Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC hängt immer wieder und stürzt im IE und FF ab...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.11.2012, 21:03   #1
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Hallo in die Runde,


nachdem Ihr mir schon so wunderbar beim Säubern meines Laptops geholfen habt, möchte ich Euch gerne nochmal um Hilfe bitten.


Der Laptop meiner Nachbarin hängt sich immer wieder auf... manchmal hilft einfach nur warten (alles zwischen 1 und 20 Minuten), manchmal geht gar nichts mehr. Einen Virus habe ich nicht gefunden, auch sonst bin ich mit meinem Laien-Latein am Ende...

Würdet Ihr bitte mal drüberschauen, ob vielleicht nicht doch irgendwelche Daten drauf sind, die da nicht hingehören (oder aber welche fehlen)?
Ich habe den Laptop jetzt erstmal mitgenommen...
Vielen Dank dafür!


Beste Grüße,
Véronique


defogger meldet nichts

Code:
ATTFilter
OTL logfile created on: 27.11.2012 19:10:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Christa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
765,45 Mb Total Physical Memory | 193,80 Mb Available Physical Memory | 25,32% Memory free
1,76 Gb Paging File | 0,98 Gb Available in Paging File | 55,73% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 11,44 Gb Free Space | 22,53% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.27 19:08:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christa\Downloads\OTL.exe
PRC - [2012.11.10 17:50:24 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.02.07 05:18:02 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2007.02.05 19:48:14 | 000,692,224 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2007.01.25 02:01:34 | 001,362,432 | ---- | M] () -- C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe
PRC - [2007.01.24 21:05:20 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2007.01.05 20:31:20 | 000,049,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2006.11.21 23:12:42 | 000,719,664 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.10.05 21:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.10 17:50:24 | 002,295,264 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2007.02.08 09:13:40 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.01.25 02:01:34 | 001,362,432 | ---- | M] () -- C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe
MOD - [2007.01.15 15:01:38 | 000,122,880 | ---- | M] () -- C:\Windows\System32\spacklsp.dll
MOD - [2006.11.21 23:03:50 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006.11.21 22:43:46 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2006.11.09 01:18:46 | 000,065,536 | ---- | M] () -- C:\Programme\Samsung\EBM\ChkSec.dll
MOD - [2006.09.19 18:52:46 | 000,028,672 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\WinMove.dll
MOD - [2006.08.12 21:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll
MOD - [2006.08.12 21:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll
MOD - [2006.08.12 21:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.11.16 17:13:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.10 17:50:24 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.12.10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010.12.10 18:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007.06.28 18:54:42 | 000,073,728 | ---- | M] () [Auto | Stopped] -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2007.01.17 12:01:54 | 000,212,992 | ---- | M] (T-Systems International GmbH) [On_Demand | Stopped] -- C:\Programme\T-Online\DSL-Manager\TODslSvc.exe -- (TODslService)
SRV - [2006.10.26 23:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.05 21:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VMUVC.sys -- (VMUVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.05 13:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.02.28 19:17:05 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2007.02.08 09:22:28 | 002,315,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007.01.24 04:18:32 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.24 02:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.01.24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.12.20 02:01:00 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.11.28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 08:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006.10.09 13:03:56 | 000,017,152 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006.10.09 12:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2006.05.15 14:35:56 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se27unic.sys -- (se27unic)
DRV - [2006.05.15 14:35:48 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.05.15 14:35:48 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se27nd5.sys -- (se27nd5)
DRV - [2006.05.15 14:35:46 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27mgmt.sys -- (SE27mgmt)
DRV - [2006.05.15 14:35:42 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.05.15 14:35:42 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.05.15 14:35:36 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE27bus.sys -- (SE27bus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://email.t-online.de/kc/index.php?ctl=message_list&p[folder]=INBOX
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
IE - HKCU\..\SearchScopes\{CA680281-B784-4FE0-8DC8-8E5256EC23AF}: "URL" = hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_de&p={searchTerms}
IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://email.t-online.de/index.php?ctl=write_email"
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.16 18:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.10 17:50:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2010.09.09 16:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Extensions
[2012.10.23 17:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions
[2010.09.12 16:27:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.25 17:08:00 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2012.11.10 17:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.16 18:31:22 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.11.10 17:50:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.22 17:08:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.15 16:44:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.22 17:08:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.22 17:08:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.22 17:08:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.22 17:08:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\spacklsp.dll ()
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{082264E5-35B3-4F48-B8BF-CEB85C74F920}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C73B4F7C-7AA5-4121-87EF-C68A412D2C29}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.16 18:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.16 18:32:59 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Local\Google
[2012.11.16 18:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.11.16 18:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.11.16 18:32:49 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.11.16 18:32:49 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.11.16 18:32:44 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.11.16 18:32:43 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.11.16 18:32:39 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.11.16 18:32:34 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.11.16 18:30:58 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.11.16 18:30:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.11.16 18:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.11.16 18:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.11.16 18:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.11.16 17:30:49 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Roaming\Malwarebytes
[2012.11.16 17:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.16 17:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.16 17:29:08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.16 17:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.10 17:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.27 19:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.27 19:03:41 | 000,000,000 | ---- | M] () -- C:\Users\Christa\defogger_reenable
[2012.11.27 18:50:34 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.27 18:50:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.27 18:16:11 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.11.27 17:31:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.27 17:31:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.27 17:30:41 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.27 17:27:26 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.11.25 18:42:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.11.17 18:09:04 | 000,696,598 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.17 18:09:04 | 000,651,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.17 18:09:04 | 000,155,074 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.17 18:09:04 | 000,126,162 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.16 20:09:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.16 18:32:50 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.16 18:32:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.11.16 18:17:18 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.11.16 17:15:01 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.27 19:03:41 | 000,000,000 | ---- | C] () -- C:\Users\Christa\defogger_reenable
[2012.11.16 18:37:02 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.11.16 18:33:19 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.16 18:33:16 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.16 18:32:50 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.16 18:17:18 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.11.16 18:17:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.09.16 16:10:14 | 000,000,903 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.15.rtf
[2011.08.23 15:46:20 | 000,001,152 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.14.rtf
[2011.02.25 18:03:31 | 000,000,888 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.13.rtf
[2010.11.27 18:29:59 | 000,000,723 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.12.rtf
[2010.11.01 17:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Christa\AppData\Local\d3d9caps.dat
[2010.10.13 17:09:52 | 000,000,881 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.11.rtf
[2010.09.14 16:27:53 | 000,000,694 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.10.rtf
[2010.08.06 16:33:52 | 000,000,760 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.9.rtf
[2010.07.05 11:40:53 | 000,000,611 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr 6.rtf
[2010.06.11 16:14:32 | 000,001,036 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.8.rtf
[2010.05.21 17:27:42 | 000,000,877 | ---- | C] () -- C:\Users\Christa\Tagebuch.rtf
[2010.05.07 16:56:28 | 000,000,964 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.7.rtf
[2010.03.21 17:08:06 | 000,031,007 | ---- | C] () -- C:\Users\Christa\AppData\Roaming\UserTile.png
[2009.05.10 15:04:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.12.27 11:35:42 | 000,710,144 | -HS- | C] () -- C:\Users\Christa\ehthumbs_vista.db
[2007.10.31 15:59:18 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.10.22 14:36:12 | 000,022,528 | ---- | C] () -- C:\Users\Christa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.03 11:17:02 | 000,000,095 | ---- | C] () -- C:\Users\Christa\AppData\Local\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2010.01.05 12:55:24 | 000,005,044 | ---- | M] () -- C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}\skin\L.png
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.03.28 16:40:32 | 000,000,000 | ---D | M] -- C:\Users\Christa\AppData\Roaming\PeerNetworking
[2007.09.03 11:09:52 | 000,000,000 | ---D | M] -- C:\Users\Christa\AppData\Roaming\T-Online
[2010.09.09 16:20:27 | 000,000,000 | ---D | M] -- C:\Users\Christa\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 885 bytes -> C:\Users\Christa\Documents\Tagebuch Nr.16.eml:OECustomProperty

< End of report >
         

Code:
ATTFilter
OTL Extras logfile created on: 27.11.2012 19:10:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Christa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
765,45 Mb Total Physical Memory | 193,80 Mb Available Physical Memory | 25,32% Memory free
1,76 Gb Paging File | 0,98 Gb Available in Paging File | 55,73% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 11,44 Gb Free Space | 22,53% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1688565363-3877067027-1528832066-1003]
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{164A68E2-493F-4308-8F08-84491949D2D9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{17835511-E8D2-44D6-84F1-05C1D94ED9F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2110C180-636A-49A8-999D-C0590C71D248}" = lport=138 | protocol=17 | dir=in | app=system | 
"{241F1282-FE85-44AC-A1CD-282C6713809D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3F4109A9-E99E-4973-B8F9-629006779EC6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{77427A9D-75D5-4F52-9915-0F34512C3D80}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{909E4A5F-8BFB-4F1E-A7DA-D4A312C0F63B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9744DDFE-C742-44D0-868F-904DE91E9AB7}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E41F1530-EAC7-4BDE-97BF-DF27D6975E27}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F7A20E7E-0676-4624-A195-0F214C16F85F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FF95205D-CDB6-4187-AAF8-94DBD2A3871F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0861DEE8-1E70-4298-98BD-72DA8E267D93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4067263A-C653-4772-B88E-3C915E97E74B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{AA77BCD3-8FBC-40C5-9C20-316F0FC60701}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BDE9E5E8-72E8-4791-B0CE-D4DB68E48381}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0212BFBB-50BA-C4FA-D700-DFBB40A9F1AF}" = Catalyst Control Center Localization Arabic
"{0219FD21-8B2E-240B-3D35-997EE0E3F81B}" = Catalyst Control Center Localization Arabic
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047ACAF8-7642-4940-8EC6-4694E0E60B40}" = CCC Help French
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F42C96-A96C-F579-B0FA-F44BBA118C51}" = ccc-core-static
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0BB96994-EA3F-D659-6A3B-D2D73FEBD8E4}" = ccc-utility
"{0C1D06CD-D5D1-A718-5C8F-27D089C5C39C}" = Catalyst Control Center Localization Finnish
"{0DF36AB1-1B4C-CAEC-A23E-EFA25738B60A}" = CCC Help Greek
"{110D7DC8-9237-47D3-AB39-50651A10304C}" = SamsungScreensaver
"{12080F61-1225-BCDE-EFE2-3452E826D9AD}" = Catalyst Control Center Graphics Light
"{143539DF-6F6E-9E25-3EDF-0906C7F533B7}" = CCC Help Korean
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution II
"{148806DB-3E2E-4A2E-D7F8-223EFA43C350}" = Catalyst Control Center Graphics Full New
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20CD8D4B-74ED-BED9-805C-6F4FBE6B4F01}" = ccc-localization-da
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31ACBC65-C234-BD71-3FCE-520EC0138635}" = CCC Help Norwegian
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"{3AB54293-0366-7D73-D97E-3DB689A72E4A}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DC4A72C-B683-5733-8A2C-136FBB5619D6}" = Catalyst Control Center Localization German
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{47EDD638-F882-A248-FBA5-B0CCBB9175D8}" = CCC Help Spanish
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D6125BF-2586-9175-24FE-854DD6F6F08F}" = CCC Help Hungarian
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52FE8F38-057E-26C5-DF29-935DE6E218E0}" = Catalyst Control Center Localization Japanese
"{5579A7B8-F48A-C2F5-75D0-F67CDFD68461}" = Catalyst Control Center Core Implementation
"{5A4BB8B6-8BE7-A8AF-528C-55A50DD18497}" = Catalyst Control Center Localization Arabic
"{5AA05616-21D6-63D5-CA68-73200B161599}" = CCC Help Czech
"{5E99C53A-D37E-CEA5-0398-329F15494618}" = Catalyst Control Center Graphics Full Existing
"{64536DB8-3247-4489-6BC3-BCD0DCC74810}" = Catalyst Control Center Localization Spanish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6BD4EDE4-053E-FC85-AFC2-58306952BDBD}" = Catalyst Control Center Localization French
"{6F6D2DE6-44FA-EAF4-0028-7FAE37A76B4C}" = CCC Help Turkish
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78E2F10D-4A74-A354-3D41-CF439A501AE5}" = CCC Help Italian
"{8448A09D-0E2A-4EFA-6A16-AFA374AE088F}" = Catalyst Control Center Graphics Previews Vista
"{87858FF1-3D1C-301A-0C62-62F977659969}" = Catalyst Control Center Localization Italian
"{8799B11A-0E01-1729-B527-802A3513BEE7}" = CCC Help Polish
"{8A51FE4C-7DC6-8C9B-67D7-8536B7413BFE}" = Catalyst Control Center Localization Korean
"{8A92CE03-CEEB-145D-1F8D-FBC0DDE0CDEF}" = CCC Help Finnish
"{8ED71B2B-8228-EFF8-B566-890D771A6A98}" = CCC Help Swedish
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903194A5-E1E4-E56B-8B3C-C52664CD6A65}" = CCC Help Japanese
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = T-Online DSL-Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{95CCAA64-028C-FF26-B553-3401EA3B137B}" = CCC Help Chinese Standard
"{98C0E007-7225-550C-BD4D-16A53171FA5B}" = CCC Help Chinese Traditional
"{99825ADC-3BAC-40C6-3FA1-A80496C5FE4D}" = CCC Help German
"{99FBF341-96A4-6E6B-F098-F5318F74FD8B}" = Catalyst Control Center Localization Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AEE384F-4CEB-9FD4-0ECA-5A2A5FF3FC65}" = Catalyst Control Center Localization Arabic
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A703E5-975D-8426-B654-A3C86EEA771F}" = Catalyst Control Center Localization Greek
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3400
"{A2E2B102-C07F-2D6A-F826-FBE911583029}" = Catalyst Control Center Localization Arabic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB8465B2-8971-83AA-72AC-08C870CAB14B}" = CCC Help English
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B57D54D5-BE8F-152A-3DDA-2CCC34916ABB}" = Catalyst Control Center Localization Czech
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C2F84222-A797-3ADB-F73F-F9FEA356365E}" = Catalyst Control Center Localization Chinese Standard
"{C5DC24CC-98D8-3714-20DE-F3154692CAC1}" = CCC Help Portuguese
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D6339BC5-BD2E-580C-0A9E-EF09B768C891}" = CCC Help Thai
"{DDFA8768-E4A8-4EFA-637B-DF23DC3EFD04}" = Catalyst Control Center Localization Chinese Traditional
"{DF1F4246-C7DF-7C15-6BBD-211E768EB715}" = Catalyst Control Center Localization Arabic
"{E481BC06-6BBB-093B-728A-C8EEB98E1E47}" = Catalyst Control Center Localization Arabic
"{E5BED6AE-BEF7-8504-38DB-F881A526F5C2}" = Skins
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC69E8A3-A20F-E735-968A-CE6D4E1FA857}" = CCC Help Russian
"{ED8EACD0-3B35-AA21-DA10-6372AB6D19CA}" = CCC Help Dutch
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF602681-E2E7-9FFF-9752-3B0F8E7D38F1}" = Catalyst Control Center Localization Arabic
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Uninstaller" = ATI Uninstaller
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Google Chrome" = Google Chrome
"InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:42:29 | Computer Name = Christa-PC | Source = EventSystem | ID = 4621
Description = 
 
[ System Events ]
Error - 24.11.2012 13:20:55 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 24.11.2012 13:52:20 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 25.11.2012 12:43:39 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 25.11.2012 12:49:17 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 17:43:26 unerwartet heruntergefahren.
 
