9BDF09}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/30/2014 10:43:21 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UYAB",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7E686523-FD6D-44F8-B738-040B9E9BDF09}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/30/2014 10:31:22 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "UYAB",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7E686523-FD6D-44F8-B738-040B9E9BDF09}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/24/2014 03:51:11 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (01/16/2014 01:21:30 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.10
registriert werden. Der Computer mit IP-Adresse 192.168.0.11 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/16/2014 10:20:40 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (User: NT-AUTORITÄT)
Description: Das SAM-Modul konnte den TCP/IP- bzw. SPX/IPX-Listening-Thread nicht starten.
Error: (01/15/2014 05:19:57 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 15.01.2014 um 17:16:52 unerwartet heruntergefahren.
Error: (01/07/2014 08:18:27 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/04/2014 09:11:14 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a63\??\C:\Users\chris\AppData\Local\Microsoft\Windows\UsrClass.dat
Microsoft Office Sessions:
=========================
Error: (01/31/2014 00:01:53 AM) (Source: Application Error)(User: )
Description: Skype.exe6.11.0.1025284fb74Skype.exe6.11.0.1025284fb74c00000050021242144801cf1debc7766189C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe819e6340-8a02-11e3-ba08-c80aa974bc5d
Error: (01/30/2014 02:04:38 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (01/27/2014 06:57:07 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (01/26/2014 09:43:57 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087175401cf1ac693bd44e851C:\Program Files (x86)\Mozilla Firefox\firefox.exe90d85404-86ca-11e3-894b-c80aa974bc5d
Error: (01/18/2014 10:56:17 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (01/15/2014 04:53:12 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.11aa801cf12091d41798560000C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeedf6c716-7dfc-11e3-9294-c80aa974bc5d
Error: (01/15/2014 11:37:55 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (01/13/2014 06:15:51 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.16428525b664cntdll.dll6.1.7601.18247521ea8e7c000000500038e191be801cf1082879ad825C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll59de4679-7c76-11e3-ae3c-c80aa974bc5d
Error: (01/13/2014 01:10:28 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (01/11/2014 11:58:10 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_170.exe11.9.900.170529b79bfFlashPlayerPlugin_11_9_900_170.exe11.9.900.170529b79bf4000001500017b6011e001cf0f12307423a4C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exed74c3c34-7b13-11e3-8904-c80aa974bc5d
CodeIntegrity Errors:
===================================
Date: 2014-02-06 11:26:07.602
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 08:57:51.083
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-01 14:32:02.844
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-30 21:25:13.966
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-30 15:27:44.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-29 20:35:27.861
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-29 20:26:25.446
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-29 20:25:26.158
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-26 19:37:41.993
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-26 18:25:35.368
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 3766.68 MB
Available physical RAM: 1880.52 MB
Total Pagefile: 7531.55 MB
Available Pagefile: 5393.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:135.95 GB) (Free:50.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 851CF10E)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-06 21:24:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 INTEL_SS rev.2CV1 149,05GB
Running: Gmer-19357.exe; Driver: C:\Users\chris\AppData\Local\Temp\pwtdrpog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 532 fffff80002fb0004 5 bytes JMP fffff80002fe0e10
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 675 fffff80002fb0093 36 bytes [8B, 7C, 24, 43, 48, D3, CF, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\winlogon.exe[680] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\services.exe[708] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[840] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[932] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[996] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[312] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[404] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[552] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[616] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe[1124] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\system32\atieclxx.exe[1160] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1196] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\WLANExt.exe[1352] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\Dwm.exe[1640] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\Explorer.EXE[1684] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1780] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\taskhost.exe[1792] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1860] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2000] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2024] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\dsiwmis.exe[1076] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe[652] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[2056] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Acer\Registration\GREGsvc.exe[2088] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2116] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2184] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe[2200] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2232] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe[2244] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe[2280] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe[2332] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2356] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe[2396] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2448] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe[2464] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\system32\igfxsrvc.exe[2588] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\System32\igfxpers.exe[2604] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2664] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[2680] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 00000000738011a8 2 bytes [80, 73]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 00000000738013a8 2 bytes [80, 73]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 0000000073801422 2 bytes [80, 73]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 0000000073801498 2 bytes [80, 73]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 0000000074301b41 2 bytes [30, 74]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 0000000074301be8 2 bytes [30, 74]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 0000000074301c20 2 bytes [30, 74]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 0000000074301cd2 2 bytes [30, 74]
.text C:\Windows\PLFSetI.exe[2760] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 0000000074301cf2 2 bytes [30, 74]
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[2792] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[2888] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[2968] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[2968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[2968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe[2932] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe[2932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe[2932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Windows\system32\wbem\unsecapp.exe[3112] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3304] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3656] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3744] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3880] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe[3896] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\SysWOW64\RunDll32.exe[3912] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\SysWOW64\RunDll32.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Windows\SysWOW64\RunDll32.exe[3912] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3920] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe[3180] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[1140] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LMworker.exe[3836] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4148] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[4212] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4356] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe[4964] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2104] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[5552] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe[5592] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[184] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Acer\Acer VCM\Vc.exe[6392] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Program Files (x86)\Acer\Acer VCM\Vc.exe[6392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076a01465 2 bytes [A0, 76]
.text C:\Program Files (x86)\Acer\Acer VCM\Vc.exe[6392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076a014bb 2 bytes [A0, 76]
.text ... * 2
.text C:\Program Files (x86)\Acer\Acer VCM\Vc.exe[3128] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\notepad.exe[6176] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\notepad.exe[7920] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Windows\system32\AUDIODG.EXE[1044] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
.text C:\Users\chris\Downloads\Gmer-19357.exe[6216] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000761aa2ba 1 byte [62]
.text C:\Windows\System32\Magnify.exe[6760] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d0eecd 1 byte [62]
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2104:3944] 000007fefaed2a7c
---- Processes - GMER 2.1 ----
Library C:\Users\chris\Downloads\FRST64.exe (*** suspicious ***) @ C:\Users\chris\Downloads\FRST64.exe [3128] 000000013f340000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbaeb6ff
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbaeb6ff (not active ControlSet)
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.02.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 chris :: BLACK-BOX [Administrator] 06.02.2014 21:57:50 mbam-log-2014-02-06 (21-57-50).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 353667 Laufzeit: 35 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Danke! |
|
07.02.2014, 07:08
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.02.2014, 18:10
| #3 |
| | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Hallo,
__________________hier die logfile : Code:
ATTFilter 18:09:16.0695 5264 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:09:21.0672 5264 ============================================================
18:09:21.0672 5264 Current date / time: 2014/02/07 18:09:21.0672
18:09:21.0672 5264 SystemInfo:
18:09:21.0672 5264
18:09:21.0672 5264 OS Version: 6.1.7601 ServicePack: 1.0
18:09:21.0672 5264 Product type: Workstation
18:09:21.0672 5264 ComputerName: BLACK-BOX
18:09:21.0672 5264 UserName: chris
18:09:21.0672 5264 Windows directory: C:\Windows
18:09:21.0672 5264 System windows directory: C:\Windows
18:09:21.0672 5264 Running under WOW64
18:09:21.0673 5264 Processor architecture: Intel x64
18:09:21.0673 5264 Number of processors: 4
18:09:21.0673 5264 Page size: 0x1000
18:09:21.0673 5264 Boot type: Normal boot
18:09:21.0673 5264 ============================================================