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.11.2012 13:04:18 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:02:07 unerwartet heruntergefahren.
 
Error - 25.11.2012 13:25:55 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:23:09 unerwartet heruntergefahren.
 
Error - 25.11.2012 13:42:27 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 27.11.2012 12:43:44 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         

Alt 28.11.2012, 12:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Zitat:
(Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
Wo sind die Logs dazu und von anderen Virenscanner wenn Funde da waren?
Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520
__________________

__________________

Alt 29.11.2012, 15:11   #3
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Hallo Cosinus,


danke für Deine Hilfe!
Seitdem man mich um Rat gefragt hat, gab es keine Funde von Virenscannern. Lasse gerade nochmal einen erweiterten Scan von Malwarebytes laufen...

Meine Nachbarin sagte mir, vor ca. einem halben Jahr habe Avira wohl mal einen Trojaner gefunden, den sie dann in Quarantäne geschickt hätte. Nun ist aber Avira deinstalliert worden... komme ich trotzdem noch irgendwie an die alte Logdatei?


Viele Grüße, Véronique
__________________

Alt 29.11.2012, 15:22   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Es geht darum, dass man die Logs mit den Funden sehen muss!

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Alt 29.11.2012, 17:25   #5
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Na, wie gesagt, es gibt keinen Fund... nur diese ewigen Verzögerungen, manchmal mit "Totalausfall", so dass eben gar nichts weiter geht und sich der Cursor nicht mehr bewegen lässt. Im Internet am häufigsten, aber auch offline...

Der Laptop ist ja jetzt in meiner Wohnung und hier benutze ich mein WLAN... das funktioniert bei meinem eigenen PC einwandfrei und ist schnell... daran kann es also nicht liegen.

Das Problem scheint sich zu erhöhen, je länger ich im Internet bin.

Momentan braucht es bei jedem Klick ca. 20-30 Sekunden, bis der Rechner reagiert.


Alt 29.11.2012, 19:30   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Code:
ATTFilter
Windows Vista Home Premium Edition Service Pack 2
765,45 Mb Total Physical Memory
         
Wen wundert's da noch wenn du Vista auf dem Rechner hast aber sooo wenig RAM
War Vista schon vorinstalliert? Stimmt die Angabe des Speichers so überhaupt? Ich find das ist ein recht ungewöhnlicher Wert!
__________________
--> PC hängt immer wieder und stürzt im IE und FF ab...

Alt 29.11.2012, 19:47   #7
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Meine Nachbarin ist 70 und kennt sich mit Computern so gut wie gar nicht aus (noch weniger als ich)... außerdem ist ein Vista-Aufkleber auf dem Laptop... ziemlich sicher war Vista vorinstalliert.

Sie benutzt den Laptop aber auch nur, um ein paar Mails zu schreiben, ab und an eine Überweisung zu tätigen oder eine Flug zu buchen, einige Fotos zu speichern und einige wenige Textdateien zu verfassen. Am Anfang gab es die Probleme mit der Langsamkeit wohl nicht...

In der Systeminfo steht folgendes:
Installierter physikalischer Speicher (RAM) 1,00 GB
Gesamter realer Speicher 765 MB
Verfügbarer realer Speicher 156 MB
Gesamter virtueller Speicher 1,75 GB
Verfügbarer virtueller Speicher 873 MB
Größe der Auslagerungsdatei 1,04 GB
Auslagerungsdatei C:\pagefile.sys


Kann man was machen, dass er wieder etwas schneller wird, oder brauchen wir ein neues Betriebssystem? Oder besser einen neuen Computer?! :-)


PS: Momentan reagiert er aber auch wieder - anders als noch vor zwei Stunden - ganz schnell... woran liegen denn diese Schwankungen?

Alt 29.11.2012, 21:20   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Für Vista ist das DEUTLICH zu wenig RAM...selbst bei XP kann 1 GB bzw. 765 MB verfügbarer RAM zu wenig sein....

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


Alt 29.11.2012, 23:53   #9
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Was schlägst Du bezüglich des Betriebssystems vor?


Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-30 00:30:26
-----------------------------
00:30:26.053    OS Version: Windows 6.0.6002 Service Pack 2
00:30:26.053    Number of processors: 1 586 0xE0C
00:30:26.053    ComputerName: CHRISTA-PC  UserName: Christa
00:30:36.349    Initialize success
00:30:41.263    AVAST engine defs: 12112900
00:30:56.520    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:30:56.520    Disk 0 Vendor: FUJITSU_MHW2120BH 00000012 Size: 114473MB BusType: 3
00:30:56.551    Disk 0 MBR read successfully
00:30:56.551    Disk 0 MBR scan
00:30:56.582    Disk 0 unknown MBR code
00:30:56.598    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10240 MB offset 2048
00:30:56.613    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        52008 MB offset 20973568
00:30:56.644    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        52223 MB offset 127485952
00:30:56.644    Disk 0 scanning sectors +234438656
00:30:56.910    Disk 0 scanning C:\Windows\system32\drivers
00:31:20.185    Service scanning
00:31:52.446    Modules scanning
00:32:28.326    Disk 0 trace - called modules:
00:32:28.872    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 
00:32:28.872    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84da4980]
00:32:28.887    3 CLASSPNP.SYS[868978b3] -> nt!IofCallDriver -> [0x846b0840]
00:32:28.887    5 acpi.sys[82e456bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84693528]
00:32:28.903    Scan finished successfully
00:32:40.790    Disk 0 MBR has been saved successfully to "C:\Users\Christa\Downloads\MBR.dat"
00:32:40.806    The log file has been saved successfully to "C:\Users\Christa\Downloads\aswMBR.txt"
         