18:09:22.0107 5264 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:09:22.0117 5264 ============================================================
18:09:22.0117 5264 \Device\Harddisk0\DR0:
18:09:22.0118 5264 MBR partitions:
18:09:22.0118 5264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
18:09:22.0118 5264 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x10FE6800
18:09:22.0118 5264 ============================================================
18:09:22.0120 5264 C: <-> \Device\Harddisk0\DR0\Partition2
18:09:22.0120 5264 ============================================================
18:09:22.0120 5264 Initialize success
18:09:22.0120 5264 ============================================================
18:09:23.0670 2632 ============================================================
18:09:23.0671 2632 Scan started
18:09:23.0671 2632 Mode: Manual;
18:09:23.0671 2632 ============================================================
18:09:23.0831 2632 ================ Scan system memory ========================
18:09:23.0831 2632 System memory - ok
18:09:23.0832 2632 ================ Scan services =============================
18:09:23.0905 2632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:09:23.0908 2632 1394ohci - ok
18:09:23.0919 2632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:09:23.0923 2632 ACPI - ok
18:09:23.0929 2632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:09:23.0930 2632 AcpiPmi - ok
18:09:23.0938 2632 [ E5568164C070A4988BD79C896920B3C6 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
18:09:23.0940 2632 acsock - ok
18:09:23.0949 2632 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:09:23.0950 2632 AdobeARMservice - ok
18:09:24.0000 2632 [ C8C6C0D659734FDBF63F6F421A5416BC ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:09:24.0003 2632 AdobeFlashPlayerUpdateSvc - ok
18:09:24.0017 2632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:09:24.0021 2632 adp94xx - ok
18:09:24.0034 2632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:09:24.0037 2632 adpahci - ok
18:09:24.0046 2632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:09:24.0048 2632 adpu320 - ok
18:09:24.0058 2632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:09:24.0060 2632 AeLookupSvc - ok
18:09:24.0073 2632 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
18:09:24.0078 2632 AFD - ok
18:09:24.0085 2632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:09:24.0087 2632 agp440 - ok
18:09:24.0094 2632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:09:24.0095 2632 ALG - ok
18:09:24.0101 2632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:09:24.0102 2632 aliide - ok
18:09:24.0111 2632 [ 72F1579514A09BB8CB210087CB161048 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:09:24.0114 2632 AMD External Events Utility - ok
18:09:24.0119 2632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:09:24.0120 2632 amdide - ok
18:09:24.0127 2632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:09:24.0129 2632 AmdK8 - ok
18:09:24.0220 2632 [ 9986E240D1512D8561777326882B80DC ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
18:09:24.0275 2632 amdkmdag - ok
18:09:24.0287 2632 [ 959FA98168C8AC90D8F8D47A543118CA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:09:24.0289 2632 amdkmdap - ok
18:09:24.0295 2632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:09:24.0297 2632 AmdPPM - ok
18:09:24.0303 2632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:09:24.0304 2632 amdsata - ok
18:09:24.0313 2632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:09:24.0315 2632 amdsbs - ok
18:09:24.0321 2632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:09:24.0322 2632 amdxata - ok
18:09:24.0328 2632 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
18:09:24.0329 2632 AmUStor - ok
18:09:24.0336 2632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:09:24.0337 2632 AppID - ok
18:09:24.0343 2632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:09:24.0344 2632 AppIDSvc - ok
18:09:24.0350 2632 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
18:09:24.0352 2632 Appinfo - ok
18:09:24.0358 2632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:09:24.0359 2632 arc - ok
18:09:24.0366 2632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:09:24.0367 2632 arcsas - ok
18:09:24.0375 2632 [ 9C2BEA3957EFFD45F352F0938DFB3721 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:09:24.0377 2632 aswMonFlt - ok
18:09:24.0384 2632 [ 679712B7A353EE665B9301592164A172 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
18:09:24.0385 2632 aswRdr - ok
18:09:24.0392 2632 [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
18:09:24.0393 2632 aswRvrt - ok
18:09:24.0414 2632 [ 52B5F8FAF7E78C02D26B0B6E3A05F596 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:09:24.0423 2632 aswSnx - ok
18:09:24.0435 2632 [ 251360C2FCA22BAFE0583314B3262F98 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:09:24.0439 2632 aswSP - ok
18:09:24.0446 2632 [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F ] aswStm C:\Windows\system32\drivers\aswStm.sys
18:09:24.0448 2632 aswStm - ok
18:09:24.0456 2632 [ 90399625F341AB76BA4B85A5E860EB1F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
18:09:24.0458 2632 aswVmm - ok
18:09:24.0464 2632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:09:24.0465 2632 AsyncMac - ok
18:09:24.0471 2632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:09:24.0471 2632 atapi - ok
18:09:24.0482 2632 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:09:24.0484 2632 AtiHdmiService - ok
18:09:24.0500 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:09:24.0506 2632 AudioEndpointBuilder - ok
18:09:24.0521 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:09:24.0528 2632 AudioSrv - ok
18:09:24.0539 2632 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:09:24.0540 2632 avast! Antivirus - ok
18:09:24.0549 2632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:09:24.0550 2632 AxInstSV - ok
18:09:24.0563 2632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:09:24.0567 2632 b06bdrv - ok
18:09:24.0578 2632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:09:24.0581 2632 b57nd60a - ok
18:09:24.0633 2632 [ FDE8C8DC07E75347E4C6B455A0964217 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:09:24.0659 2632 BCM43XX - ok
18:09:24.0667 2632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:09:24.0668 2632 BDESVC - ok
18:09:24.0675 2632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:09:24.0675 2632 Beep - ok
18:09:24.0691 2632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:09:24.0698 2632 BFE - ok
18:09:24.0716 2632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:09:24.0728 2632 BITS - ok
18:09:24.0734 2632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:09:24.0735 2632 blbdrive - ok
18:09:24.0742 2632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:09:24.0743 2632 bowser - ok
18:09:24.0748 2632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:09:24.0749 2632 BrFiltLo - ok
18:09:24.0755 2632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:09:24.0756 2632 BrFiltUp - ok
18:09:24.0763 2632 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:09:24.0765 2632 Browser - ok
18:09:24.0775 2632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:09:24.0778 2632 Brserid - ok
18:09:24.0783 2632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:09:24.0784 2632 BrSerWdm - ok
18:09:24.0789 2632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:09:24.0790 2632 BrUsbMdm - ok
18:09:24.0795 2632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:09:24.0796 2632 BrUsbSer - ok
18:09:24.0801 2632 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:09:24.0802 2632 BthEnum - ok
18:09:24.0807 2632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:09:24.0809 2632 BTHMODEM - ok
18:09:24.0815 2632 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:09:24.0816 2632 BthPan - ok
18:09:24.0828 2632 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:09:24.0833 2632 BTHPORT - ok
18:09:24.0839 2632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:09:24.0841 2632 bthserv - ok
18:09:24.0846 2632 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:09:24.0847 2632 BTHUSB - ok
18:09:24.0858 2632 [ 380B798D30C56EDE4AF58619D0E86CCB ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
18:09:24.0861 2632 btwampfl - ok
18:09:24.0867 2632 [ BA5622F5544C6C445DFF1A05ACC8B19D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:09:24.0869 2632 btwaudio - ok
18:09:24.0875 2632 [ A11905D0F4BD34771F195217B6AA5AE0 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:09:24.0877 2632 btwavdt - ok
18:09:24.0897 2632 [ 3930E53EE0BED9DFF9AFA09F505D0CAE ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:09:24.0905 2632 btwdins - ok
18:09:24.0911 2632 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:09:24.0912 2632 btwl2cap - ok
18:09:24.0917 2632 [ BD776F32D64EC615BE4563DC2747224E ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:09:24.0918 2632 btwrchid - ok
18:09:24.0924 2632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:09:24.0926 2632 cdfs - ok
18:09:24.0933 2632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:09:24.0934 2632 cdrom - ok
18:09:24.0941 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:09:24.0943 2632 CertPropSvc - ok
18:09:24.0948 2632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:09:24.0949 2632 circlass - ok
18:09:24.0959 2632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:09:24.0963 2632 CLFS - ok
18:09:24.0974 2632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:09:24.0975 2632 clr_optimization_v2.0.50727_32 - ok
18:09:24.0984 2632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:09:24.0986 2632 clr_optimization_v2.0.50727_64 - ok
18:09:24.0997 2632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:09:24.0999 2632 clr_optimization_v4.0.30319_32 - ok
18:09:25.0010 2632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:09:25.0012 2632 clr_optimization_v4.0.30319_64 - ok
18:09:25.0018 2632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:09:25.0018 2632 CmBatt - ok
18:09:25.0023 2632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:09:25.0024 2632 cmdide - ok
18:09:25.0036 2632 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
18:09:25.0040 2632 CNG - ok
18:09:25.0046 2632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:09:25.0047 2632 Compbatt - ok
18:09:25.0052 2632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:09:25.0053 2632 CompositeBus - ok
18:09:25.0058 2632 COMSysApp - ok
18:09:25.0066 2632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:09:25.0067 2632 crcdisk - ok
18:09:25.0076 2632 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:09:25.0078 2632 CryptSvc - ok
18:09:25.0092 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:09:25.0101 2632 DcomLaunch - ok
18:09:25.0110 2632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:09:25.0113 2632 defragsvc - ok
18:09:25.0119 2632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:09:25.0121 2632 DfsC - ok
18:09:25.0130 2632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:09:25.0134 2632 Dhcp - ok
18:09:25.0139 2632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:09:25.0140 2632 discache - ok
18:09:25.0147 2632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:09:25.0148 2632 Disk - ok
18:09:25.0155 2632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:09:25.0158 2632 Dnscache - ok
18:09:25.0166 2632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:09:25.0170 2632 dot3svc - ok
18:09:25.0177 2632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:09:25.0180 2632 DPS - ok
18:09:25.0185 2632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:09:25.0186 2632 drmkaud - ok
18:09:25.0196 2632 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:09:25.0199 2632 DsiWMIService - ok
18:09:25.0218 2632 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:09:25.0226 2632 DXGKrnl - ok
18:09:25.0233 2632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:09:25.0235 2632 EapHost - ok
18:09:25.0284 2632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:09:25.0312 2632 ebdrv - ok
18:09:25.0319 2632 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
18:09:25.0322 2632 EFS - ok
18:09:25.0337 2632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:09:25.0343 2632 ehRecvr - ok
18:09:25.0350 2632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:09:25.0351 2632 ehSched - ok
18:09:25.0363 2632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:09:25.0368 2632 elxstor - ok
18:09:25.0384 2632 [ A04DF13F40022550381A48E4E4587A67 ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
18:09:25.0392 2632 ePowerSvc - ok
18:09:25.0401 2632 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
18:09:25.0402 2632 EPSON_EB_RPCV4_01 - ok
18:09:25.0408 2632 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
18:09:25.0409 2632 EPSON_PM_RPCV4_01 - ok
18:09:25.0414 2632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:09:25.0415 2632 ErrDev - ok
18:09:25.0431 2632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:09:25.0436 2632 EventSystem - ok
18:09:25.0445 2632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:09:25.0447 2632 exfat - ok
18:09:25.0454 2632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:09:25.0456 2632 fastfat - ok
18:09:25.0471 2632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:09:25.0479 2632 Fax - ok
18:09:25.0484 2632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:09:25.0485 2632 fdc - ok
18:09:25.0490 2632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:09:25.0492 2632 fdPHost - ok
18:09:25.0497 2632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:09:25.0499 2632 FDResPub - ok
18:09:25.0505 2632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:09:25.0506 2632 FileInfo - ok
18:09:25.0512 2632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:09:25.0513 2632 Filetrace - ok
18:09:25.0517 2632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:09:25.0518 2632 flpydisk - ok
18:09:25.0527 2632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:09:25.0530 2632 FltMgr - ok
18:09:25.0551 2632 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:09:25.0562 2632 FontCache - ok
18:09:25.0568 2632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:09:25.0569 2632 FontCache3.0.0.0 - ok
18:09:25.0575 2632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:09:25.0576 2632 FsDepends - ok
18:09:25.0586 2632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:09:25.0587 2632 Fs_Rec - ok
18:09:25.0595 2632 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:09:25.0597 2632 fvevol - ok
18:09:25.0603 2632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:09:25.0604 2632 gagp30kx - ok
18:09:25.0620 2632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:09:25.0628 2632 gpsvc - ok
18:09:25.0634 2632 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:09:25.0634 2632 GREGService - ok
18:09:25.0640 2632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:09:25.0641 2632 hcw85cir - ok
18:09:25.0651 2632 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:09:25.0654 2632 HdAudAddService - ok
18:09:25.0661 2632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:09:25.0662 2632 HDAudBus - ok
18:09:25.0668 2632 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:09:25.0669 2632 HECIx64 - ok
18:09:25.0675 2632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:09:25.0676 2632 HidBatt - ok
18:09:25.0682 2632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:09:25.0683 2632 HidBth - ok
18:09:25.0689 2632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:09:25.0690 2632 HidIr - ok
18:09:25.0696 2632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:09:25.0698 2632 hidserv - ok
18:09:25.0704 2632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:09:25.0705 2632 HidUsb - ok
18:09:25.0711 2632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:09:25.0714 2632 hkmsvc - ok
18:09:25.0722 2632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:09:25.0727 2632 HomeGroupListener - ok
18:09:25.0735 2632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:09:25.0740 2632 HomeGroupProvider - ok
18:09:25.0746 2632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:09:25.0747 2632 HpSAMD - ok
18:09:25.0761 2632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:09:25.0768 2632 HTTP - ok
18:09:25.0773 2632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:09:25.0774 2632 hwpolicy - ok
18:09:25.0781 2632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:09:25.0782 2632 i8042prt - ok
18:09:25.0794 2632 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:09:25.0798 2632 iaStor - ok
18:09:25.0805 2632 [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:09:25.0805 2632 IAStorDataMgrSvc - ok
18:09:25.0817 2632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:09:25.0821 2632 iaStorV - ok
18:09:25.0828 2632 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:09:25.0829 2632 IDriverT - ok
18:09:25.0846 2632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:09:25.0852 2632 idsvc - ok
18:09:25.0858 2632 IEEtwCollectorService - ok
18:09:25.0864 2632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:09:25.0865 2632 iirsp - ok
18:09:25.0882 2632 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
18:09:25.0891 2632 IKEEXT - ok
18:09:25.0898 2632 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
18:09:25.0900 2632 Impcd - ok
18:09:25.0938 2632 [ A0EAB13A78CC5FB960EC76E3D6408DA3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:09:25.0958 2632 IntcAzAudAddService - ok
18:09:25.0965 2632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:09:25.0966 2632 intelide - ok
18:09:26.0080 2632 [ 8E509DE232CFA4F8A5B34F01802F500E ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
18:09:26.0148 2632 intelkmd - ok
18:09:26.0158 2632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:09:26.0159 2632 intelppm - ok
18:09:26.0165 2632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:09:26.0168 2632 IPBusEnum - ok
18:09:26.0175 2632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:09:26.0176 2632 IpFilterDriver - ok
18:09:26.0188 2632 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:09:26.0195 2632 iphlpsvc - ok
18:09:26.0202 2632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:09:26.0203 2632 IPMIDRV - ok
18:09:26.0209 2632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:09:26.0211 2632 IPNAT - ok
18:09:26.0216 2632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:09:26.0217 2632 IRENUM - ok
18:09:26.0222 2632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:09:26.0223 2632 isapnp - ok
18:09:26.0232 2632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:09:26.0235 2632 iScsiPrt - ok
18:09:26.0240 2632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:09:26.0241 2632 kbdclass - ok
18:09:26.0247 2632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:09:26.0248 2632 kbdhid - ok
18:09:26.0252 2632 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
18:09:26.0255 2632 KeyIso - ok
18:09:26.0262 2632 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:09:26.0263 2632 KSecDD - ok
18:09:26.0270 2632 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:09:26.0272 2632 KSecPkg - ok
18:09:26.0278 2632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:09:26.0279 2632 ksthunk - ok
18:09:26.0289 2632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:09:26.0295 2632 KtmRm - ok
18:09:26.0301 2632 [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
18:09:26.0302 2632 L1C - ok
18:09:26.0310 2632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:09:26.0317 2632 LanmanServer - ok
18:09:26.0323 2632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:09:26.0329 2632 LanmanWorkstation - ok
18:09:26.0337 2632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:09:26.0338 2632 lltdio - ok
18:09:26.0347 2632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:09:26.0352 2632 lltdsvc - ok
18:09:26.0358 2632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:09:26.0361 2632 lmhosts - ok
18:09:26.0368 2632 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:09:26.0371 2632 LMS - ok
18:09:26.0380 2632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:09:26.0382 2632 LSI_FC - ok
18:09:26.0388 2632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:09:26.0389 2632 LSI_SAS - ok
18:09:26.0396 2632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:09:26.0397 2632 LSI_SAS2 - ok
18:09:26.0403 2632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:09:26.0405 2632 LSI_SCSI - ok
18:09:26.0412 2632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:09:26.0413 2632 luafv - ok
18:09:26.0419 2632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:09:26.0423 2632 Mcx2Svc - ok
18:09:26.0428 2632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:09:26.0429 2632 megasas - ok
18:09:26.0437 2632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:09:26.0440 2632 MegaSR - ok
18:09:26.0452 2632 Microsoft SharePoint Workspace Audit Service - ok
18:09:26.0458 2632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:09:26.0462 2632 MMCSS - ok
18:09:26.0467 2632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:09:26.0468 2632 Modem - ok
18:09:26.0473 2632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:09:26.0475 2632 monitor - ok
18:09:26.0480 2632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:09:26.0481 2632 mouclass - ok
18:09:26.0486 2632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:09:26.0487 2632 mouhid - ok
18:09:26.0494 2632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:09:26.0495 2632 mountmgr - ok
18:09:26.0501 2632 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:09:26.0502 2632 MozillaMaintenance - ok
18:09:26.0510 2632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:09:26.0512 2632 mpio - ok
18:09:26.0517 2632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:09:26.0519 2632 mpsdrv - ok
18:09:26.0535 2632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:09:26.0545 2632 MpsSvc - ok
18:09:26.0552 2632 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:09:26.0554 2632 MRxDAV - ok
18:09:26.0561 2632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:09:26.0563 2632 mrxsmb - ok
18:09:26.0573 2632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:09:26.0576 2632 mrxsmb10 - ok
18:09:26.0583 2632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:09:26.0585 2632 mrxsmb20 - ok
18:09:26.0591 2632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:09:26.0592 2632 msahci - ok
18:09:26.0599 2632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:09:26.0600 2632 msdsm - ok
18:09:26.0608 2632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:09:26.0613 2632 MSDTC - ok
18:09:26.0622 2632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:09:26.0624 2632 Msfs - ok
18:09:26.0629 2632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:09:26.0631 2632 mshidkmdf - ok
18:09:26.0636 2632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:09:26.0637 2632 msisadrv - ok
18:09:26.0644 2632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:09:26.0647 2632 MSiSCSI - ok
18:09:26.0655 2632 msiserver - ok
18:09:26.0662 2632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:09:26.0663 2632 MSKSSRV - ok
18:09:26.0669 2632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:09:26.0670 2632 MSPCLOCK - ok
18:09:26.0675 2632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:09:26.0676 2632 MSPQM - ok
18:09:26.0686 2632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:09:26.0690 2632 MsRPC - ok
18:09:26.0698 2632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:09:26.0699 2632 mssmbios - ok
18:09:26.0704 2632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:09:26.0705 2632 MSTEE - ok
18:09:26.0710 2632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:09:26.0711 2632 MTConfig - ok
18:09:26.0717 2632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:09:26.0718 2632 Mup - ok
18:09:26.0724 2632 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:09:26.0725 2632 mwlPSDFilter - ok
18:09:26.0730 2632 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:09:26.0732 2632 mwlPSDNServ - ok
18:09:26.0737 2632 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:09:26.0739 2632 mwlPSDVDisk - ok