TDSS Killer Teil I
Code:
ATTFilter
00:39:02.0196 3820  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:39:04.0126 3820  ============================================================
00:39:04.0126 3820  Current date / time: 2012/11/30 00:39:04.0126
00:39:04.0126 3820  SystemInfo:
00:39:04.0126 3820  
00:39:04.0126 3820  OS Version: 6.0.6002 ServicePack: 2.0
00:39:04.0126 3820  Product type: Workstation
00:39:04.0126 3820  ComputerName: CHRISTA-PC
00:39:04.0126 3820  UserName: Christa
00:39:04.0126 3820  Windows directory: C:\Windows
00:39:04.0126 3820  System windows directory: C:\Windows
00:39:04.0126 3820  Processor architecture: Intel x86
00:39:04.0126 3820  Number of processors: 1
00:39:04.0126 3820  Page size: 0x1000
00:39:04.0126 3820  Boot type: Normal boot
00:39:04.0126 3820  ============================================================
00:39:08.0668 3820  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:39:08.0788 3820  ============================================================
00:39:08.0788 3820  \Device\Harddisk0\DR0:
00:39:08.0798 3820  MBR partitions:
00:39:08.0798 3820  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x6594000
00:39:08.0798 3820  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7994800, BlocksNum 0x65FF800
00:39:08.0798 3820  ============================================================
00:39:09.0028 3820  C: <-> \Device\Harddisk0\DR0\Partition1
00:39:09.0308 3820  D: <-> \Device\Harddisk0\DR0\Partition2
00:39:09.0308 3820  ============================================================
00:39:09.0308 3820  Initialize success
00:39:09.0308 3820  ============================================================
00:39:32.0390 2832  ============================================================
00:39:32.0390 2832  Scan started
00:39:32.0390 2832  Mode: Manual; 
00:39:32.0390 2832  ============================================================
00:39:41.0360 2832  ================ Scan system memory ========================
00:39:41.0360 2832  System memory - ok
00:39:41.0360 2832  ================ Scan services =============================
00:39:41.0703 2832  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
00:39:41.0734 2832  ACPI - ok
00:39:41.0984 2832  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:39:41.0984 2832  AdobeARMservice - ok
00:39:42.0093 2832  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:39:42.0108 2832  AdobeFlashPlayerUpdateSvc - ok
00:39:42.0171 2832  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:39:42.0186 2832  adp94xx - ok
00:39:42.0218 2832  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:39:42.0218 2832  adpahci - ok
00:39:42.0249 2832  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
00:39:42.0249 2832  adpu160m - ok
00:39:42.0264 2832  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:39:42.0280 2832  adpu320 - ok
00:39:42.0311 2832  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:39:42.0327 2832  AeLookupSvc - ok
00:39:42.0374 2832  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
00:39:42.0374 2832  AFD - ok
00:39:42.0436 2832  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
00:39:42.0436 2832  AgereModemAudio - ok
00:39:42.0514 2832  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
00:39:42.0561 2832  AgereSoftModem - ok
00:39:42.0592 2832  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:39:42.0592 2832  agp440 - ok
00:39:42.0639 2832  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
00:39:42.0670 2832  aic78xx - ok
00:39:42.0717 2832  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
00:39:42.0717 2832  ALG - ok
00:39:42.0748 2832  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:39:42.0748 2832  aliide - ok
00:39:42.0779 2832  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
00:39:42.0779 2832  amdagp - ok
00:39:42.0795 2832  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
00:39:42.0795 2832  amdide - ok
00:39:42.0826 2832  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
00:39:42.0826 2832  AmdK7 - ok
00:39:42.0842 2832  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:39:42.0842 2832  AmdK8 - ok
00:39:42.0904 2832  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
00:39:42.0920 2832  Appinfo - ok
00:39:42.0951 2832  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
00:39:42.0951 2832  arc - ok
00:39:42.0966 2832  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:39:42.0982 2832  arcsas - ok
00:39:43.0029 2832  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
00:39:43.0029 2832  aswFsBlk - ok
00:39:43.0060 2832  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
00:39:43.0091 2832  aswMonFlt - ok
00:39:43.0107 2832  [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
00:39:43.0107 2832  AswRdr - ok
00:39:43.0154 2832  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
00:39:43.0185 2832  aswSnx - ok
00:39:43.0216 2832  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
00:39:43.0232 2832  aswSP - ok
00:39:43.0278 2832  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
00:39:43.0278 2832  aswTdi - ok
00:39:43.0310 2832  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:39:43.0310 2832  AsyncMac - ok
00:39:43.0341 2832  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:39:43.0341 2832  atapi - ok
00:39:43.0512 2832  [ 2846F5EE802889D500FCF5CC48B28381 ] athr            C:\Windows\system32\DRIVERS\athr.sys
00:39:43.0606 2832  athr - ok
00:39:43.0653 2832  [ D1F2726E89D4BD96F8314B9E303E633D ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
00:39:43.0684 2832  Ati External Event Utility - ok
00:39:43.0746 2832  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:39:43.0746 2832  AudioEndpointBuilder - ok
00:39:43.0762 2832  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
00:39:43.0762 2832  Audiosrv - ok
00:39:43.0980 2832  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:39:43.0980 2832  avast! Antivirus - ok
00:39:44.0136 2832  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
00:39:44.0183 2832  BcmSqlStartupSvc - ok
00:39:44.0214 2832  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:39:44.0230 2832  Beep - ok
00:39:44.0277 2832  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
00:39:44.0292 2832  BFE - ok
00:39:44.0355 2832  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
00:39:44.0402 2832  BITS - ok
00:39:44.0417 2832  blbdrive - ok
00:39:44.0464 2832  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:39:44.0480 2832  bowser - ok
00:39:44.0511 2832  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
00:39:44.0526 2832  BrFiltLo - ok
00:39:44.0542 2832  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
00:39:44.0542 2832  BrFiltUp - ok
00:39:44.0589 2832  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
00:39:44.0589 2832  Browser - ok
00:39:44.0604 2832  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
00:39:44.0620 2832  Brserid - ok
00:39:44.0636 2832  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
00:39:44.0636 2832  BrSerWdm - ok
00:39:44.0667 2832  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
00:39:44.0667 2832  BrUsbMdm - ok
00:39:44.0682 2832  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
00:39:44.0682 2832  BrUsbSer - ok
00:39:44.0729 2832  [ 064FBC56921051DE1075495D628B815F ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
00:39:44.0729 2832  BthEnum - ok
00:39:44.0760 2832  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:39:44.0760 2832  BTHMODEM - ok
00:39:44.0792 2832  [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
00:39:44.0854 2832  BthPan - ok
00:39:44.0870 2832  [ B24757D9154CCA035E1BBD3DB92966D7 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
00:39:44.0885 2832  BTHPORT - ok
00:39:44.0932 2832  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
00:39:44.0932 2832  BthServ - ok
00:39:44.0948 2832  [ D42CF5F0C7635B3F1578810FE34D9E41 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
00:39:44.0963 2832  BTHUSB - ok
00:39:44.0979 2832  [ 0CF62C498D60253A4FC3B2AFF0E6373E ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
00:39:44.0994 2832  btwaudio - ok
00:39:45.0010 2832  [ D094142ADE0DA18463609AE656B1F3ED ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
00:39:45.0010 2832  btwavdt - ok
00:39:45.0072 2832  [ 840439331FF1A72B3A18ED59D27676D8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
00:39:45.0135 2832  btwdins - ok
00:39:45.0150 2832  [ 511159FCB07FD7442E7F399C94A3B408 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
00:39:45.0150 2832  btwrchid - ok
00:39:45.0182 2832  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:39:45.0197 2832  cdfs - ok
00:39:45.0228 2832  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:39:45.0228 2832  cdrom - ok
00:39:45.0291 2832  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:39:45.0306 2832  CertPropSvc - ok
00:39:45.0338 2832  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:39:45.0338 2832  circlass - ok
00:39:45.0431 2832  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
00:39:45.0478 2832  CLFS - ok
00:39:45.0540 2832  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:39:45.0556 2832  clr_optimization_v2.0.50727_32 - ok
00:39:45.0650 2832  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:39:45.0712 2832  clr_optimization_v4.0.30319_32 - ok
00:39:45.0759 2832  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:39:45.0759 2832  CmBatt - ok
00:39:45.0790 2832  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:39:45.0806 2832  cmdide - ok
00:39:45.0837 2832  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:39:45.0837 2832  Compbatt - ok
00:39:45.0852 2832  COMSysApp - ok
00:39:45.0868 2832  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:39:45.0868 2832  crcdisk - ok
00:39:45.0884 2832  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
00:39:45.0884 2832  Crusoe - ok
00:39:45.0930 2832  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:39:45.0946 2832  CryptSvc - ok
00:39:46.0008 2832  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:39:46.0071 2832  DcomLaunch - ok
00:39:46.0086 2832  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:39:46.0102 2832  DfsC - ok
00:39:46.0289 2832  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
00:39:46.0398 2832  DFSR - ok
00:39:46.0492 2832  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
00:39:46.0492 2832  Dhcp - ok
00:39:46.0523 2832  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
00:39:46.0523 2832  disk - ok
00:39:46.0570 2832  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:39:46.0570 2832  Dnscache - ok
00:39:46.0632 2832  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:39:46.0648 2832  dot3svc - ok
00:39:46.0679 2832  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
00:39:46.0695 2832  DPS - ok
00:39:46.0726 2832  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:39:46.0726 2832  drmkaud - ok
00:39:46.0820 2832  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:39:46.0851 2832  DXGKrnl - ok
00:39:46.0882 2832  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
00:39:46.0898 2832  E1G60 - ok
00:39:46.0929 2832  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
00:39:46.0944 2832  EapHost - ok
00:39:46.0991 2832  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
00:39:46.0991 2832  Ecache - ok
00:39:47.0085 2832  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:39:47.0116 2832  ehRecvr - ok
00:39:47.0147 2832  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
00:39:47.0147 2832  ehSched - ok
00:39:47.0163 2832  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
00:39:47.0178 2832  ehstart - ok
00:39:47.0210 2832  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:39:47.0210 2832  elxstor - ok
00:39:47.0334 2832  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
00:39:47.0350 2832  EMDMgmt - ok
00:39:47.0397 2832  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
00:39:47.0412 2832  EventSystem - ok
00:39:47.0444 2832  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
00:39:47.0444 2832  exfat - ok
00:39:47.0475 2832  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:39:47.0490 2832  fastfat - ok
00:39:47.0522 2832  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:39:47.0522 2832  fdc - ok
00:39:47.0553 2832  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:39:47.0553 2832  fdPHost - ok
00:39:47.0615 2832  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:39:47.0631 2832  FDResPub - ok
00:39:47.0678 2832  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:39:47.0678 2832  FileInfo - ok
00:39:47.0709 2832  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:39:47.0709 2832  Filetrace - ok
00:39:47.0724 2832  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:39:47.0724 2832  flpydisk - ok
00:39:47.0771 2832  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:39:47.0771 2832  FltMgr - ok
00:39:47.0880 2832  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
00:39:48.0021 2832  FontCache - ok
00:39:48.0068 2832  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:39:48.0083 2832  FontCache3.0.0.0 - ok
00:39:48.0130 2832  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:39:48.0161 2832  Fs_Rec - ok
00:39:48.0192 2832  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:39:48.0192 2832  gagp30kx - ok
00:39:48.0239 2832  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:39:48.0270 2832  gpsvc - ok
00:39:48.0380 2832  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:39:48.0395 2832  gupdate - ok
00:39:48.0395 2832  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:39:48.0395 2832  gupdatem - ok
00:39:48.0520 2832  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:39:48.0551 2832  HdAudAddService - ok
00:39:48.0614 2832  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:39:48.0645 2832  HDAudBus - ok
00:39:48.0660 2832  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:39:48.0660 2832  HidBth - ok
00:39:48.0692 2832  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:39:48.0692 2832  HidIr - ok
00:39:48.0723 2832  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
00:39:48.0723 2832  hidserv - ok
00:39:48.0770 2832  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:39:48.0785 2832  HidUsb - ok
00:39:48.0816 2832  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:39:48.0816 2832  hkmsvc - ok
00:39:48.0832 2832  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
00:39:48.0848 2832  HpCISSs - ok
00:39:48.0910 2832  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:39:48.0941 2832  HTTP - ok
00:39:48.0988 2832  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
00:39:49.0019 2832  i2omp - ok
00:39:49.0082 2832  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:39:49.0082 2832  i8042prt - ok
00:39:49.0113 2832  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
00:39:49.0113 2832  iaStorV - ok
00:39:49.0206 2832  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:39:49.0284 2832  IDriverT - ok
00:39:49.0456 2832  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:39:49.0487 2832  idsvc - ok
00:39:49.0534 2832  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:39:49.0534 2832  iirsp - ok
00:39:49.0581 2832  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
00:39:49.0612 2832  IKEEXT - ok
00:39:49.0752 2832  [ A47B2875680AD67B35C6150BD0203056 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:39:49.0830 2832  IntcAzAudAddService - ok
00:39:49.0846 2832  [ 97469037714070E45194ED318D636401 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:39:49.0846 2832  intelide - ok
00:39:49.0877 2832  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:39:49.0877 2832  intelppm - ok
00:39:49.0924 2832  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:39:49.0940 2832  IPBusEnum - ok
00:39:49.0971 2832  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:39:49.0971 2832  IpFilterDriver - ok
00:39:50.0002 2832  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:39:50.0002 2832  iphlpsvc - ok
00:39:50.0018 2832  IpInIp - ok
00:39:50.0064 2832  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
00:39:50.0064 2832  IPMIDRV - ok
00:39:50.0111 2832  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
00:39:50.0111 2832  IPNAT - ok
00:39:50.0142 2832  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:39:50.0158 2832  IRENUM - ok
00:39:50.0189 2832  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:39:50.0205 2832  isapnp - ok
00:39:50.0236 2832  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
00:39:50.0252 2832  iScsiPrt - ok
00:39:50.0267 2832  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
00:39:50.0267 2832  iteatapi - ok
00:39:50.0283 2832  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
00:39:50.0298 2832  iteraid - ok
00:39:50.0330 2832  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:39:50.0330 2832  kbdclass - ok
00:39:50.0345 2832  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:39:50.0361 2832  kbdhid - ok
00:39:50.0392 2832  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
00:39:50.0392 2832  KeyIso - ok
00:39:50.0439 2832  [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO       C:\Windows\system32\DRIVERS\kmdfmemio.sys
00:39:50.0454 2832  KMDFMEMIO - ok
00:39:50.0564 2832  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:39:50.0579 2832  KSecDD - ok
00:39:50.0626 2832  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:39:50.0642 2832  KtmRm - ok
00:39:50.0766 2832  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:39:50.0782 2832  LanmanServer - ok
00:39:50.0813 2832  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:39:50.0829 2832  LanmanWorkstation - ok
00:39:50.0860 2832  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:39:50.0876 2832  lltdio - ok
00:39:50.0907 2832  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:39:50.0938 2832  lltdsvc - ok
00:39:50.0969 2832  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:39:50.0969 2832  lmhosts - ok
00:39:51.0016 2832  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:39:51.0016 2832  LSI_FC - ok
00:39:51.0063 2832  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:39:51.0063 2832  LSI_SAS - ok
00:39:51.0094 2832  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:39:51.0094 2832  LSI_SCSI - ok
00:39:51.0141 2832  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
00:39:51.0141 2832  luafv - ok
00:39:51.0172 2832  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:39:51.0172 2832  Mcx2Svc - ok
00:39:51.0203 2832  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
00:39:51.0203 2832  megasas - ok
00:39:51.0250 2832  [ 5E5024D9E2351DB2563B30912B4C4146 ] MIINPazX        C:\PROGRA~1\COMMON~1\MARMIK~1\MInfraIS\MIINPazX.SYS
00:39:51.0250 2832  MIINPazX - ok
00:39:51.0281 2832  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
00:39:51.0281 2832  MMCSS - ok
00:39:51.0328 2832  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
00:39:51.0344 2832  Modem - ok
00:39:51.0375 2832  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:39:51.0375 2832  monitor - ok
00:39:51.0390 2832  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:39:51.0390 2832  mouclass - ok
00:39:51.0422 2832  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:39:51.0422 2832  mouhid - ok
00:39:51.0453 2832  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
00:39:51.0453 2832  MountMgr - ok
00:39:51.0515 2832  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:39:51.0578 2832  MozillaMaintenance - ok
00:39:51.0624 2832  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:39:51.0624 2832  mpio - ok
00:39:51.0671 2832  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:39:51.0671 2832  mpsdrv - ok
00:39:51.0718 2832  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:39:51.0749 2832  MpsSvc - ok
00:39:51.0765 2832  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
00:39:51.0780 2832  Mraid35x - ok
00:39:51.0827 2832  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:39:51.0827 2832  MRxDAV - ok
00:39:51.0890 2832  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:39:51.0968 2832  mrxsmb - ok
00:39:52.0030 2832  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:39:52.0108 2832  mrxsmb10 - ok
00:39:52.0139 2832  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:39:52.0170 2832  mrxsmb20 - ok
00:39:52.0326 2832  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:39:52.0342 2832  msahci - ok
00:39:52.0373 2832  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:39:52.0420 2832  msdsm - ok
00:39:52.0467 2832  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
00:39:52.0467 2832  MSDTC - ok
00:39:52.0529 2832  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:39:52.0560 2832  Msfs - ok
00:39:52.0607 2832  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:39:52.0607 2832  msisadrv - ok
00:39:52.0638 2832  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:39:52.0654 2832  MSiSCSI - ok
00:39:52.0654 2832  msiserver - ok
00:39:52.0685 2832  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:39:52.0685 2832  MSKSSRV - ok
00:39:52.0732 2832  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:39:52.0732 2832  MSPCLOCK - ok
00:39:52.0748 2832  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:39:52.0763 2832  MSPQM - ok
00:39:52.0794 2832  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:39:52.0794 2832  MsRPC - ok
00:39:52.0826 2832  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:39:52.0857 2832  mssmbios - ok
00:39:52.0935 2832  MSSQL$MSSMLBIZ - ok
00:39:53.0028 2832  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:39:53.0028 2832  MSSQLServerADHelper - ok
00:39:53.0075 2832  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:39:53.0075 2832  MSTEE - ok
00:39:53.0138 2832  [ 493138C4F4119E938427DA02486F09CB ] MTOnlPktAlyX    C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
00:39:53.0153 2832  MTOnlPktAlyX - ok
00:39:53.0169 2832  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
00:39:53.0184 2832  Mup - ok
00:39:53.0216 2832  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
00:39:53.0231 2832  napagent - ok
00:39:53.0278 2832  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:39:53.0278 2832  NativeWifiP - ok
00:39:53.0340 2832  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:39:53.0356 2832  NDIS - ok
00:39:53.0387 2832  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:39:53.0387 2832  NdisTapi - ok
00:39:53.0403 2832  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:39:53.0418 2832  Ndisuio - ok
00:39:53.0450 2832  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:39:53.0450 2832  NdisWan - ok
00:39:53.0496 2832  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:39:53.0496 2832  NDProxy - ok
00:39:53.0512 2832  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:39:53.0512 2832  NetBIOS - ok
00:39:53.0574 2832  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
00:39:53.0606 2832  netbt - ok
00:39:53.0621 2832  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
00:39:53.0637 2832  Netlogon - ok