18:09:26.0749 2632 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
18:09:26.0752 2632 MWLService - ok
18:09:26.0764 2632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:09:26.0771 2632 napagent - ok
18:09:26.0780 2632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:09:26.0783 2632 NativeWifiP - ok
18:09:26.0801 2632 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:09:26.0809 2632 NDIS - ok
18:09:26.0815 2632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:09:26.0816 2632 NdisCap - ok
18:09:26.0821 2632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:09:26.0823 2632 NdisTapi - ok
18:09:26.0829 2632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:09:26.0831 2632 Ndisuio - ok
18:09:26.0839 2632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:09:26.0841 2632 NdisWan - ok
18:09:26.0847 2632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:09:26.0848 2632 NDProxy - ok
18:09:26.0854 2632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:09:26.0855 2632 NetBIOS - ok
18:09:26.0863 2632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:09:26.0866 2632 NetBT - ok
18:09:26.0871 2632 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
18:09:26.0874 2632 Netlogon - ok
18:09:26.0884 2632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:09:26.0890 2632 Netman - ok
18:09:26.0902 2632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:09:26.0909 2632 netprofm - ok
18:09:26.0915 2632 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:09:26.0916 2632 NetTcpPortSharing - ok
18:09:27.0021 2632 [ 24F64343F14A119308456E1CA7507B26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
18:09:27.0083 2632 NETw5s64 - ok
18:09:27.0092 2632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:09:27.0094 2632 nfrd960 - ok
18:09:27.0102 2632 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:09:27.0108 2632 NlaSvc - ok
18:09:27.0114 2632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:09:27.0115 2632 Npfs - ok
18:09:27.0120 2632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:09:27.0124 2632 nsi - ok
18:09:27.0129 2632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:09:27.0130 2632 nsiproxy - ok
18:09:27.0159 2632 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:09:27.0174 2632 Ntfs - ok
18:09:27.0184 2632 [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
18:09:27.0186 2632 NTI IScheduleSvc - ok
18:09:27.0200 2632 [ 15221DD637D9D0FFC60848EBBF1DF538 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
18:09:27.0201 2632 NTIBackupSvc - ok
18:09:27.0206 2632 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
18:09:27.0207 2632 NTIDrvr - ok
18:09:27.0214 2632 [ B5071E15D4C3F5EF5018AFF7E85A85E5 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
18:09:27.0216 2632 NTISchedulerSvc - ok
18:09:27.0221 2632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:09:27.0222 2632 Null - ok
18:09:27.0228 2632 [ 4CB891301E4339F8652A0ED6B1B50EF7 ] NvnUsbAudio C:\Windows\system32\DRIVERS\nvnusbaudio.sys
18:09:27.0230 2632 NvnUsbAudio - ok
18:09:27.0237 2632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:09:27.0239 2632 nvraid - ok
18:09:27.0247 2632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:09:27.0249 2632 nvstor - ok
18:09:27.0255 2632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:09:27.0257 2632 nv_agp - ok
18:09:27.0265 2632 [ 98E93E60A195C6621EDAB4A96C224A0F ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
18:09:27.0266 2632 ODDPwrSvc - ok
18:09:27.0272 2632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:09:27.0274 2632 ohci1394 - ok
18:09:27.0281 2632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:09:27.0282 2632 ose - ok
18:09:27.0352 2632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:09:27.0393 2632 osppsvc - ok
18:09:27.0410 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:09:27.0416 2632 p2pimsvc - ok
18:09:27.0427 2632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:09:27.0434 2632 p2psvc - ok
18:09:27.0440 2632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:09:27.0442 2632 Parport - ok
18:09:27.0450 2632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:09:27.0451 2632 partmgr - ok
18:09:27.0459 2632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:09:27.0464 2632 PcaSvc - ok
18:09:27.0471 2632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:09:27.0474 2632 pci - ok
18:09:27.0480 2632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:09:27.0481 2632 pciide - ok
18:09:27.0488 2632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:09:27.0491 2632 pcmcia - ok
18:09:27.0496 2632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:09:27.0497 2632 pcw - ok
18:09:27.0511 2632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:09:27.0516 2632 PEAUTH - ok
18:09:27.0564 2632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:09:27.0567 2632 PerfHost - ok
18:09:27.0601 2632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:09:27.0616 2632 pla - ok
18:09:27.0629 2632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:09:27.0637 2632 PlugPlay - ok
18:09:27.0643 2632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:09:27.0647 2632 PNRPAutoReg - ok
18:09:27.0656 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:09:27.0663 2632 PNRPsvc - ok
18:09:27.0677 2632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:09:27.0683 2632 PolicyAgent - ok
18:09:27.0692 2632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:09:27.0698 2632 Power - ok
18:09:27.0704 2632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:09:27.0706 2632 PptpMiniport - ok
18:09:27.0712 2632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:09:27.0714 2632 Processor - ok
18:09:27.0721 2632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:09:27.0727 2632 ProfSvc - ok
18:09:27.0732 2632 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
18:09:27.0735 2632 ProtectedStorage - ok
18:09:27.0742 2632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:09:27.0744 2632 Psched - ok
18:09:27.0769 2632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:09:27.0781 2632 ql2300 - ok
18:09:27.0789 2632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:09:27.0791 2632 ql40xx - ok
18:09:27.0799 2632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:09:27.0804 2632 QWAVE - ok
18:09:27.0810 2632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:09:27.0811 2632 QWAVEdrv - ok
18:09:27.0816 2632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:09:27.0817 2632 RasAcd - ok
18:09:27.0823 2632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:09:27.0825 2632 RasAgileVpn - ok
18:09:27.0831 2632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:09:27.0836 2632 RasAuto - ok
18:09:27.0843 2632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:09:27.0845 2632 Rasl2tp - ok
18:09:27.0854 2632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:09:27.0861 2632 RasMan - ok
18:09:27.0867 2632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:09:27.0869 2632 RasPppoe - ok
18:09:27.0875 2632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:09:27.0877 2632 RasSstp - ok
18:09:27.0886 2632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:09:27.0889 2632 rdbss - ok
18:09:27.0894 2632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:09:27.0895 2632 rdpbus - ok
18:09:27.0900 2632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:09:27.0901 2632 RDPCDD - ok
18:09:27.0909 2632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:09:27.0910 2632 RDPENCDD - ok
18:09:27.0917 2632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:09:27.0918 2632 RDPREFMP - ok
18:09:27.0928 2632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:09:27.0930 2632 RDPWD - ok
18:09:27.0938 2632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:09:27.0941 2632 rdyboost - ok
18:09:27.0947 2632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:09:27.0951 2632 RemoteAccess - ok
18:09:27.0958 2632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:09:27.0963 2632 RemoteRegistry - ok
18:09:27.0969 2632 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:09:27.0971 2632 RFCOMM - ok
18:09:27.0980 2632 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
18:09:27.0982 2632 RichVideo - ok
18:09:27.0988 2632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:09:27.0993 2632 RpcEptMapper - ok
18:09:27.0998 2632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:09:28.0001 2632 RpcLocator - ok
18:09:28.0012 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:09:28.0020 2632 RpcSs - ok
18:09:28.0027 2632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:09:28.0028 2632 rspndr - ok
18:09:28.0036 2632 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
18:09:28.0039 2632 RS_Service - ok
18:09:28.0046 2632 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
18:09:28.0049 2632 SamSs - ok
18:09:28.0055 2632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:09:28.0056 2632 sbp2port - ok
18:09:28.0064 2632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:09:28.0070 2632 SCardSvr - ok
18:09:28.0076 2632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:09:28.0077 2632 scfilter - ok
18:09:28.0096 2632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:09:28.0110 2632 Schedule - ok
18:09:28.0116 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:09:28.0118 2632 SCPolicySvc - ok
18:09:28.0126 2632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:09:28.0131 2632 SDRSVC - ok
18:09:28.0137 2632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:09:28.0138 2632 secdrv - ok
18:09:28.0143 2632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:09:28.0147 2632 seclogon - ok
18:09:28.0153 2632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:09:28.0157 2632 SENS - ok
18:09:28.0163 2632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:09:28.0167 2632 SensrSvc - ok
18:09:28.0172 2632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:09:28.0173 2632 Serenum - ok
18:09:28.0179 2632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:09:28.0181 2632 Serial - ok
18:09:28.0186 2632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:09:28.0187 2632 sermouse - ok
18:09:28.0201 2632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:09:28.0206 2632 SessionEnv - ok
18:09:28.0211 2632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:09:28.0212 2632 sffdisk - ok
18:09:28.0217 2632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:09:28.0218 2632 sffp_mmc - ok
18:09:28.0223 2632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:09:28.0224 2632 sffp_sd - ok
18:09:28.0229 2632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:09:28.0231 2632 sfloppy - ok
18:09:28.0240 2632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:09:28.0245 2632 SharedAccess - ok
18:09:28.0255 2632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:09:28.0263 2632 ShellHWDetection - ok
18:09:28.0268 2632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:09:28.0270 2632 SiSRaid2 - ok
18:09:28.0276 2632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:09:28.0278 2632 SiSRaid4 - ok
18:09:28.0285 2632 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:09:28.0287 2632 SkypeUpdate - ok
18:09:28.0294 2632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:09:28.0295 2632 Smb - ok
18:09:28.0309 2632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:09:28.0314 2632 SNMPTRAP - ok
18:09:28.0319 2632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:09:28.0320 2632 spldr - ok
18:09:28.0333 2632 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:09:28.0342 2632 Spooler - ok
18:09:28.0394 2632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:09:28.0426 2632 sppsvc - ok
18:09:28.0434 2632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:09:28.0439 2632 sppuinotify - ok
18:09:28.0451 2632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:09:28.0455 2632 srv - ok
18:09:28.0467 2632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:09:28.0471 2632 srv2 - ok
18:09:28.0478 2632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:09:28.0481 2632 srvnet - ok
18:09:28.0488 2632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:09:28.0495 2632 SSDPSRV - ok