00:39:53.0668 2832  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
00:39:53.0684 2832  Netman - ok
00:39:53.0730 2832  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
00:39:53.0746 2832  netprofm - ok
00:39:53.0777 2832  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:39:53.0793 2832  NetTcpPortSharing - ok
00:39:53.0996 2832  [ 6E9EDC1020B319E7676387B8CDF2398C ] NETw2v32        C:\Windows\system32\DRIVERS\NETw2v32.sys
00:39:54.0105 2832  NETw2v32 - ok
00:39:54.0136 2832  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:39:54.0136 2832  nfrd960 - ok
00:39:54.0198 2832  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:39:54.0214 2832  NlaSvc - ok
00:39:54.0261 2832  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:39:54.0261 2832  Npfs - ok
00:39:54.0292 2832  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
00:39:54.0292 2832  nsi - ok
00:39:54.0323 2832  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:39:54.0323 2832  nsiproxy - ok
00:39:54.0495 2832  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:39:54.0526 2832  Ntfs - ok
00:39:54.0557 2832  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
00:39:54.0573 2832  ntrigdigi - ok
00:39:54.0604 2832  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
00:39:54.0604 2832  Null - ok
00:39:54.0635 2832  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:39:54.0635 2832  nvraid - ok
00:39:54.0651 2832  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:39:54.0651 2832  nvstor - ok
00:39:54.0666 2832  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:39:54.0682 2832  nv_agp - ok
00:39:54.0682 2832  NwlnkFlt - ok
00:39:54.0698 2832  NwlnkFwd - ok
00:39:54.0978 2832  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:39:54.0994 2832  odserv - ok
00:39:55.0025 2832  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:39:55.0025 2832  ohci1394 - ok
00:39:55.0072 2832  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:39:55.0072 2832  ose - ok
00:39:55.0212 2832  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
00:39:55.0228 2832  p2pimsvc - ok
00:39:55.0244 2832  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:39:55.0244 2832  p2psvc - ok
00:39:55.0275 2832  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
00:39:55.0306 2832  Parport - ok
00:39:55.0337 2832  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:39:55.0337 2832  partmgr - ok
00:39:55.0368 2832  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
00:39:55.0368 2832  Parvdm - ok
00:39:55.0400 2832  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:39:55.0400 2832  PcaSvc - ok
00:39:55.0431 2832  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
00:39:55.0431 2832  pci - ok
00:39:55.0462 2832  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
00:39:55.0462 2832  pciide - ok
00:39:55.0478 2832  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:39:55.0493 2832  pcmcia - ok
00:39:55.0556 2832  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:39:55.0602 2832  PEAUTH - ok
00:39:55.0930 2832  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
00:39:55.0992 2832  pla - ok
00:39:56.0039 2832  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:39:56.0055 2832  PlugPlay - ok
00:39:56.0102 2832  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
00:39:56.0117 2832  PNRPAutoReg - ok
00:39:56.0148 2832  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
00:39:56.0164 2832  PNRPsvc - ok
00:39:56.0226 2832  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:39:56.0242 2832  PolicyAgent - ok
00:39:56.0289 2832  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:39:56.0304 2832  PptpMiniport - ok
00:39:56.0351 2832  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
00:39:56.0367 2832  Processor - ok
00:39:56.0460 2832  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:39:56.0476 2832  ProfSvc - ok
00:39:56.0507 2832  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:39:56.0507 2832  ProtectedStorage - ok
00:39:56.0554 2832  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
00:39:56.0570 2832  PSched - ok
00:39:56.0648 2832  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:39:56.0710 2832  ql2300 - ok
00:39:56.0726 2832  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:39:56.0741 2832  ql40xx - ok
00:39:56.0772 2832  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
00:39:56.0788 2832  QWAVE - ok
00:39:56.0804 2832  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:39:56.0819 2832  QWAVEdrv - ok
00:39:57.0272 2832  [ 1FD94B167A03C4E9909F6E28A6320019 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
00:39:57.0381 2832  R300 - ok
00:39:57.0428 2832  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:39:57.0443 2832  RasAcd - ok
00:39:57.0490 2832  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
00:39:57.0506 2832  RasAuto - ok
00:39:57.0537 2832  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:39:57.0568 2832  Rasl2tp - ok
00:39:57.0615 2832  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
00:39:57.0630 2832  RasMan - ok
00:39:57.0677 2832  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:39:57.0677 2832  RasPppoe - ok
00:39:57.0708 2832  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:39:57.0740 2832  RasSstp - ok
00:39:57.0786 2832  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:39:57.0786 2832  rdbss - ok
00:39:57.0833 2832  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:39:57.0849 2832  RDPCDD - ok
00:39:57.0974 2832  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
00:39:58.0020 2832  rdpdr - ok
00:39:58.0020 2832  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:39:58.0020 2832  RDPENCDD - ok
00:39:58.0098 2832  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:39:58.0114 2832  RDPWD - ok
00:39:58.0161 2832  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:39:58.0161 2832  RemoteAccess - ok
00:39:58.0208 2832  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:39:58.0208 2832  RemoteRegistry - ok
00:39:58.0239 2832  [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
00:39:58.0254 2832  RFCOMM - ok
00:39:58.0395 2832  [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:39:58.0426 2832  RichVideo - ok
00:39:58.0488 2832  [ B39F1BD472E4992382875BAF0B645C6D ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
00:39:58.0488 2832  rimmptsk - ok
00:39:58.0520 2832  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
00:39:58.0535 2832  rimsptsk - ok
00:39:58.0551 2832  [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
00:39:58.0551 2832  rismxdp - ok
00:39:58.0598 2832  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
00:39:58.0613 2832  RpcLocator - ok
00:39:58.0644 2832  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
00:39:58.0660 2832  RpcSs - ok
00:39:58.0738 2832  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:39:58.0769 2832  rspndr - ok
00:39:58.0785 2832  [ F7A8C9024E82534CEC50613D87E88645 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
00:39:58.0800 2832  RTL8023xp - ok
00:39:58.0800 2832  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
00:39:58.0816 2832  SamSs - ok
00:39:58.0847 2832  [ 4BFB51CDB25D4D4B9E8FCCAB635F262E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
00:39:58.0863 2832  Samsung Update Plus - ok
00:39:58.0878 2832  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:39:58.0894 2832  sbp2port - ok
00:39:58.0941 2832  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:39:58.0956 2832  SCardSvr - ok
00:39:59.0066 2832  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
00:39:59.0112 2832  Schedule - ok
00:39:59.0144 2832  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:39:59.0144 2832  SCPolicySvc - ok
00:39:59.0253 2832  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
00:39:59.0268 2832  sdbus - ok
00:39:59.0315 2832  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:39:59.0315 2832  SDRSVC - ok
00:39:59.0362 2832  [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus         C:\Windows\system32\DRIVERS\SE27bus.sys
00:39:59.0362 2832  SE27bus - ok
00:39:59.0393 2832  [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl        C:\Windows\system32\DRIVERS\SE27mdfl.sys
00:39:59.0393 2832  SE27mdfl - ok
00:39:59.0424 2832  [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm         C:\Windows\system32\DRIVERS\SE27mdm.sys
00:39:59.0424 2832  SE27mdm - ok
00:39:59.0471 2832  [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt        C:\Windows\system32\DRIVERS\SE27mgmt.sys
00:39:59.0471 2832  SE27mgmt - ok
00:39:59.0518 2832  [ BB30139683BBF3EE89EC931393D9335C ] se27nd5         C:\Windows\system32\DRIVERS\se27nd5.sys
00:39:59.0518 2832  se27nd5 - ok
00:39:59.0565 2832  [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex        C:\Windows\system32\DRIVERS\SE27obex.sys
00:39:59.0565 2832  SE27obex - ok
00:39:59.0596 2832  [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic        C:\Windows\system32\DRIVERS\se27unic.sys
00:39:59.0596 2832  se27unic - ok
00:39:59.0627 2832  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:39:59.0627 2832  secdrv - ok
00:39:59.0674 2832  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
00:39:59.0690 2832  seclogon - ok
00:39:59.0705 2832  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
00:39:59.0721 2832  SENS - ok
00:39:59.0736 2832  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:39:59.0736 2832  Serenum - ok
00:39:59.0768 2832  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
00:39:59.0783 2832  Serial - ok
00:39:59.0783 2832  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:39:59.0783 2832  sermouse - ok
00:39:59.0892 2832  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:39:59.0924 2832  SessionEnv - ok
00:39:59.0955 2832  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
00:39:59.0955 2832  sffdisk - ok
00:39:59.0970 2832  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:39:59.0970 2832  sffp_mmc - ok
00:40:00.0002 2832  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
00:40:00.0002 2832  sffp_sd - ok
00:40:00.0017 2832  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:40:00.0017 2832  sfloppy - ok
00:40:00.0048 2832  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:40:00.0064 2832  SharedAccess - ok
00:40:00.0095 2832  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:40:00.0111 2832  ShellHWDetection - ok
00:40:00.0126 2832  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
00:40:00.0158 2832  sisagp - ok
00:40:00.0236 2832  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
00:40:00.0251 2832  SiSRaid2 - ok
00:40:00.0267 2832  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:40:00.0282 2832  SiSRaid4 - ok
00:40:01.0156 2832  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
00:40:01.0281 2832  slsvc - ok
00:40:01.0328 2832  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
00:40:01.0343 2832  SLUINotify - ok
00:40:01.0374 2832  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:40:01.0374 2832  Smb - ok
00:40:01.0421 2832  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:40:01.0437 2832  SNMPTRAP - ok
00:40:01.0468 2832  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
00:40:01.0468 2832  spldr - ok
00:40:01.0515 2832  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
00:40:01.0530 2832  Spooler - ok
00:40:01.0593 2832  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:40:01.0640 2832  SQLBrowser - ok
00:40:01.0671 2832  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:40:01.0671 2832  SQLWriter - ok
00:40:01.0733 2832  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:40:01.0749 2832  srv - ok
00:40:01.0796 2832  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:40:01.0811 2832  srv2 - ok
00:40:01.0827 2832  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:40:01.0827 2832  srvnet - ok
00:40:01.0889 2832  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:40:01.0936 2832  SSDPSRV - ok
00:40:01.0983 2832  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
00:40:01.0983 2832  ssmdrv - ok
00:40:02.0061 2832  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:40:02.0061 2832  SstpSvc - ok
00:40:02.0201 2832  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
00:40:02.0264 2832  stisvc - ok
00:40:02.0295 2832  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:40:02.0295 2832  swenum - ok
00:40:02.0357 2832  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
00:40:02.0404 2832  swprv - ok
00:40:02.0435 2832  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
00:40:02.0451 2832  Symc8xx - ok
00:40:02.0466 2832  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
00:40:02.0466 2832  Sym_hi - ok
00:40:02.0482 2832  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
00:40:02.0482 2832  Sym_u3 - ok
00:40:02.0529 2832  [ C7DD991423D364D06FC2DD1B00B53DCE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:40:02.0529 2832  SynTP - ok
00:40:02.0576 2832  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
00:40:02.0607 2832  SysMain - ok
00:40:02.0638 2832  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:40:02.0654 2832  TabletInputService - ok
00:40:02.0685 2832  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:40:02.0700 2832  TapiSrv - ok
00:40:02.0732 2832  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
00:40:02.0747 2832  TBS - ok
00:40:02.0997 2832  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:40:03.0028 2832  Tcpip - ok
00:40:03.0059 2832  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
00:40:03.0059 2832  Tcpip6 - ok
00:40:03.0090 2832  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:40:03.0106 2832  tcpipreg - ok
00:40:03.0153 2832  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:40:03.0153 2832  TDPIPE - ok
00:40:03.0184 2832  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:40:03.0184 2832  TDTCP - ok
00:40:03.0215 2832  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:40:03.0231 2832  tdx - ok
00:40:03.0246 2832  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:40:03.0246 2832  TermDD - ok
00:40:03.0293 2832  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
00:40:03.0356 2832  TermService - ok
00:40:03.0371 2832  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
00:40:03.0387 2832  Themes - ok
00:40:03.0402 2832  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
00:40:03.0402 2832  THREADORDER - ok
00:40:03.0465 2832  [ 8D69B21C0B71916B2018427A0087755F ] TODslService    C:\Program Files\T-Online\DSL-Manager\TODslSvc.exe
00:40:03.0480 2832  TODslService - ok
00:40:03.0512 2832  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
00:40:03.0543 2832  TrkWks - ok
00:40:03.0636 2832  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:40:03.0652 2832  TrustedInstaller - ok
00:40:03.0699 2832  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:40:03.0699 2832  tssecsrv - ok
00:40:03.0746 2832  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
00:40:03.0746 2832  tunmp - ok
00:40:03.0792 2832  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:40:03.0792 2832  tunnel - ok
00:40:03.0824 2832  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:40:03.0839 2832  uagp35 - ok
00:40:03.0855 2832  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:40:03.0870 2832  udfs - ok
00:40:03.0917 2832  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:40:03.0933 2832  UI0Detect - ok
00:40:03.0948 2832  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:40:03.0964 2832  uliagpkx - ok
00:40:03.0995 2832  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
00:40:03.0995 2832  uliahci - ok
00:40:04.0026 2832  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
00:40:04.0026 2832  UlSata - ok
00:40:04.0042 2832  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
00:40:04.0058 2832  ulsata2 - ok
00:40:04.0089 2832  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:40:04.0089 2832  umbus - ok
00:40:04.0151 2832  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
00:40:04.0167 2832  upnphost - ok
00:40:04.0229 2832  [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:40:04.0245 2832  usbaudio - ok
00:40:04.0276 2832  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:40:04.0292 2832  usbccgp - ok
00:40:04.0323 2832  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:40:04.0323 2832  usbcir - ok
00:40:04.0370 2832  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:40:04.0370 2832  usbehci - ok
00:40:04.0385 2832  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:40:04.0448 2832  usbhub - ok
00:40:04.0479 2832  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
00:40:04.0479 2832  usbohci - ok
00:40:04.0494 2832  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
00:40:04.0510 2832  usbprint - ok
00:40:04.0526 2832  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:40:04.0526 2832  USBSTOR - ok
00:40:04.0541 2832  [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
00:40:04.0541 2832  usbuhci - ok
00:40:04.0619 2832  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:40:04.0650 2832  usbvideo - ok
00:40:04.0682 2832  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
00:40:04.0682 2832  UxSms - ok
00:40:04.0806 2832  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
00:40:04.0838 2832  vds - ok
00:40:04.0884 2832  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:40:04.0916 2832  vga - ok
00:40:04.0962 2832  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:40:04.0962 2832  VgaSave - ok
00:40:04.0978 2832  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
00:40:04.0978 2832  viaagp - ok
00:40:05.0009 2832  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
00:40:05.0009 2832  ViaC7 - ok
00:40:05.0025 2832  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
00:40:05.0025 2832  viaide - ok
00:40:05.0040 2832  VMUVC - ok
00:40:05.0072 2832  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:40:05.0072 2832  volmgr - ok
00:40:05.0118 2832  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:40:05.0150 2832  volmgrx - ok
00:40:05.0165 2832  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:40:05.0181 2832  volsnap - ok
00:40:05.0196 2832  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:40:05.0212 2832  vsmraid - ok
00:40:05.0274 2832  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
00:40:05.0337 2832  VSS - ok
00:40:05.0352 2832  vvftUVC - ok
00:40:05.0462 2832  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
00:40:05.0493 2832  W32Time - ok
00:40:05.0508 2832  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:40:05.0508 2832  WacomPen - ok
00:40:05.0540 2832  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
00:40:05.0540 2832  Wanarp - ok
00:40:05.0555 2832  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:40:05.0555 2832  Wanarpv6 - ok
00:40:05.0711 2832  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:40:05.0758 2832  wcncsvc - ok
00:40:05.0805 2832  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:40:05.0820 2832  WcsPlugInService - ok
00:40:05.0836 2832  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
00:40:05.0852 2832  Wd - ok
00:40:05.0898 2832  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:40:05.0976 2832  Wdf01000 - ok
00:40:06.0008 2832  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:40:06.0023 2832  WdiServiceHost - ok
00:40:06.0039 2832  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:40:06.0039 2832  WdiSystemHost - ok
00:40:06.0148 2832  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
00:40:06.0148 2832  WebClient - ok
00:40:06.0210 2832  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:40:06.0242 2832  Wecsvc - ok
00:40:06.0288 2832  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:40:06.0304 2832  wercplsupport - ok
00:40:06.0351 2832  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:40:06.0366 2832  WerSvc - ok
00:40:06.0538 2832  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
00:40:06.0554 2832  WinDefend - ok
00:40:06.0569 2832  WinHttpAutoProxySvc - ok
00:40:07.0380 2832  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:40:07.0396 2832  Winmgmt - ok
00:40:07.0614 2832  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:40:07.0833 2832  WinRM - ok
00:40:08.0004 2832  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:40:08.0051 2832  Wlansvc - ok
00:40:08.0098 2832  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:40:08.0114 2832  WmiAcpi - ok
00:40:08.0176 2832  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:40:08.0207 2832  wmiApSrv - ok
00:40:08.0410 2832  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
00:40:08.0441 2832  WMPNetworkSvc - ok
00:40:08.0457 2832  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:40:08.0472 2832  WPCSvc - ok
00:40:08.0519 2832  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:40:08.0535 2832  WPDBusEnum - ok
00:40:09.0003 2832  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:40:09.0065 2832  WPFFontCache_v0400 - ok
00:40:09.0112 2832  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:40:09.0112 2832  ws2ifsl - ok
00:40:09.0159 2832  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
00:40:09.0174 2832  wscsvc - ok
00:40:09.0190 2832  WSearch - ok
00:40:09.0486 2832  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
00:40:09.0580 2832  wuauserv - ok
00:40:09.0627 2832  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:40:09.0658 2832  WUDFRd - ok
00:40:09.0689 2832  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:40:09.0705 2832  wudfsvc - ok
00:40:09.0736 2832  ================ Scan global ===============================
00:40:09.0783 2832  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
00:40:09.0908 2832  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:40:09.0970 2832  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:40:10.0032 2832  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
00:40:10.0032 2832  [Global] - ok
00:40:10.0048 2832  ================ Scan MBR ==================================
00:40:10.0064 2832  [ C31400769DEFC61154F08815BCB5E020 ] \Device\Harddisk0\DR0
00:40:13.0308 2832  \Device\Harddisk0\DR0 - ok
00:40:13.0308 2832  ================ Scan VBR ==================================
00:40:13.0340 2832  [ 43CB684343BBAF66E32113F526432CE7 ] \Device\Harddisk0\DR0\Partition1
00:40:13.0355 2832  \Device\Harddisk0\DR0\Partition1 - ok
00:40:13.0386 2832  [ 4B370665E2C95C4660A2748F17AF37CB ] \Device\Harddisk0\DR0\Partition2
00:40:13.0402 2832  \Device\Harddisk0\DR0\Partition2 - ok
00:40:13.0418 2832  ============================================================
00:40:13.0418 2832  Scan finished
00:40:13.0418 2832  ============================================================
00:40:13.0433 3028  Detected object count: 0
00:40:13.0433 3028  Actual detected object count: 0
00:43:41.0506 3392  ============================================================
00:43:41.0506 3392  Scan started
00:43:41.0506 3392  Mode: Manual; SigCheck; TDLFS; 
00:43:41.0506 3392  ============================================================
         
Fortsetzung im nächsten Beitrag

Alt 29.11.2012, 23:54   #10
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



TDSS Killer Teil II
Code:
ATTFilter
43:43.0815 3392  ================ Scan system memory ========================
00:43:43.0815 3392  System memory - ok
00:43:43.0815 3392  ================ Scan services =============================
00:43:44.0236 3392  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
00:43:44.0720 3392  ACPI - ok
00:43:44.0985 3392  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:43:45.0016 3392  AdobeARMservice - ok
00:43:45.0079 3392  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:43:45.0110 3392  AdobeFlashPlayerUpdateSvc - ok
00:43:45.0157 3392  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:43:45.0204 3392  adp94xx - ok
00:43:45.0235 3392  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:43:45.0266 3392  adpahci - ok
00:43:45.0282 3392  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
00:43:45.0297 3392  adpu160m - ok
00:43:45.0328 3392  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:43:45.0344 3392  adpu320 - ok
00:43:45.0406 3392  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:43:45.0906 3392  AeLookupSvc - ok
00:43:46.0015 3392  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
00:43:46.0171 3392  AFD - ok
00:43:46.0218 3392  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
00:43:46.0264 3392  AgereModemAudio - ok
00:43:46.0732 3392  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
00:43:46.0888 3392  AgereSoftModem - ok
00:43:46.0904 3392  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:43:46.0935 3392  agp440 - ok
00:43:46.0966 3392  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
00:43:46.0998 3392  aic78xx - ok
00:43:47.0044 3392  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
00:43:47.0216 3392  ALG - ok
00:43:47.0247 3392  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:43:47.0278 3392  aliide - ok
00:43:47.0310 3392  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
00:43:47.0356 3392  amdagp - ok
00:43:47.0372 3392  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
00:43:47.0388 3392  amdide - ok
00:43:47.0403 3392  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
00:43:47.0653 3392  AmdK7 - ok
00:43:47.0762 3392  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:43:47.0934 3392  AmdK8 - ok
00:43:48.0027 3392  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
00:43:48.0105 3392  Appinfo - ok
00:43:48.0121 3392  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
00:43:48.0136 3392  arc - ok
00:43:48.0183 3392  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:43:48.0199 3392  arcsas - ok
00:43:48.0246 3392  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
00:43:48.0292 3392  aswFsBlk - ok
00:43:48.0339 3392  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
00:43:48.0370 3392  aswMonFlt - ok
00:43:48.0402 3392  [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
00:43:48.0417 3392  AswRdr - ok
00:43:48.0511 3392  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
00:43:48.0667 3392  aswSnx - ok
00:43:48.0792 3392  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
00:43:48.0870 3392  aswSP - ok
00:43:48.0963 3392  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
00:43:48.0979 3392  aswTdi - ok
00:43:49.0026 3392  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:43:49.0072 3392  AsyncMac - ok
00:43:49.0104 3392  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:43:49.0119 3392  atapi - ok
00:43:49.0275 3392  [ 2846F5EE802889D500FCF5CC48B28381 ] athr            C:\Windows\system32\DRIVERS\athr.sys
00:43:49.0478 3392  athr - ok
00:43:49.0634 3392  [ D1F2726E89D4BD96F8314B9E303E633D ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
00:43:49.0899 3392  Ati External Event Utility - ok
00:43:49.0962 3392  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:43:49.0993 3392  AudioEndpointBuilder - ok
00:43:50.0040 3392  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
00:43:50.0086 3392  Audiosrv - ok
00:43:50.0601 3392  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:43:50.0617 3392  avast! Antivirus - ok
00:43:50.0773 3392  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
00:43:50.0804 3392  BcmSqlStartupSvc - ok
00:43:50.0866 3392  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:43:51.0022 3392  Beep - ok
00:43:51.0085 3392  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
00:43:51.0132 3392  BFE - ok
00:43:51.0210 3392  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
00:43:51.0397 3392  BITS - ok
00:43:51.0412 3392  blbdrive - ok
00:43:51.0506 3392  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:43:51.0568 3392  bowser - ok
00:43:51.0615 3392  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
00:43:51.0662 3392  BrFiltLo - ok
00:43:51.0678 3392  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
00:43:51.0724 3392  BrFiltUp - ok
00:43:51.0771 3392  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
00:43:51.0865 3392  Browser - ok
00:43:51.0896 3392  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
00:43:51.0974 3392  Brserid - ok
00:43:52.0005 3392  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
00:43:52.0099 3392  BrSerWdm - ok
00:43:52.0177 3392  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
00:43:52.0286 3392  BrUsbMdm - ok
00:43:52.0348 3392  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
00:43:52.0458 3392  BrUsbSer - ok
00:43:52.0520 3392  [ 064FBC56921051DE1075495D628B815F ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
00:43:52.0738 3392  BthEnum - ok
00:43:52.0770 3392  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:43:52.0848 3392  BTHMODEM - ok
00:43:52.0894 3392  [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
00:43:52.0972 3392  BthPan - ok
00:43:53.0050 3392  [ B24757D9154CCA035E1BBD3DB92966D7 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
00:43:53.0097 3392  BTHPORT - ok
00:43:53.0144 3392  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
00:43:53.0206 3392  BthServ - ok
00:43:53.0222 3392  [ D42CF5F0C7635B3F1578810FE34D9E41 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
00:43:53.0269 3392  BTHUSB - ok
00:43:53.0378 3392  [ 0CF62C498D60253A4FC3B2AFF0E6373E ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
00:43:53.0409 3392  btwaudio - ok
00:43:53.0440 3392  [ D094142ADE0DA18463609AE656B1F3ED ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
00:43:53.0456 3392  btwavdt - ok
00:43:53.0659 3392  [ 840439331FF1A72B3A18ED59D27676D8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
00:43:53.0768 3392  btwdins - ok
00:43:53.0815 3392  [ 511159FCB07FD7442E7F399C94A3B408 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
00:43:53.0830 3392  btwrchid - ok
00:43:53.0862 3392  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:43:53.0908 3392  cdfs - ok
00:43:53.0971 3392  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:43:54.0033 3392  cdrom - ok
00:43:54.0080 3392  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:43:54.0127 3392  CertPropSvc - ok
00:43:54.0189 3392  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:43:54.0283 3392  circlass - ok
00:43:54.0361 3392  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
00:43:54.0392 3392  CLFS - ok
00:43:54.0673 3392  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:43:54.0688 3392  clr_optimization_v2.0.50727_32 - ok
00:43:55.0422 3392  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:43:55.0515 3392  clr_optimization_v4.0.30319_32 - ok
00:43:55.0593 3392  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:43:55.0640 3392  CmBatt - ok
00:43:55.0671 3392  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:43:55.0702 3392  cmdide - ok
00:43:55.0734 3392  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:43:55.0765 3392  Compbatt - ok
00:43:55.0780 3392  COMSysApp - ok
00:43:55.0812 3392  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:43:55.0843 3392  crcdisk - ok
00:43:55.0874 3392  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
00:43:55.0968 3392  Crusoe - ok
00:43:56.0014 3392  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:43:56.0092 3392  CryptSvc - ok
00:43:56.0436 3392  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:43:56.0638 3392  DcomLaunch - ok
00:43:56.0670 3392  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:43:56.0732 3392  DfsC - ok
00:43:57.0637 3392  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
00:43:57.0918 3392  DFSR - ok
00:43:57.0980 3392  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
00:43:58.0027 3392  Dhcp - ok
00:43:58.0074 3392  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
00:43:58.0089 3392  disk - ok
00:43:58.0152 3392  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:43:58.0214 3392  Dnscache - ok
00:43:58.0245 3392  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:43:58.0292 3392  dot3svc - ok
00:43:58.0354 3392  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
00:43:58.0448 3392  DPS - ok
00:43:58.0510 3392  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:43:58.0604 3392  drmkaud - ok
00:43:58.0698 3392  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:43:58.0744 3392  DXGKrnl - ok
00:43:58.0807 3392  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
00:43:58.0885 3392  E1G60 - ok
00:43:58.0963 3392  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
00:43:58.0994 3392  EapHost - ok
00:43:59.0056 3392  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
00:43:59.0088 3392  Ecache - ok
00:43:59.0244 3392  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:43:59.0353 3392  ehRecvr - ok
00:43:59.0400 3392  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
00:43:59.0493 3392  ehSched - ok
00:43:59.0524 3392  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
00:43:59.0571 3392  ehstart - ok
00:43:59.0618 3392  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:43:59.0649 3392  elxstor - ok
00:43:59.0821 3392  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
00:43:59.0946 3392  EMDMgmt - ok
00:44:00.0024 3392  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
00:44:00.0070 3392  EventSystem - ok
00:44:00.0117 3392  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
00:44:00.0195 3392  exfat - ok
00:44:00.0258 3392  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:44:00.0304 3392  fastfat - ok
00:44:00.0351 3392  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:44:00.0445 3392  fdc - ok
00:44:00.0507 3392  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:44:00.0538 3392  fdPHost - ok
00:44:00.0585 3392  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:44:00.0694 3392  FDResPub - ok
00:44:00.0772 3392  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:44:00.0788 3392  FileInfo - ok
00:44:00.0819 3392  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:44:00.0866 3392  Filetrace - ok
00:44:00.0913 3392  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:44:00.0991 3392  flpydisk - ok
00:44:01.0053 3392  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:44:01.0084 3392  FltMgr - ok
00:44:01.0256 3392  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
00:44:01.0428 3392  FontCache - ok
00:44:01.0646 3392  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:44:01.0662 3392  FontCache3.0.0.0 - ok
00:44:01.0693 3392  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:44:01.0740 3392  Fs_Rec - ok
00:44:01.0786 3392  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:44:01.0818 3392  gagp30kx - ok
00:44:01.0974 3392  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:44:02.0083 3392  gpsvc - ok
00:44:02.0208 3392  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:44:02.0239 3392  gupdate - ok
00:44:02.0254 3392  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:44:02.0270 3392  gupdatem - ok
00:44:02.0410 3392  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:44:02.0535 3392  HdAudAddService - ok
00:44:02.0629 3392  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:44:02.0769 3392  HDAudBus - ok
00:44:02.0800 3392  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:44:02.0878 3392  HidBth - ok
00:44:02.0941 3392  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:44:03.0050 3392  HidIr - ok
00:44:03.0144 3392  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
00:44:03.0206 3392  hidserv - ok
00:44:03.0253 3392  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:44:03.0315 3392  HidUsb - ok
00:44:03.0378 3392  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:44:03.0424 3392  hkmsvc - ok
00:44:03.0487 3392  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
00:44:03.0518 3392  HpCISSs - ok
00:44:03.0627 3392  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:44:03.0721 3392  HTTP - ok
00:44:03.0736 3392  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
00:44:03.0752 3392  i2omp - ok
00:44:03.0799 3392  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:44:03.0846 3392  i8042prt - ok
00:44:03.0970 3392  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
00:44:04.0017 3392  iaStorV - ok
00:44:04.0173 3392  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:44:04.0204 3392  IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:44:04.0204 3392  IDriverT - detected UnsignedFile.Multi.Generic (1)
00:44:04.0485 3392  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:44:04.0610 3392  idsvc - ok
00:44:04.0704 3392  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:44:04.0719 3392  iirsp - ok
00:44:04.0766 3392  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
00:44:04.0906 3392  IKEEXT - ok
00:44:05.0265 3392  [ A47B2875680AD67B35C6150BD0203056 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
00:44:05.0530 3392  IntcAzAudAddService - ok
00:44:05.0546 3392  [ 97469037714070E45194ED318D636401 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:44:05.0577 3392  intelide - ok
00:44:05.0624 3392  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:44:05.0718 3392  intelppm - ok
00:44:05.0827 3392  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:44:05.0905 3392  IPBusEnum - ok
00:44:05.0967 3392  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:44:06.0030 3392  IpFilterDriver - ok
00:44:06.0123 3392  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:44:06.0201 3392  iphlpsvc - ok
00:44:06.0217 3392  IpInIp - ok
00:44:06.0264 3392  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
00:44:06.0357 3392  IPMIDRV - ok
00:44:06.0420 3392  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
00:44:06.0544 3392  IPNAT - ok
00:44:06.0591 3392  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:44:06.0669 3392  IRENUM - ok
00:44:06.0732 3392  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:44:06.0763 3392  isapnp - ok
00:44:06.0888 3392  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
00:44:06.0903 3392  iScsiPrt - ok
00:44:06.0981 3392  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
00:44:07.0028 3392  iteatapi - ok
00:44:07.0059 3392  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
00:44:07.0122 3392  iteraid - ok
00:44:07.0153 3392  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:44:07.0200 3392  kbdclass - ok
00:44:07.0231 3392  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:44:07.0293 3392  kbdhid - ok
00:44:07.0371 3392  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
00:44:07.0480 3392  KeyIso - ok
00:44:07.0543 3392  [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO       C:\Windows\system32\DRIVERS\kmdfmemio.sys
00:44:07.0621 3392  KMDFMEMIO - ok
00:44:07.0699 3392  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:44:07.0730 3392  KSecDD - ok
00:44:07.0824 3392  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:44:07.0933 3392  KtmRm - ok
00:44:07.0980 3392  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:44:08.0058 3392  LanmanServer - ok