18:09:28.0500 2632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:09:28.0505 2632 SstpSvc - ok
18:09:28.0511 2632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:09:28.0512 2632 stexstor - ok
18:09:28.0525 2632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:09:28.0534 2632 stisvc - ok
18:09:28.0539 2632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:09:28.0541 2632 swenum - ok
18:09:28.0553 2632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:09:28.0562 2632 swprv - ok
18:09:28.0572 2632 [ ED6D1424E5B0C21A57B28DD8508D6843 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:09:28.0575 2632 SynTP - ok
18:09:28.0604 2632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:09:28.0621 2632 SysMain - ok
18:09:28.0629 2632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:09:28.0634 2632 TabletInputService - ok
18:09:28.0643 2632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:09:28.0650 2632 TapiSrv - ok
18:09:28.0658 2632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:09:28.0663 2632 TBS - ok
18:09:28.0693 2632 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:09:28.0709 2632 Tcpip - ok
18:09:28.0741 2632 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:09:28.0756 2632 TCPIP6 - ok
18:09:28.0765 2632 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:09:28.0767 2632 tcpipreg - ok
18:09:28.0775 2632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:09:28.0776 2632 TDPIPE - ok
18:09:28.0781 2632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:09:28.0782 2632 TDTCP - ok
18:09:28.0789 2632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:09:28.0791 2632 tdx - ok
18:09:28.0796 2632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:09:28.0798 2632 TermDD - ok
18:09:28.0811 2632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:09:28.0821 2632 TermService - ok
18:09:28.0829 2632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:09:28.0834 2632 Themes - ok
18:09:28.0840 2632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:09:28.0844 2632 THREADORDER - ok
18:09:28.0850 2632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:09:28.0856 2632 TrkWks - ok
18:09:28.0864 2632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:09:28.0866 2632 TrustedInstaller - ok
18:09:28.0874 2632 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:09:28.0875 2632 tssecsrv - ok
18:09:28.0881 2632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:09:28.0882 2632 TsUsbFlt - ok
18:09:28.0888 2632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:09:28.0890 2632 tunnel - ok
18:09:28.0896 2632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:09:28.0898 2632 uagp35 - ok
18:09:28.0902 2632 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
18:09:28.0903 2632 UBHelper - ok
18:09:28.0913 2632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:09:28.0916 2632 udfs - ok
18:09:28.0926 2632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:09:28.0932 2632 UI0Detect - ok
18:09:28.0937 2632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:09:28.0938 2632 uliagpkx - ok
18:09:28.0944 2632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:09:28.0945 2632 umbus - ok
18:09:28.0950 2632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:09:28.0951 2632 UmPass - ok
18:09:28.0988 2632 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:09:29.0006 2632 UNS - ok
18:09:29.0016 2632 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:09:29.0018 2632 Updater Service - ok
18:09:29.0028 2632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:09:29.0035 2632 upnphost - ok
18:09:29.0043 2632 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:09:29.0045 2632 usbccgp - ok
18:09:29.0051 2632 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:09:29.0052 2632 usbcir - ok
18:09:29.0058 2632 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:09:29.0059 2632 usbehci - ok
18:09:29.0069 2632 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:09:29.0073 2632 usbhub - ok
18:09:29.0079 2632 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:09:29.0080 2632 usbohci - ok
18:09:29.0086 2632 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:09:29.0087 2632 usbprint - ok
18:09:29.0093 2632 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:09:29.0095 2632 USBSTOR - ok
18:09:29.0100 2632 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:09:29.0102 2632 usbuhci - ok
18:09:29.0109 2632 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:09:29.0112 2632 usbvideo - ok
18:09:29.0117 2632 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:09:29.0122 2632 UxSms - ok
18:09:29.0128 2632 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
18:09:29.0131 2632 VaultSvc - ok
18:09:29.0136 2632 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:09:29.0137 2632 vdrvroot - ok
18:09:29.0149 2632 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:09:29.0159 2632 vds - ok
18:09:29.0164 2632 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:09:29.0165 2632 vga - ok
18:09:29.0170 2632 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:09:29.0172 2632 VgaSave - ok
18:09:29.0180 2632 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:09:29.0182 2632 vhdmp - ok
18:09:29.0187 2632 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:09:29.0189 2632 viaide - ok
18:09:29.0195 2632 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:09:29.0196 2632 volmgr - ok
18:09:29.0206 2632 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:09:29.0210 2632 volmgrx - ok
18:09:29.0219 2632 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:09:29.0223 2632 volsnap - ok
18:09:29.0236 2632 [ 80E63B86C40C5E067475DC98F845A6DD ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:09:29.0241 2632 vpnagent - ok
18:09:29.0247 2632 [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys
18:09:29.0248 2632 vpnva - ok
18:09:29.0255 2632 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:09:29.0257 2632 vsmraid - ok
18:09:29.0283 2632 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:09:29.0300 2632 VSS - ok
18:09:29.0306 2632 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:09:29.0308 2632 vwifibus - ok
18:09:29.0313 2632 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:09:29.0315 2632 vwififlt - ok
18:09:29.0321 2632 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:09:29.0322 2632 vwifimp - ok
18:09:29.0333 2632 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:09:29.0341 2632 W32Time - ok
18:09:29.0348 2632 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:09:29.0350 2632 WacomPen - ok
18:09:29.0356 2632 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:09:29.0358 2632 WANARP - ok
18:09:29.0363 2632 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:09:29.0364 2632 Wanarpv6 - ok
18:09:29.0388 2632 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:09:29.0405 2632 wbengine - ok
18:09:29.0414 2632 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:09:29.0420 2632 WbioSrvc - ok
18:09:29.0430 2632 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:09:29.0438 2632 wcncsvc - ok
18:09:29.0444 2632 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:09:29.0449 2632 WcsPlugInService - ok
18:09:29.0454 2632 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:09:29.0456 2632 Wd - ok
18:09:29.0471 2632 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:09:29.0479 2632 Wdf01000 - ok
18:09:29.0485 2632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:09:29.0490 2632 WdiServiceHost - ok
18:09:29.0495 2632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:09:29.0501 2632 WdiSystemHost - ok
18:09:29.0509 2632 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
18:09:29.0516 2632 WebClient - ok
18:09:29.0524 2632 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:09:29.0531 2632 Wecsvc - ok
18:09:29.0536 2632 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:09:29.0542 2632 wercplsupport - ok
18:09:29.0548 2632 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:09:29.0554 2632 WerSvc - ok
18:09:29.0559 2632 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:09:29.0561 2632 WfpLwf - ok
18:09:29.0565 2632 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:09:29.0567 2632 WIMMount - ok
18:09:29.0571 2632 WinDefend - ok
18:09:29.0579 2632 WinHttpAutoProxySvc - ok
18:09:29.0599 2632 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:09:29.0602 2632 Winmgmt - ok
18:09:29.0634 2632 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:09:29.0654 2632 WinRM - ok
18:09:29.0677 2632 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:09:29.0689 2632 Wlansvc - ok
18:09:29.0695 2632 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:09:29.0697 2632 WmiAcpi - ok
18:09:29.0707 2632 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:09:29.0710 2632 wmiApSrv - ok
18:09:29.0715 2632 WMPNetworkSvc - ok
18:09:29.0722 2632 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:09:29.0728 2632 WPCSvc - ok
18:09:29.0734 2632 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:09:29.0740 2632 WPDBusEnum - ok
18:09:29.0745 2632 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:09:29.0747 2632 ws2ifsl - ok
18:09:29.0753 2632 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:09:29.0759 2632 wscsvc - ok
18:09:29.0763 2632 WSearch - ok
18:09:29.0804 2632 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:09:29.0829 2632 wuauserv - ok
18:09:29.0837 2632 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:09:29.0839 2632 WudfPf - ok
18:09:29.0847 2632 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:29.0850 2632 WUDFRd - ok
18:09:29.0856 2632 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:09:29.0862 2632 wudfsvc - ok
18:09:29.0869 2632 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:09:29.0877 2632 WwanSvc - ok
18:09:29.0893 2632 ================ Scan global ===============================
18:09:29.0897 2632 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:09:29.0904 2632 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:09:29.0917 2632 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:09:29.0927 2632 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:09:29.0940 2632 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:09:29.0947 2632 [Global] - ok
18:09:29.0947 2632 ================ Scan MBR ==================================
18:09:29.0951 2632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:09:30.0094 2632 \Device\Harddisk0\DR0 - ok
18:09:30.0096 2632 ================ Scan VBR ==================================
18:09:30.0098 2632 [ 41C6E48B8B9DBB37F611F410F644A0DD ] \Device\Harddisk0\DR0\Partition1
18:09:30.0101 2632 \Device\Harddisk0\DR0\Partition1 - ok
18:09:30.0105 2632 [ 740C788B8B5705030DA5FD81DFD2D0FF ] \Device\Harddisk0\DR0\Partition2
18:09:30.0106 2632 \Device\Harddisk0\DR0\Partition2 - ok
18:09:30.0107 2632 ============================================================
18:09:30.0107 2632 Scan finished
18:09:30.0107 2632 ============================================================
18:09:30.0117 0396 Detected object count: 0
18:09:30.0118 0396 Actual detected object count: 0
18:09:33.0083 5568 Deinitialize success
|
|
08.02.2014, 13:22
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.02.2014, 15:35
| #5 |
| | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Hi, hier die logflie: Code:
ATTFilter ComboFix 14-02-05.02 - chris 08.02.2014 14:46:08.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3767.1933 [GMT 1:00]
ausgeführt von:: c:\users\chris\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\chris\AppData\Local\assembly\tmp
c:\users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\{04E41A04-985E-4319-8FB8-0D582D8A7B1D}.xps
c:\users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\{084D0D3A-D537-4305-9F01-6E5F6364F399}.xps
c:\users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\{33AC18EA-D0EE-4A66-902F-BFD2F8649DD4}.xps
c:\users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\{5459B33E-A5EE-4B74-AB45-3E08814CD0ED}.xps
c:\users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\{55B56076-4402-442E-B7DF-7FBD746459A3}.xps
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-01-08 bis 2014-02-08 ))))))))))))))))))))))))))))))
.