00:44:08.0120 3392  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:44:08.0245 3392  LanmanWorkstation - ok
00:44:08.0292 3392  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:44:08.0370 3392  lltdio - ok
00:44:08.0479 3392  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:44:08.0572 3392  lltdsvc - ok
00:44:08.0604 3392  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:44:08.0713 3392  lmhosts - ok
00:44:08.0822 3392  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:44:08.0916 3392  LSI_FC - ok
00:44:08.0947 3392  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:44:08.0994 3392  LSI_SAS - ok
00:44:09.0040 3392  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:44:09.0056 3392  LSI_SCSI - ok
00:44:09.0087 3392  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
00:44:09.0134 3392  luafv - ok
00:44:09.0212 3392  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:44:09.0274 3392  Mcx2Svc - ok
00:44:09.0306 3392  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
00:44:09.0321 3392  megasas - ok
00:44:09.0384 3392  [ 5E5024D9E2351DB2563B30912B4C4146 ] MIINPazX        C:\PROGRA~1\COMMON~1\MARMIK~1\MInfraIS\MIINPazX.SYS
00:44:09.0399 3392  MIINPazX ( UnsignedFile.Multi.Generic ) - warning
00:44:09.0399 3392  MIINPazX - detected UnsignedFile.Multi.Generic (1)
00:44:09.0446 3392  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
00:44:09.0493 3392  MMCSS - ok
00:44:09.0602 3392  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
00:44:09.0680 3392  Modem - ok
00:44:09.0727 3392  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:44:09.0789 3392  monitor - ok
00:44:09.0820 3392  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:44:09.0852 3392  mouclass - ok
00:44:09.0883 3392  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:44:09.0961 3392  mouhid - ok
00:44:10.0054 3392  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
00:44:10.0101 3392  MountMgr - ok
00:44:10.0164 3392  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:44:10.0179 3392  MozillaMaintenance - ok
00:44:10.0242 3392  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:44:10.0273 3392  mpio - ok
00:44:10.0320 3392  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:44:10.0382 3392  mpsdrv - ok
00:44:10.0522 3392  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:44:10.0616 3392  MpsSvc - ok
00:44:10.0647 3392  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
00:44:10.0678 3392  Mraid35x - ok
00:44:10.0725 3392  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:44:10.0788 3392  MRxDAV - ok
00:44:10.0819 3392  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:44:10.0897 3392  mrxsmb - ok
00:44:10.0975 3392  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:44:11.0037 3392  mrxsmb10 - ok
00:44:11.0053 3392  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:44:11.0100 3392  mrxsmb20 - ok
00:44:11.0146 3392  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:44:11.0162 3392  msahci - ok
00:44:11.0193 3392  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:44:11.0224 3392  msdsm - ok
00:44:11.0271 3392  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
00:44:11.0349 3392  MSDTC - ok
00:44:11.0536 3392  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:44:11.0630 3392  Msfs - ok
00:44:11.0677 3392  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:44:11.0692 3392  msisadrv - ok
00:44:11.0724 3392  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:44:11.0786 3392  MSiSCSI - ok
00:44:11.0802 3392  msiserver - ok
00:44:11.0895 3392  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:44:11.0973 3392  MSKSSRV - ok
00:44:12.0020 3392  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:44:12.0082 3392  MSPCLOCK - ok
00:44:12.0129 3392  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:44:12.0176 3392  MSPQM - ok
00:44:12.0207 3392  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:44:12.0238 3392  MsRPC - ok
00:44:12.0332 3392  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:44:12.0363 3392  mssmbios - ok
00:44:12.0535 3392  MSSQL$MSSMLBIZ - ok
00:44:12.0597 3392  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:44:12.0628 3392  MSSQLServerADHelper - ok
00:44:12.0706 3392  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:44:12.0769 3392  MSTEE - ok
00:44:13.0034 3392  [ 493138C4F4119E938427DA02486F09CB ] MTOnlPktAlyX    C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
00:44:13.0065 3392  MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - warning
00:44:13.0065 3392  MTOnlPktAlyX - detected UnsignedFile.Multi.Generic (1)
00:44:13.0112 3392  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
00:44:13.0128 3392  Mup - ok
00:44:13.0284 3392  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
00:44:13.0377 3392  napagent - ok
00:44:13.0752 3392  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:44:13.0830 3392  NativeWifiP - ok
00:44:13.0892 3392  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:44:13.0954 3392  NDIS - ok
00:44:13.0986 3392  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:44:14.0032 3392  NdisTapi - ok
00:44:14.0095 3392  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:44:14.0126 3392  Ndisuio - ok
00:44:14.0173 3392  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:44:14.0220 3392  NdisWan - ok
00:44:14.0266 3392  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:44:14.0313 3392  NDProxy - ok
00:44:14.0344 3392  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:44:14.0438 3392  NetBIOS - ok
00:44:14.0500 3392  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
00:44:14.0594 3392  netbt - ok
00:44:14.0625 3392  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
00:44:14.0641 3392  Netlogon - ok
00:44:14.0750 3392  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
00:44:14.0812 3392  Netman - ok
00:44:14.0906 3392  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
00:44:14.0984 3392  netprofm - ok
00:44:15.0046 3392  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:44:15.0078 3392  NetTcpPortSharing - ok
00:44:15.0795 3392  [ 6E9EDC1020B319E7676387B8CDF2398C ] NETw2v32        C:\Windows\system32\DRIVERS\NETw2v32.sys
00:44:16.0092 3392  NETw2v32 - ok
00:44:16.0123 3392  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:44:16.0170 3392  nfrd960 - ok
00:44:16.0216 3392  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:44:16.0279 3392  NlaSvc - ok
00:44:16.0326 3392  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:44:16.0450 3392  Npfs - ok
00:44:16.0482 3392  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
00:44:16.0575 3392  nsi - ok
00:44:16.0638 3392  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:44:16.0716 3392  nsiproxy - ok
00:44:17.0043 3392  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:44:17.0168 3392  Ntfs - ok
00:44:17.0230 3392  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
00:44:17.0293 3392  ntrigdigi - ok
00:44:17.0371 3392  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
00:44:17.0464 3392  Null - ok
00:44:17.0511 3392  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:44:17.0527 3392  nvraid - ok
00:44:17.0558 3392  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:44:17.0574 3392  nvstor - ok
00:44:17.0605 3392  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:44:17.0620 3392  nv_agp - ok
00:44:17.0636 3392  NwlnkFlt - ok
00:44:17.0652 3392  NwlnkFwd - ok
00:44:17.0886 3392  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:44:17.0932 3392  odserv - ok
00:44:17.0979 3392  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:44:18.0073 3392  ohci1394 - ok
00:44:18.0198 3392  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:44:18.0244 3392  ose - ok
00:44:18.0307 3392  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
00:44:18.0447 3392  p2pimsvc - ok
00:44:18.0494 3392  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:44:18.0541 3392  p2psvc - ok
00:44:18.0603 3392  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
00:44:18.0666 3392  Parport - ok
00:44:18.0728 3392  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:44:18.0775 3392  partmgr - ok
00:44:18.0790 3392  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
00:44:18.0853 3392  Parvdm - ok
00:44:18.0900 3392  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:44:18.0978 3392  PcaSvc - ok
00:44:19.0009 3392  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
00:44:19.0024 3392  pci - ok
00:44:19.0056 3392  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
00:44:19.0102 3392  pciide - ok
00:44:19.0149 3392  [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:44:19.0180 3392  pcmcia - ok
00:44:19.0243 3392  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:44:19.0368 3392  PEAUTH - ok
00:44:19.0680 3392  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
00:44:19.0851 3392  pla - ok
00:44:19.0898 3392  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:44:19.0945 3392  PlugPlay - ok
00:44:19.0992 3392  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
00:44:20.0038 3392  PNRPAutoReg - ok
00:44:20.0116 3392  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
00:44:20.0163 3392  PNRPsvc - ok
00:44:20.0210 3392  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:44:20.0272 3392  PolicyAgent - ok
00:44:20.0319 3392  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:44:20.0397 3392  PptpMiniport - ok
00:44:20.0444 3392  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
00:44:20.0522 3392  Processor - ok
00:44:20.0600 3392  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:44:20.0647 3392  ProfSvc - ok
00:44:20.0662 3392  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:44:20.0678 3392  ProtectedStorage - ok
00:44:20.0740 3392  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
00:44:20.0787 3392  PSched - ok
00:44:20.0865 3392  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:44:20.0990 3392  ql2300 - ok
00:44:21.0021 3392  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:44:21.0052 3392  ql40xx - ok
00:44:21.0084 3392  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
00:44:21.0130 3392  QWAVE - ok
00:44:21.0177 3392  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:44:21.0193 3392  QWAVEdrv - ok
00:44:21.0692 3392  [ 1FD94B167A03C4E9909F6E28A6320019 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
00:44:21.0895 3392  R300 - ok
00:44:21.0942 3392  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:44:21.0988 3392  RasAcd - ok
00:44:22.0051 3392  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
00:44:22.0098 3392  RasAuto - ok
00:44:22.0176 3392  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:44:22.0269 3392  Rasl2tp - ok
00:44:22.0300 3392  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
00:44:22.0347 3392  RasMan - ok
00:44:22.0363 3392  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:44:22.0394 3392  RasPppoe - ok
00:44:22.0441 3392  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:44:22.0472 3392  RasSstp - ok
00:44:22.0628 3392  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:44:22.0706 3392  rdbss - ok
00:44:22.0800 3392  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:44:22.0893 3392  RDPCDD - ok
00:44:22.0971 3392  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
00:44:23.0065 3392  rdpdr - ok
00:44:23.0080 3392  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:44:23.0174 3392  RDPENCDD - ok
00:44:23.0236 3392  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:44:23.0330 3392  RDPWD - ok
00:44:23.0361 3392  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:44:23.0439 3392  RemoteAccess - ok
00:44:23.0486 3392  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:44:23.0533 3392  RemoteRegistry - ok
00:44:23.0580 3392  [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
00:44:23.0689 3392  RFCOMM - ok
00:44:23.0938 3392  [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:44:23.0970 3392  RichVideo ( UnsignedFile.Multi.Generic ) - warning
00:44:23.0970 3392  RichVideo - detected UnsignedFile.Multi.Generic (1)
00:44:24.0016 3392  [ B39F1BD472E4992382875BAF0B645C6D ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
00:44:24.0048 3392  rimmptsk - ok
00:44:24.0094 3392  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
00:44:24.0141 3392  rimsptsk - ok
00:44:24.0172 3392  [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
00:44:24.0219 3392  rismxdp - ok
00:44:24.0250 3392  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
00:44:24.0328 3392  RpcLocator - ok
00:44:24.0360 3392  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
00:44:24.0453 3392  RpcSs - ok
00:44:24.0562 3392  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:44:24.0609 3392  rspndr - ok
00:44:24.0640 3392  [ F7A8C9024E82534CEC50613D87E88645 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
00:44:24.0718 3392  RTL8023xp - ok
00:44:24.0750 3392  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
00:44:24.0765 3392  SamSs - ok
00:44:24.0843 3392  [ 4BFB51CDB25D4D4B9E8FCCAB635F262E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
00:44:24.0859 3392  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
00:44:24.0859 3392  Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
00:44:24.0890 3392  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:44:24.0906 3392  sbp2port - ok
00:44:24.0952 3392  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:44:25.0030 3392  SCardSvr - ok
00:44:25.0296 3392  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
00:44:25.0452 3392  Schedule - ok
00:44:25.0483 3392  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:44:25.0514 3392  SCPolicySvc - ok
00:44:25.0576 3392  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
00:44:25.0670 3392  sdbus - ok
00:44:25.0701 3392  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:44:25.0795 3392  SDRSVC - ok
00:44:25.0842 3392  [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus         C:\Windows\system32\DRIVERS\SE27bus.sys
00:44:25.0857 3392  SE27bus ( UnsignedFile.Multi.Generic ) - warning
00:44:25.0857 3392  SE27bus - detected UnsignedFile.Multi.Generic (1)
00:44:25.0888 3392  [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl        C:\Windows\system32\DRIVERS\SE27mdfl.sys
00:44:25.0935 3392  SE27mdfl ( UnsignedFile.Multi.Generic ) - warning
00:44:25.0935 3392  SE27mdfl - detected UnsignedFile.Multi.Generic (1)
00:44:25.0966 3392  [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm         C:\Windows\system32\DRIVERS\SE27mdm.sys
00:44:25.0998 3392  SE27mdm ( UnsignedFile.Multi.Generic ) - warning
00:44:25.0998 3392  SE27mdm - detected UnsignedFile.Multi.Generic (1)
00:44:26.0044 3392  [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt        C:\Windows\system32\DRIVERS\SE27mgmt.sys
00:44:26.0044 3392  SE27mgmt ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0044 3392  SE27mgmt - detected UnsignedFile.Multi.Generic (1)
00:44:26.0076 3392  [ BB30139683BBF3EE89EC931393D9335C ] se27nd5         C:\Windows\system32\DRIVERS\se27nd5.sys
00:44:26.0107 3392  se27nd5 ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0107 3392  se27nd5 - detected UnsignedFile.Multi.Generic (1)
00:44:26.0154 3392  [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex        C:\Windows\system32\DRIVERS\SE27obex.sys
00:44:26.0185 3392  SE27obex ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0185 3392  SE27obex - detected UnsignedFile.Multi.Generic (1)
00:44:26.0263 3392  [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic        C:\Windows\system32\DRIVERS\se27unic.sys
00:44:26.0278 3392  se27unic ( UnsignedFile.Multi.Generic ) - warning
00:44:26.0278 3392  se27unic - detected UnsignedFile.Multi.Generic (1)
00:44:26.0325 3392  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:44:26.0403 3392  secdrv - ok
00:44:26.0466 3392  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