.
2014-02-08 14:29 . 2014-02-08 14:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-07 16:59 . 2014-02-07 16:59 -------- d-----w- c:\users\chris\AppData\Local\WinZip
2014-02-07 16:59 . 2014-02-07 16:59 -------- d-----w- c:\programdata\WinZip
2014-02-07 16:59 . 2014-02-07 16:59 -------- d-----w- c:\program files\WinZip
2014-02-07 16:52 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32C78CF4-7AF1-4089-A7F6-91CBCA89E473}\mpengine.dll
2014-02-06 19:44 . 2014-02-06 19:48 -------- d-----w- C:\FRST
2014-01-16 07:12 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-16 07:12 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-16 07:12 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-16 07:12 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-16 07:12 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-16 07:12 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-16 07:12 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-16 07:12 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-16 07:12 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 19:34 . 2014-01-19 11:32 -------- d-----w- c:\users\chris\AppData\Local\.elfohilfe
2014-01-15 17:38 . 2014-01-15 17:38 -------- d-----w- c:\program files\Common Files\Propellerhead Software
2014-01-12 12:32 . 2014-01-12 12:32 -------- d-----w- c:\users\chris\AppData\Roaming\elsterformular
2014-01-12 12:32 . 2014-01-12 12:32 -------- d-----w- c:\programdata\elsterformular
2014-01-12 12:32 . 2014-01-15 18:56 -------- d-----w- c:\program files (x86)\ElsterFormular
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 08:06 . 2013-05-12 14:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 08:06 . 2013-05-12 14:42 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-16 07:19 . 2013-05-12 15:26 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-07 18:00 . 2014-01-07 18:00 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-07 18:00 . 2013-05-12 14:09 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-07 18:00 . 2013-05-12 14:09 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-07 18:00 . 2013-05-12 14:09 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-07 18:00 . 2013-05-12 14:09 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-07 18:00 . 2013-05-12 14:09 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-07 18:00 . 2013-05-12 14:09 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 05:13 . 2013-05-12 13:18 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-15 09:42 . 2013-12-15 09:42 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-15 09:42 . 2013-12-15 09:42 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-15 09:42 . 2013-12-15 09:42 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-15 09:42 . 2013-12-15 09:42 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-15 09:42 . 2013-12-15 09:42 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-15 09:42 . 2013-12-15 09:42 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-15 09:42 . 2013-12-15 09:42 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-15 09:42 . 2013-12-15 09:42 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-15 09:42 . 2013-12-15 09:42 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-15 09:42 . 2013-12-15 09:42 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-15 09:42 . 2013-12-15 09:42 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-15 09:42 . 2013-12-15 09:42 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-15 09:42 . 2013-12-15 09:42 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-15 09:42 . 2013-12-15 09:42 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-15 09:42 . 2013-12-15 09:42 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-15 09:42 . 2013-12-15 09:42 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-15 09:42 . 2013-12-15 09:42 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-15 09:42 . 2013-12-15 09:42 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-15 09:42 . 2013-12-15 09:42 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-15 09:42 . 2013-12-15 09:42 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-15 09:42 . 2013-12-15 09:42 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-15 09:42 . 2013-12-15 09:42 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-15 09:42 . 2013-12-15 09:42 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-15 09:42 . 2013-12-15 09:42 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-15 09:42 . 2013-12-15 09:42 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-15 09:42 . 2013-12-15 09:42 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-15 09:42 . 2013-12-15 09:42 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-15 09:42 . 2013-12-15 09:42 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-15 09:42 . 2013-12-15 09:42 413696 ----a-w- c:\windows\system32\html.iec
2013-12-15 09:42 . 2013-12-15 09:42 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-15 09:42 . 2013-12-15 09:42 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-15 09:42 . 2013-12-15 09:42 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-15 09:42 . 2013-12-15 09:42 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-15 09:42 . 2013-12-15 09:42 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-15 09:42 . 2013-12-15 09:42 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-15 09:42 . 2013-12-15 09:42 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-15 09:42 . 2013-12-15 09:42 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-15 09:42 . 2013-12-15 09:42 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-15 09:42 . 2013-12-15 09:42 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-15 09:42 . 2013-12-15 09:42 235520 ----a-w- c:\windows\system32\url.dll
2013-12-15 09:42 . 2013-12-15 09:42 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-15 09:42 . 2013-12-15 09:42 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-15 09:42 . 2013-12-15 09:42 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-15 09:42 . 2013-12-15 09:42 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-15 09:42 . 2013-12-15 09:42 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-15 09:42 . 2013-12-15 09:42 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-15 09:42 . 2013-12-15 09:42 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-15 09:42 . 2013-12-15 09:42 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-15 09:42 . 2013-12-15 09:42 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-15 09:42 . 2013-12-15 09:42 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-15 09:42 . 2013-12-15 09:42 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-15 09:42 . 2013-12-15 09:42 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-15 09:42 . 2013-12-15 09:42 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-15 09:42 . 2013-12-15 09:42 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-15 09:42 . 2013-12-15 09:42 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-15 09:42 . 2013-12-15 09:42 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-15 09:42 . 2013-12-15 09:42 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-15 09:42 . 2013-12-15 09:42 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-15 09:42 . 2013-12-15 09:42 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-03 18:12 . 2013-05-12 14:09 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-03 18:12 . 2013-05-12 14:09 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-26 11:54 . 2013-12-15 22:04 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-15 22:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-15 22:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-15 22:04 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-15 22:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-15 22:04 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-15 22:04 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-15 22:04 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-15 22:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-15 22:04 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-15 22:04 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-15 22:04 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-15 22:04 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-15 22:04 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-15 22:03 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-15 22:04 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-15 22:03 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-15 22:04 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-15 22:04 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-15 22:04 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-15 22:04 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-15 22:04 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-15 22:04 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-15 22:04 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 18:08 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 18:08 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 18:08 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 18:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-03 98304]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-03-17 124136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-08-03 685048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-07 3764024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-4-15 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\DRIVERS\nvnusbaudio.sys;c:\windows\SYSNATIVE\DRIVERS\nvnusbaudio.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-12 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-07 18:00 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\chris\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-02-05 222240]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-02 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-02 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-02 410136]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-03-17 496160]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4820tg&r=27360513k306l0453z135t55n1j111
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-02-08 15:32:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-02-08 14:32
.
Vor Suchlauf: 9 Verzeichnis(se), 53.864.136.704 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 54.458.572.800 Bytes frei
.
- - End Of File - - C4FFBAE18AD136A27D9E2903DC1D2589
|
|
09.02.2014, 09:21
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites |
|
09.02.2014, 11:31
| #7 |
| | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Hallo, Danke nochmal für deine beständige Hilfe! Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.09.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 chris :: BLACK-BOX [Administrator] 09.02.2014 10:06:15 mbam-log-2014-02-09 (10-06-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 360267 Laufzeit: 33 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 09/02/2014 um 10:45:50
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : chris - BLACK-BOX
# Gestartet von : C:\Users\chris\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\prefs.js ]
Zeile gelöscht : user_pref("browser.newtabpage.pinned", "[{\"url\":\"hxxps://www.facebook.com/\",\"title\":\"Facebook\"},null,null,{\"url\":\"hxxps://mail.google.com/mail/?shva=1#inbox\",\"title\":\"Posteingang (2.067[...]
-\\ Google Chrome v
[ Datei : C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1322 octets] - [09/02/2014 10:44:28]
AdwCleaner[S0].txt - [1247 octets] - [09/02/2014 10:45:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1307 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by chris on 09.02.2014 at 10:53:25,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\chris\AppData\Roaming\mozilla\firefox\profiles\c8bjml6p.default\minidumps [56 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.02.2014 at 11:03:11,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by chris (administrator) on BLACK-BOX on 09-02-2014 11:11:59
Running from C:\Users\chris\Desktop\board
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Windows\PLFSetI.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [222240 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-17] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-03-17] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-07] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3309182887-1688452900-3303579845-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4820tg&r=27360513k306l0453z135t55n1j111
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-12]
FF Extension: Adblock Plus - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\c8bjml6p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-12]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Docs) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-12]
CHR Extension: (Google Drive) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-12]
CHR Extension: (YouTube) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-12]
CHR Extension: (Google-Suche) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-12]
CHR Extension: (Google Mail) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-12]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-07] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-17] (Acer Incorporated)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-02-05] (Acer Incorporated)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-07] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-07] ()
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [50232 2011-02-16] (Novation DMS Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-09 10:53 - 2014-02-09 10:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-09 10:44 - 2014-02-09 10:45 - 00000000 ____D () C:\AdwCleaner
2014-02-08 15:32 - 2014-02-08 15:32 - 00031678 _____ () C:\ComboFix.txt
2014-02-08 14:44 - 2014-02-08 15:32 - 00000000 ____D () C:\Qoobox
2014-02-08 14:44 - 2014-02-08 15:31 - 00000000 ____D () C:\Windows\erdnt
2014-02-08 14:44 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-08 14:44 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-08 14:44 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-08 14:44 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-08 14:44 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-08 14:44 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-08 14:44 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-08 14:44 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-07 17:59 - 2014-02-07 17:59 - 00002193 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-02-07 17:59 - 2014-02-07 17:59 - 00000000 ____D () C:\Users\chris\AppData\Local\WinZip
2014-02-07 17:59 - 2014-02-07 17:59 - 00000000 ____D () C:\ProgramData\WinZip
2014-02-07 17:59 - 2014-02-07 17:59 - 00000000 ____D () C:\Program Files\WinZip
2014-02-07 17:57 - 2014-02-07 17:58 - 46956032 _____ () C:\Users\chris\Downloads\wz180gev-64(2).msi
2014-02-07 17:55 - 2014-02-07 17:56 - 46956032 _____ () C:\Users\chris\Downloads\wz180gev-64(1).msi
2014-02-06 21:53 - 2014-02-06 21:53 - 566486608 _____ () C:\Windows\MEMORY.DMP
2014-02-06 21:53 - 2014-02-06 21:53 - 00278400 _____ () C:\Windows\Minidump\020614-8845-01.dmp
2014-02-06 21:53 - 2014-02-06 21:53 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 21:09 - 2014-02-09 11:11 - 00000000 ____D () C:\Users\chris\Desktop\board
2014-02-06 20:44 - 2014-02-09 11:11 - 00000000 ____D () C:\FRST
2014-02-06 20:38 - 2014-02-06 20:38 - 00000472 _____ () C:\Users\chris\Desktop\defogger_disable.log
2014-02-06 20:37 - 2014-02-06 20:37 - 00000000 _____ () C:\Users\chris\defogger_reenable
2014-02-03 16:48 - 2014-02-03 16:48 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\chris\Documents\TDSSKiller.exe
2014-02-03 11:21 - 2014-02-03 11:21 - 00204496 _____ (Malwarebytes) C:\Users\chris\Downloads\startuplite-setup-1.07.exe
2014-02-03 11:21 - 2014-02-03 11:21 - 00003150 _____ () C:\Windows\System32\Tasks\{8920A2C2-5AFC-4690-9AF2-EF6BFDCE8C9C}
2014-01-26 20:11 - 2014-01-26 20:11 - 00000000 ____D () C:\Users\chris\Documents\Togeo_Studios-Simple_Synths
2014-01-26 20:08 - 2014-01-26 20:11 - 98454416 _____ () C:\Users\chris\Downloads\Togeo_Studios-Simple_Synths.zip
2014-01-26 19:40 - 2014-01-26 19:40 - 00000000 ____D () C:\Users\chris\Documents\Tom Cosm - Swagger - Ableton Pack
2014-01-17 21:17 - 2014-01-17 21:28 - 79069909 _____ () C:\Users\chris\Downloads\Tom Cosm - Swagger - Ableton Pack.zip
2014-01-16 15:04 - 2014-01-16 15:04 - 18126032 _____ (Adobe Systems Inc.) C:\Users\chris\Downloads\AdobeAIRInstaller.exe
2014-01-16 08:12 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 08:12 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 08:12 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 08:12 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 20:34 - 2014-01-19 12:33 - 00008284 _____ () C:\Users\chris\ESt2013_Biller_Christopher.elfo
2014-01-15 20:34 - 2014-01-19 12:32 - 00000000 ____D () C:\Users\chris\AppData\Local\.elfohilfe
2014-01-15 18:38 - 2014-01-15 18:38 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-01-15 18:36 - 2014-01-15 18:36 - 00000915 _____ () C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Standard.lnk
2014-01-15 18:26 - 2014-01-15 18:32 - 722616436 _____ () C:\Users\chris\Downloads\ableton_live_standard_9.1_64.zip
2014-01-12 19:32 - 2014-01-18 00:36 - 00000000 ___RD () C:\Users\chris\Desktop\CHRIS Project
2014-01-12 13:32 - 2014-01-15 19:56 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-12 13:32 - 2014-01-12 13:32 - 00001237 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\Users\chris\AppData\Roaming\elsterformular
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-12 13:30 - 2014-01-12 13:31 - 69755760 _____ (Landesfinanzdirektion Thüringen) C:\Users\chris\Downloads\ElsterFormular-14.4.20130909p.exe
==================== One Month Modified Files and Folders =======
2014-02-09 11:11 - 2014-02-06 21:09 - 00000000 ____D () C:\Users\chris\Desktop\board
2014-02-09 11:11 - 2014-02-06 20:44 - 00000000 ____D () C:\FRST
2014-02-09 11:06 - 2013-05-12 15:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-09 10:53 - 2014-02-09 10:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-09 10:53 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-09 10:53 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-09 10:50 - 2013-05-12 22:48 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-09 10:50 - 2013-05-12 22:48 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-09 10:50 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-09 10:49 - 2013-05-12 13:00 - 01914693 _____ () C:\Windows\WindowsUpdate.log
2014-02-09 10:46 - 2013-05-12 15:09 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-09 10:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-09 10:46 - 2009-07-14 05:51 - 00089409 _____ () C:\Windows\setupact.log
2014-02-09 10:45 - 2014-02-09 10:44 - 00000000 ____D () C:\AdwCleaner
2014-02-09 01:13 - 2013-05-14 07:52 - 00000000 ____D () C:\Users\chris\AppData\Roaming\Skype
2014-02-08 15:32 - 2014-02-08 15:32 - 00031678 _____ () C:\ComboFix.txt
2014-02-08 15:32 - 2014-02-08 14:44 - 00000000 ____D () C:\Qoobox
2014-02-08 15:31 - 2014-02-08 14:44 - 00000000 ____D () C:\Windows\erdnt
2014-02-08 15:30 - 2013-05-12 12:51 - 00155658 _____ () C:\Windows\PFRO.log
2014-02-08 15:30 - 2009-07-14 03:34 - 79691776 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-02-08 15:30 - 2009-07-14 03:34 - 44302336 _____ () C:\Windows\system32\config\COMPONENTS.bak
2014-02-08 15:30 - 2009-07-14 03:34 - 17039360 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-02-08 15:30 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-02-08 15:30 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-02-08 15:30 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-02-08 15:30 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-07 17:59 - 2014-02-07 17:59 - 00002193 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-02-07 17:59 - 2014-02-07 17:59 - 00000000 ____D () C:\Users\chris\AppData\Local\WinZip
2014-02-07 17:59 - 2014-02-07 17:59 - 00000000 ____D () C:\ProgramData\WinZip
2014-02-07 17:59 - 2014-02-07 17:59 - 00000000 ____D () C:\Program Files\WinZip
2014-02-07 17:58 - 2014-02-07 17:57 - 46956032 _____ () C:\Users\chris\Downloads\wz180gev-64(2).msi
2014-02-07 17:56 - 2014-02-07 17:55 - 46956032 _____ () C:\Users\chris\Downloads\wz180gev-64(1).msi
2014-02-06 21:53 - 2014-02-06 21:53 - 566486608 _____ () C:\Windows\MEMORY.DMP
2014-02-06 21:53 - 2014-02-06 21:53 - 00278400 _____ () C:\Windows\Minidump\020614-8845-01.dmp
2014-02-06 21:53 - 2014-02-06 21:53 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 20:38 - 2014-02-06 20:38 - 00000472 _____ () C:\Users\chris\Desktop\defogger_disable.log
2014-02-06 20:37 - 2014-02-06 20:37 - 00000000 _____ () C:\Users\chris\defogger_reenable
2014-02-06 20:37 - 2013-05-12 13:00 - 00000000 ____D () C:\Users\chris
2014-02-05 09:06 - 2013-05-12 15:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 09:06 - 2013-05-12 15:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 09:06 - 2013-05-12 15:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 09:28 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-03 16:48 - 2014-02-03 16:48 - 04122976 _____ (Kaspersky Lab ZAO) C:\Users\chris\Documents\TDSSKiller.exe
2014-02-03 11:53 - 2013-05-29 11:54 - 00000000 ___RD () C:\Users\chris\Dropbox
2014-02-03 11:53 - 2013-05-29 11:52 - 00000000 ____D () C:\Users\chris\AppData\Roaming\Dropbox