00:44:26.0512 3392  seclogon - ok
00:44:26.0559 3392  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
00:44:26.0622 3392  SENS - ok
00:44:26.0653 3392  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:44:26.0731 3392  Serenum - ok
00:44:26.0762 3392  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
00:44:26.0856 3392  Serial - ok
00:44:26.0902 3392  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:44:26.0965 3392  sermouse - ok
00:44:27.0090 3392  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:44:27.0168 3392  SessionEnv - ok
00:44:27.0214 3392  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
00:44:27.0308 3392  sffdisk - ok
00:44:27.0339 3392  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:44:27.0433 3392  sffp_mmc - ok
00:44:27.0480 3392  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
00:44:27.0558 3392  sffp_sd - ok
00:44:27.0573 3392  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:44:27.0682 3392  sfloppy - ok
00:44:27.0776 3392  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:44:27.0854 3392  SharedAccess - ok
00:44:27.0948 3392  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:44:28.0119 3392  ShellHWDetection - ok
00:44:28.0166 3392  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
00:44:28.0182 3392  sisagp - ok
00:44:28.0213 3392  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
00:44:28.0244 3392  SiSRaid2 - ok
00:44:28.0291 3392  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:44:28.0338 3392  SiSRaid4 - ok
00:44:29.0040 3392  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
00:44:29.0414 3392  slsvc - ok
00:44:29.0445 3392  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
00:44:29.0492 3392  SLUINotify - ok
00:44:29.0523 3392  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:44:29.0554 3392  Smb - ok
00:44:29.0632 3392  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:44:29.0664 3392  SNMPTRAP - ok
00:44:29.0695 3392  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
00:44:29.0710 3392  spldr - ok
00:44:29.0773 3392  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
00:44:29.0835 3392  Spooler - ok
00:44:29.0898 3392  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:44:29.0929 3392  SQLBrowser - ok
00:44:29.0991 3392  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:44:30.0022 3392  SQLWriter - ok
00:44:30.0085 3392  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:44:30.0178 3392  srv - ok
00:44:30.0225 3392  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:44:30.0303 3392  srv2 - ok
00:44:30.0319 3392  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:44:30.0350 3392  srvnet - ok
00:44:30.0397 3392  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:44:30.0459 3392  SSDPSRV - ok
00:44:30.0490 3392  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
00:44:30.0537 3392  ssmdrv - ok
00:44:30.0600 3392  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:44:30.0615 3392  SstpSvc - ok
00:44:30.0678 3392  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
00:44:30.0740 3392  stisvc - ok
00:44:30.0771 3392  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:44:30.0802 3392  swenum - ok
00:44:30.0849 3392  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
00:44:30.0896 3392  swprv - ok
00:44:30.0958 3392  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
00:44:31.0005 3392  Symc8xx - ok
00:44:31.0036 3392  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
00:44:31.0068 3392  Sym_hi - ok
00:44:31.0083 3392  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
00:44:31.0099 3392  Sym_u3 - ok
00:44:31.0130 3392  [ C7DD991423D364D06FC2DD1B00B53DCE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:44:31.0161 3392  SynTP - ok
00:44:31.0270 3392  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
00:44:31.0348 3392  SysMain - ok
00:44:31.0395 3392  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:44:31.0458 3392  TabletInputService - ok
00:44:31.0520 3392  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:44:31.0582 3392  TapiSrv - ok
00:44:31.0645 3392  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
00:44:31.0707 3392  TBS - ok
00:44:31.0816 3392  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:44:31.0910 3392  Tcpip - ok
00:44:32.0113 3392  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
00:44:32.0191 3392  Tcpip6 - ok
00:44:32.0362 3392  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:44:32.0440 3392  tcpipreg - ok
00:44:32.0581 3392  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:44:32.0628 3392  TDPIPE - ok
00:44:32.0846 3392  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:44:32.0893 3392  TDTCP - ok
00:44:33.0064 3392  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:44:33.0111 3392  tdx - ok
00:44:33.0298 3392  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:44:33.0330 3392  TermDD - ok
00:44:33.0720 3392  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
00:44:33.0813 3392  TermService - ok
00:44:33.0844 3392  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
00:44:33.0876 3392  Themes - ok
00:44:33.0907 3392  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
00:44:33.0938 3392  THREADORDER - ok
00:44:34.0000 3392  [ 8D69B21C0B71916B2018427A0087755F ] TODslService    C:\Program Files\T-Online\DSL-Manager\TODslSvc.exe
00:44:34.0016 3392  TODslService ( UnsignedFile.Multi.Generic ) - warning
00:44:34.0016 3392  TODslService - detected UnsignedFile.Multi.Generic (1)
00:44:34.0063 3392  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
00:44:34.0125 3392  TrkWks - ok
00:44:34.0312 3392  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:44:34.0375 3392  TrustedInstaller - ok
00:44:34.0531 3392  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:44:34.0578 3392  tssecsrv - ok
00:44:34.0640 3392  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
00:44:34.0687 3392  tunmp - ok
00:44:34.0718 3392  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:44:34.0734 3392  tunnel - ok
00:44:34.0827 3392  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:44:34.0858 3392  uagp35 - ok
00:44:34.0905 3392  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:44:34.0936 3392  udfs - ok
00:44:35.0030 3392  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:44:35.0077 3392  UI0Detect - ok
00:44:35.0108 3392  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:44:35.0124 3392  uliagpkx - ok
00:44:35.0186 3392  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
00:44:35.0217 3392  uliahci - ok
00:44:35.0264 3392  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
00:44:35.0280 3392  UlSata - ok
00:44:35.0342 3392  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
00:44:35.0358 3392  ulsata2 - ok
00:44:35.0404 3392  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:44:35.0467 3392  umbus - ok
00:44:35.0545 3392  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
00:44:35.0607 3392  upnphost - ok
00:44:35.0654 3392  [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:44:35.0685 3392  usbaudio - ok
00:44:35.0763 3392  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:44:35.0841 3392  usbccgp - ok
00:44:35.0888 3392  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:44:35.0966 3392  usbcir - ok
00:44:36.0013 3392  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
00:44:36.0044 3392  usbehci - ok
00:44:36.0075 3392  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:44:36.0153 3392  usbhub - ok
00:44:36.0184 3392  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
00:44:36.0231 3392  usbohci - ok
00:44:36.0262 3392  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
00:44:36.0325 3392  usbprint - ok
00:44:36.0372 3392  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:44:36.0387 3392  USBSTOR - ok
00:44:36.0434 3392  [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
00:44:36.0496 3392  usbuhci - ok
00:44:36.0637 3392  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:44:36.0699 3392  usbvideo - ok
00:44:36.0777 3392  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
00:44:36.0808 3392  UxSms - ok
00:44:36.0871 3392  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
00:44:36.0918 3392  vds - ok
00:44:36.0996 3392  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:44:37.0089 3392  vga - ok
00:44:37.0167 3392  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:44:37.0214 3392  VgaSave - ok
00:44:37.0245 3392  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
00:44:37.0261 3392  viaagp - ok
00:44:37.0292 3392  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
00:44:37.0354 3392  ViaC7 - ok
00:44:37.0386 3392  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
00:44:37.0401 3392  viaide - ok
00:44:37.0417 3392  VMUVC - ok
00:44:37.0448 3392  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:44:37.0479 3392  volmgr - ok
00:44:37.0526 3392  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:44:37.0573 3392  volmgrx - ok
00:44:37.0604 3392  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:44:37.0635 3392  volsnap - ok
00:44:37.0682 3392  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:44:37.0698 3392  vsmraid - ok
00:44:38.0010 3392  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
00:44:38.0134 3392  VSS - ok
00:44:38.0150 3392  vvftUVC - ok
00:44:38.0212 3392  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
00:44:38.0306 3392  W32Time - ok
00:44:38.0337 3392  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:44:38.0415 3392  WacomPen - ok
00:44:38.0509 3392  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
00:44:38.0618 3392  Wanarp - ok
00:44:38.0649 3392  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:44:38.0680 3392  Wanarpv6 - ok
00:44:38.0758 3392  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:44:38.0899 3392  wcncsvc - ok
00:44:38.0930 3392  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:44:38.0992 3392  WcsPlugInService - ok
00:44:39.0070 3392  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
00:44:39.0086 3392  Wd - ok
00:44:39.0460 3392  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:44:39.0523 3392  Wdf01000 - ok
00:44:39.0570 3392  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:44:39.0648 3392  WdiServiceHost - ok
00:44:39.0679 3392  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:44:39.0710 3392  WdiSystemHost - ok
00:44:39.0897 3392  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
00:44:39.0944 3392  WebClient - ok
00:44:39.0991 3392  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:44:40.0100 3392  Wecsvc - ok
00:44:40.0131 3392  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:44:40.0162 3392  wercplsupport - ok
00:44:40.0209 3392  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:44:40.0272 3392  WerSvc - ok
00:44:40.0537 3392  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
00:44:40.0646 3392  WinDefend - ok
00:44:40.0662 3392  WinHttpAutoProxySvc - ok
00:44:40.0849 3392  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:44:40.0911 3392  Winmgmt - ok
00:44:41.0208 3392  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:44:41.0301 3392  WinRM - ok
00:44:41.0379 3392  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:44:41.0504 3392  Wlansvc - ok
00:44:41.0566 3392  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:44:41.0644 3392  WmiAcpi - ok
00:44:41.0832 3392  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:44:41.0925 3392  wmiApSrv - ok
00:44:42.0300 3392  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
00:44:42.0409 3392  WMPNetworkSvc - ok
00:44:42.0456 3392  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:44:42.0518 3392  WPCSvc - ok
00:44:42.0580 3392  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:44:42.0643 3392  WPDBusEnum - ok
00:44:43.0033 3392  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:44:43.0111 3392  WPFFontCache_v0400 - ok
00:44:43.0158 3392  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:44:43.0189 3392  ws2ifsl - ok
00:44:43.0236 3392  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
00:44:43.0267 3392  wscsvc - ok
00:44:43.0282 3392  WSearch - ok
00:44:43.0719 3392  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
00:44:43.0906 3392  wuauserv - ok
00:44:43.0969 3392  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:44:44.0000 3392  WUDFRd - ok
00:44:44.0047 3392  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:44:44.0094 3392  wudfsvc - ok
00:44:44.0156 3392  ================ Scan global ===============================
00:44:44.0203 3392  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
00:44:44.0250 3392  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:44:44.0296 3392  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:44:44.0359 3392  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
00:44:44.0421 3392  [Global] - ok
00:44:44.0421 3392  ================ Scan MBR ==================================
00:44:44.0452 3392  [ C31400769DEFC61154F08815BCB5E020 ] \Device\Harddisk0\DR0
00:44:50.0427 3392  \Device\Harddisk0\DR0 - ok
00:44:50.0427 3392  ================ Scan VBR ==================================
00:44:50.0505 3392  [ 43CB684343BBAF66E32113F526432CE7 ] \Device\Harddisk0\DR0\Partition1
00:44:50.0536 3392  \Device\Harddisk0\DR0\Partition1 - ok
00:44:50.0599 3392  [ 4B370665E2C95C4660A2748F17AF37CB ] \Device\Harddisk0\DR0\Partition2
00:44:50.0724 3392  \Device\Harddisk0\DR0\Partition2 - ok
00:44:50.0724 3392  ============================================================
00:44:50.0724 3392  Scan finished
00:44:50.0724 3392  ============================================================
00:44:50.0739 2840  Detected object count: 13
00:44:50.0739 2840  Actual detected object count: 13
00:45:11.0347 2840  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0347 2840  MIINPazX ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840  MIINPazX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0347 2840  MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840  MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0347 2840  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0347 2840  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0347 2840  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0362 2840  SE27bus ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840  SE27bus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0362 2840  SE27mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840  SE27mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0362 2840  SE27mdm ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840  SE27mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0362 2840  SE27mgmt ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840  SE27mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0362 2840  se27nd5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840  se27nd5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0362 2840  SE27obex ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0362 2840  SE27obex ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0378 2840  se27unic ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0378 2840  se27unic ( UnsignedFile.Multi.Generic ) - User select action: Skip 
00:45:11.0378 2840  TODslService ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:11.0378 2840  TODslService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 30.11.2012, 08:54   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Alt 30.11.2012, 12:51   #12
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Code:
ATTFilter
# AdwCleaner v2.010 - Datei am 30/11/2012 um 13:49:32 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Christa - CHRISTA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Christa\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://email.t-online.de/kc/index.php?ctl=message_list&p[folder]=INBOX