2014-02-03 11:21 - 2014-02-03 11:21 - 00204496 _____ (Malwarebytes) C:\Users\chris\Downloads\startuplite-setup-1.07.exe
2014-02-03 11:21 - 2014-02-03 11:21 - 00003150 _____ () C:\Windows\System32\Tasks\{8920A2C2-5AFC-4690-9AF2-EF6BFDCE8C9C}
2014-02-03 11:17 - 2013-05-14 09:13 - 00000000 ____D () C:\Users\chris\Desktop\applications
2014-01-26 20:58 - 2014-01-05 14:11 - 00000000 ____D () C:\ProgramData\Ableton
2014-01-26 20:11 - 2014-01-26 20:11 - 00000000 ____D () C:\Users\chris\Documents\Togeo_Studios-Simple_Synths
2014-01-26 20:11 - 2014-01-26 20:08 - 98454416 _____ () C:\Users\chris\Downloads\Togeo_Studios-Simple_Synths.zip
2014-01-26 19:40 - 2014-01-26 19:40 - 00000000 ____D () C:\Users\chris\Documents\Tom Cosm - Swagger - Ableton Pack
2014-01-26 16:59 - 2013-05-12 15:54 - 00000000 ____D () C:\Users\chris\AppData\Local\Adobe
2014-01-19 12:33 - 2014-01-15 20:34 - 00008284 _____ () C:\Users\chris\ESt2013_Biller_Christopher.elfo
2014-01-19 12:32 - 2014-01-15 20:34 - 00000000 ____D () C:\Users\chris\AppData\Local\.elfohilfe
2014-01-18 00:36 - 2014-01-12 19:32 - 00000000 ___RD () C:\Users\chris\Desktop\CHRIS Project
2014-01-17 21:28 - 2014-01-17 21:17 - 79069909 _____ () C:\Users\chris\Downloads\Tom Cosm - Swagger - Ableton Pack.zip
2014-01-17 11:20 - 2013-05-29 11:53 - 00000482 _____ () C:\Windows\wininit.ini
2014-01-17 11:19 - 2013-05-29 11:54 - 00001022 _____ () C:\Users\chris\Desktop\Dropbox.lnk
2014-01-17 11:19 - 2013-05-29 11:53 - 00000000 ____D () C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 15:04 - 2014-01-16 15:04 - 18126032 _____ (Adobe Systems Inc.) C:\Users\chris\Downloads\AdobeAIRInstaller.exe
2014-01-16 10:21 - 2009-07-14 05:45 - 00426520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 08:20 - 2013-07-15 22:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 08:19 - 2013-05-12 16:26 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:56 - 2014-01-12 13:32 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-15 18:38 - 2014-01-15 18:38 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-01-15 18:36 - 2014-01-15 18:36 - 00000915 _____ () C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Standard.lnk
2014-01-15 18:32 - 2014-01-15 18:26 - 722616436 _____ () C:\Users\chris\Downloads\ableton_live_standard_9.1_64.zip
2014-01-13 15:03 - 2014-01-05 14:13 - 00000000 ____D () C:\Users\chris\Documents\Ableton
2014-01-12 13:32 - 2014-01-12 13:32 - 00001237 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\Users\chris\AppData\Roaming\elsterformular
2014-01-12 13:32 - 2014-01-12 13:32 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-12 13:31 - 2014-01-12 13:30 - 69755760 _____ (Landesfinanzdirektion Thüringen) C:\Users\chris\Downloads\ElsterFormular-14.4.20130909p.exe
Some content of TEMP:
====================
C:\Users\chris\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 22:01
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-02-2014
Ran by chris at 2014-02-09 11:12:33
Running from C:\Users\chris\Desktop\board
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Ableton Live 9 Standard (Version: 9.0.0.0 - Ableton)
Acer Arcade Deluxe (x32 Version: 4.0.7511 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.0.7511 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6317 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.11.2 - Suyin Optronics Corp)
Acer eRecovery Management (x32 Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (x32 Version: 5.02.3002 - Acer Incorporated)
Acer Registration (x32 Version: 1.03.3002 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0222.2010 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3001 - Acer Incorporated)
Acer VCM (x32 Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.23 - Atheros Communications Inc.)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0303.420.7651 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0303.420.7651 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0303.420.7651 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help English (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help French (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help German (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0303.0419.7651 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0303.420.7651 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0303.420.7651 - ATI) Hidden
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
dBpoweramp Music Converter (x32 Version: Release 14.4 - Illustrate)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Druckerdeinstallation für EPSON Stylus S20 Series (Version: - SEIKO EPSON Corporation)
ElsterFormular (x32 Version: 15.0.13315 - Landesfinanzdirektion Thüringen)
Haali Media Splitter (x32 Version: - )
Identity Card (x32 Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.01.1002 - Intel Corporation)
ITCH for Novation TWITCH (x32 Version: 1.8.2 - Serato Audio Research)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 4.0.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (x32 Version: - MixMeister Technology LLC)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Novation USB Audio Driver 2.1 (Version: 2.1 - Novation DMS Ltd.)
NTI Backup Now 5 (x32 Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Optical Drive Power Management (x32 Version: 1.01.3006 - Acer Incorporated)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (Version: 14.0.6.0 - Synaptics Incorporated)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
Welcome Center (x32 Version: 1.01.3002 - Acer Incorporated)
WIDCOMM Bluetooth Software (Version: 6.3.0.4300 - Broadcom Corporation)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinZip 18.0 (Version: 18.0.10661 - WinZip Computing, S.L. )
==================== Restore Points =========================
24-01-2014 16:46:07 Windows Update
28-01-2014 08:08:35 Windows Update
31-01-2014 09:37:37 Windows Update
04-02-2014 08:32:39 Windows Update
07-02-2014 16:52:33 Windows Update
07-02-2014 16:58:50 WinZip 18.0 wird installiert
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-02-08 15:30 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {379F0879-5EAC-43AF-A108-E01E42F31E86} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-07] (AVAST Software)
Task: {5418912F-BA7F-401D-9F90-42E484195A17} - System32\Tasks\{AF6C7C59-F000-4DA8-9370-341F9B0FB380} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {6E7F5A3B-48F3-4BF8-9636-8C59D004389D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {8BC0E775-D157-4556-954A-ACF2DA4CEA19} - System32\Tasks\{9DBA2934-98EE-4162-85D5-16ECED83BE1A} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {B347F6C3-D00B-4347-A948-B0FCEE8BE4B6} - System32\Tasks\{4AC7A996-9031-4F31-BE4C-4A37655BA2FF} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2010-03-26 10:46 - 2010-03-26 10:46 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-05-12 12:53 - 2013-05-12 12:53 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-08 15:15 - 2014-02-08 10:41 - 02171904 _____ () C:\Program Files\AVAST Software\Avast\defs\14020800\algo.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-04-15 12:03 - 2009-12-24 01:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-04-15 12:47 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-12-03 19:12 - 2013-12-03 19:12 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-03 19:07 - 2014-01-03 19:07 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-05 09:06 - 2014-02-05 09:06 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-02-08 18:59:18.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-08 15:29:16.721
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-08 15:29:16.472
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-06 11:26:07.602
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-05 08:57:51.083
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-01 14:32:02.844
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-30 21:25:13.966
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-30 15:27:44.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-29 20:35:27.861
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-29 20:26:25.446
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 3766.68 MB
Available physical RAM: 2099.48 MB
Total Pagefile: 7531.55 MB
Available Pagefile: 5659.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:135.95 GB) (Free:50.91 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 851CF10E)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Chris |
|
10.02.2014, 09:05
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von WebsitesESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.02.2014, 21:09
| #9 |
| | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites hallo, Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7d96c74e517b554c84554e84f210c368
# engine=17015
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-10 07:59:57
# local_time=2014-02-10 08:59:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 74 2943835 2948384 0 0
# compatibility_mode=5893 16776573 100 94 82069 143692247 0 0
# scanned=160775
# found=0
# cleaned=0
# scan_time=4208
hier noch der scan von security check: Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 12.0.0.43 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (26.0) ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
11.02.2014, 17:49
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.02.2014, 22:45
| #11 |
| | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Hallo Schrauber, Vielen Dank für deine Hilfe, es läuft alles wieder einwandfrei!  Schönen Gruß, Chris |
|
14.02.2014, 17:25
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 wird nach längerer Laufzeit extrem langsam beim Öffnen von Websites |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, blockiert, branding, browser, converter, desktop, device driver, error, excel, fehler, firefox, flash player, home, iexplore.exe, langsam, launch, mozilla, ntdll.dll, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, taskhost.exe, vista, windows, windows 7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