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\prefs.js

Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", false);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.21+07.01.24-toolbar003iad-DE-QmVybGluLEdlcm1hbnk%3D");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "d2495548-819f-4567-b8ae-547884619b73");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1313762418750");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Berlin,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "3");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.version", "5.12.2.17486");

*************************

AdwCleaner[R1].txt - [2858 octets] - [30/11/2012 13:49:32]

########## EOF - C:\AdwCleaner[R1].txt - [2918 octets] ##########
         

Alt 30.11.2012, 13:00   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

Alt 30.11.2012, 19:17   #14
tralali
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Code:
ATTFilter
# AdwCleaner v2.010 - Datei am 30/11/2012 um 14:27:51 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Christa - CHRISTA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Christa\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://email.t-online.de/kc/index.php?ctl=message_list&p[folder]=INBOX --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\prefs.js

Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.cbid", "JM");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.crumb", "2011.07.21+07.01.24-toolbar003iad-DE-QmVybGluLEdlcm1hbnk%3D");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gelöscht : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "d2495548-819f-4567-b8ae-547884619b73");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1313762418750");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.location", "Berlin,Germany");
Gelöscht : user_pref("extensions.asktb.notification-shown", true);
Gelöscht : user_pref("extensions.asktb.o", "100000080");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "3");
Gelöscht : user_pref("extensions.asktb.sa", "NO");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.version", "5.12.2.17486");

*************************

AdwCleaner[R1].txt - [2987 octets] - [30/11/2012 13:49:32]
AdwCleaner[S1].txt - [2956 octets] - [30/11/2012 14:27:51]

########## EOF - C:\AdwCleaner[S1].txt - [3016 octets] ##########
         
Code:
ATTFilter
OTL logfile created on: 30.11.2012 14:53:59 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Christa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
765,45 Mb Total Physical Memory | 125,75 Mb Available Physical Memory | 16,43% Memory free
1,76 Gb Paging File | 0,71 Gb Available in Paging File | 40,60% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 11,57 Gb Free Space | 22,78% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Christa\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wsqmcons.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe ()
PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Samsung\Samsung Recovery Solution II\WCScheduler.exe ()
MOD - C:\Windows\System32\spacklsp.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Windows\System32\btwhidcs.dll ()
MOD - C:\Programme\Samsung\EBM\ChkSec.dll ()
MOD - C:\Programme\Samsung\Easy Display Manager\WinMove.dll ()
MOD - C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll ()
MOD - C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll ()
MOD - C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (Samsung Update Plus) -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (TODslService) -- C:\Programme\T-Online\DSL-Manager\TODslSvc.exe (T-Systems International GmbH)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (vvftUVC) -- system32\drivers\vvftUVC.sys File not found
DRV - (VMUVC) -- System32\Drivers\VMUVC.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NETw2v32) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (MIINPazX) -- C:\Programme\Common Files\Marmiko Shared\MInfraIS\MIINPazx.sys (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (se27unic) -- C:\Windows\System32\drivers\se27unic.sys (MCCI)
DRV - (SE27obex) -- C:\Windows\System32\drivers\SE27obex.sys (MCCI)
DRV - (se27nd5) -- C:\Windows\System32\drivers\se27nd5.sys (MCCI)
DRV - (SE27mgmt) -- C:\Windows\System32\drivers\SE27mgmt.sys (MCCI)
DRV - (SE27mdm) -- C:\Windows\System32\drivers\SE27mdm.sys (MCCI)
DRV - (SE27mdfl) -- C:\Windows\System32\drivers\SE27mdfl.sys (MCCI)
DRV - (SE27bus) -- C:\Windows\System32\drivers\SE27bus.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{CA680281-B784-4FE0-8DC8-8E5256EC23AF}: "URL" = hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_de&p={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://email.t-online.de/index.php?ctl=write_email"
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.16 18:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.10 17:50:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2010.09.09 16:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Extensions
[2012.10.23 17:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions
[2010.09.12 16:27:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.25 17:08:00 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Christa\AppData\Roaming\mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2012.11.10 17:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.16 18:31:22 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.11.10 17:50:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.22 17:08:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.15 16:44:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.22 17:08:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.22 17:08:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.22 17:08:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.22 17:08:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\Toolbar\WebBrowser: (no name) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No CLSID value found.
O3 - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-18..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-19..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1688565363-3877067027-1528832066-1003..\Run: []  File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (T-Systems International GmbH)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (T-Systems International GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\spacklsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\spacklsp.dll ()
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{082264E5-35B3-4F48-B8BF-CEB85C74F920}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C73B4F7C-7AA5-4121-87EF-C68A412D2C29}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Christa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.27 19:59:05 | 000,100,864 | ---- | C] (GMER) -- C:\kgliafod.sys
[2012.11.16 19:29:03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.16 19:28:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.16 19:28:58 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.16 19:28:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.16 19:28:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.16 19:28:51 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.16 19:28:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.16 19:28:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.16 18:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.16 18:32:59 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Local\Google
[2012.11.16 18:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.11.16 18:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.11.16 18:32:49 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.11.16 18:32:49 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.11.16 18:32:44 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.11.16 18:32:43 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.11.16 18:32:39 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.11.16 18:32:34 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.11.16 18:30:58 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.11.16 18:30:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.11.16 18:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.11.16 18:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.11.16 18:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.11.16 17:30:49 | 000,000,000 | ---D | C] -- C:\Users\Christa\AppData\Roaming\Malwarebytes
[2012.11.16 17:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.16 17:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.16 17:29:08 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.16 17:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.16 17:09:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.16 17:00:20 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.10 17:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.30 15:09:48 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.30 14:46:27 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.30 14:44:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.30 14:41:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.30 14:41:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.30 14:41:24 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.11.30 14:41:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.30 14:39:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.11.30 14:05:07 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.11.30 00:27:03 | 162,904,183 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.11.27 19:59:05 | 000,100,864 | ---- | M] (GMER) -- C:\kgliafod.sys
[2012.11.27 19:03:41 | 000,000,000 | ---- | M] () -- C:\Users\Christa\defogger_reenable
[2012.11.17 18:09:04 | 000,696,598 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.17 18:09:04 | 000,651,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.17 18:09:04 | 000,155,074 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.17 18:09:04 | 000,126,162 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.16 20:09:27 | 000,372,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.16 18:32:50 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.16 18:32:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.11.16 18:17:18 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.11.16 17:15:01 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012.11.16 17:13:38 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.11.16 17:13:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.30 00:27:03 | 162,904,183 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.11.27 19:03:41 | 000,000,000 | ---- | C] () -- C:\Users\Christa\defogger_reenable
[2012.11.16 18:37:02 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.11.16 18:33:19 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.16 18:33:16 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.16 18:32:50 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.16 18:17:18 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.11.16 18:17:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.09.16 16:10:14 | 000,000,903 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.15.rtf
[2011.08.23 15:46:20 | 000,001,152 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.14.rtf
[2011.02.25 18:03:31 | 000,000,888 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.13.rtf
[2010.11.27 18:29:59 | 000,000,723 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.12.rtf
[2010.11.01 17:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Christa\AppData\Local\d3d9caps.dat
[2010.10.13 17:09:52 | 000,000,881 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.11.rtf
[2010.09.14 16:27:53 | 000,000,694 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.10.rtf
[2010.08.06 16:33:52 | 000,000,760 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.9.rtf
[2010.07.05 11:40:53 | 000,000,611 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr 6.rtf
[2010.06.11 16:14:32 | 000,001,036 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.8.rtf
[2010.05.21 17:27:42 | 000,000,877 | ---- | C] () -- C:\Users\Christa\Tagebuch.rtf
[2010.05.07 16:56:28 | 000,000,964 | ---- | C] () -- C:\Users\Christa\Tagebuch Nr.7.rtf
[2010.03.21 17:08:06 | 000,031,007 | ---- | C] () -- C:\Users\Christa\AppData\Roaming\UserTile.png
[2009.05.10 15:04:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.12.27 11:35:42 | 000,710,144 | -HS- | C] () -- C:\Users\Christa\ehthumbs_vista.db
[2007.10.31 15:59:18 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.10.22 14:36:12 | 000,022,528 | ---- | C] () -- C:\Users\Christa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.03 11:17:02 | 000,000,095 | ---- | C] () -- C:\Users\Christa\AppData\Local\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2010.01.05 12:55:24 | 000,005,044 | ---- | M] () -- C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\h320v941.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}\skin\L.png
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 885 bytes -> C:\Users\Christa\Documents\Tagebuch Nr.16.eml:OECustomProperty

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 30.11.2012 14:53:59 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Christa\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
765,45 Mb Total Physical Memory | 125,75 Mb Available Physical Memory | 16,43% Memory free
1,76 Gb Paging File | 0,71 Gb Available in Paging File | 40,60% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 11,57 Gb Free Space | 22,78% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 45,14 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTA-PC | User Name: Christa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1688565363-3877067027-1528832066-1003]
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{164A68E2-493F-4308-8F08-84491949D2D9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{17835511-E8D2-44D6-84F1-05C1D94ED9F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2110C180-636A-49A8-999D-C0590C71D248}" = lport=138 | protocol=17 | dir=in | app=system | 
"{241F1282-FE85-44AC-A1CD-282C6713809D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3F4109A9-E99E-4973-B8F9-629006779EC6}" = rport=137 | protocol=17 | dir=out | app=system | 
"{77427A9D-75D5-4F52-9915-0F34512C3D80}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{909E4A5F-8BFB-4F1E-A7DA-D4A312C0F63B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9744DDFE-C742-44D0-868F-904DE91E9AB7}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E41F1530-EAC7-4BDE-97BF-DF27D6975E27}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F7A20E7E-0676-4624-A195-0F214C16F85F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FF95205D-CDB6-4187-AAF8-94DBD2A3871F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0861DEE8-1E70-4298-98BD-72DA8E267D93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4067263A-C653-4772-B88E-3C915E97E74B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{AA77BCD3-8FBC-40C5-9C20-316F0FC60701}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BDE9E5E8-72E8-4791-B0CE-D4DB68E48381}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0212BFBB-50BA-C4FA-D700-DFBB40A9F1AF}" = Catalyst Control Center Localization Arabic
"{0219FD21-8B2E-240B-3D35-997EE0E3F81B}" = Catalyst Control Center Localization Arabic
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047ACAF8-7642-4940-8EC6-4694E0E60B40}" = CCC Help French
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F42C96-A96C-F579-B0FA-F44BBA118C51}" = ccc-core-static
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0BB96994-EA3F-D659-6A3B-D2D73FEBD8E4}" = ccc-utility
"{0C1D06CD-D5D1-A718-5C8F-27D089C5C39C}" = Catalyst Control Center Localization Finnish
"{0DF36AB1-1B4C-CAEC-A23E-EFA25738B60A}" = CCC Help Greek
"{110D7DC8-9237-47D3-AB39-50651A10304C}" = SamsungScreensaver
"{12080F61-1225-BCDE-EFE2-3452E826D9AD}" = Catalyst Control Center Graphics Light
"{143539DF-6F6E-9E25-3EDF-0906C7F533B7}" = CCC Help Korean
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution II
"{148806DB-3E2E-4A2E-D7F8-223EFA43C350}" = Catalyst Control Center Graphics Full New
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20CD8D4B-74ED-BED9-805C-6F4FBE6B4F01}" = ccc-localization-da
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31ACBC65-C234-BD71-3FCE-520EC0138635}" = CCC Help Norwegian
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"{3AB54293-0366-7D73-D97E-3DB689A72E4A}" = CCC Help Danish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DC4A72C-B683-5733-8A2C-136FBB5619D6}" = Catalyst Control Center Localization German
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{47EDD638-F882-A248-FBA5-B0CCBB9175D8}" = CCC Help Spanish
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D6125BF-2586-9175-24FE-854DD6F6F08F}" = CCC Help Hungarian
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52FE8F38-057E-26C5-DF29-935DE6E218E0}" = Catalyst Control Center Localization Japanese
"{5579A7B8-F48A-C2F5-75D0-F67CDFD68461}" = Catalyst Control Center Core Implementation
"{5A4BB8B6-8BE7-A8AF-528C-55A50DD18497}" = Catalyst Control Center Localization Arabic
"{5AA05616-21D6-63D5-CA68-73200B161599}" = CCC Help Czech
"{5E99C53A-D37E-CEA5-0398-329F15494618}" = Catalyst Control Center Graphics Full Existing
"{64536DB8-3247-4489-6BC3-BCD0DCC74810}" = Catalyst Control Center Localization Spanish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6BD4EDE4-053E-FC85-AFC2-58306952BDBD}" = Catalyst Control Center Localization French
"{6F6D2DE6-44FA-EAF4-0028-7FAE37A76B4C}" = CCC Help Turkish
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78E2F10D-4A74-A354-3D41-CF439A501AE5}" = CCC Help Italian
"{8448A09D-0E2A-4EFA-6A16-AFA374AE088F}" = Catalyst Control Center Graphics Previews Vista
"{87858FF1-3D1C-301A-0C62-62F977659969}" = Catalyst Control Center Localization Italian
"{8799B11A-0E01-1729-B527-802A3513BEE7}" = CCC Help Polish
"{8A51FE4C-7DC6-8C9B-67D7-8536B7413BFE}" = Catalyst Control Center Localization Korean
"{8A92CE03-CEEB-145D-1F8D-FBC0DDE0CDEF}" = CCC Help Finnish
"{8ED71B2B-8228-EFF8-B566-890D771A6A98}" = CCC Help Swedish
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903194A5-E1E4-E56B-8B3C-C52664CD6A65}" = CCC Help Japanese
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = T-Online DSL-Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{95CCAA64-028C-FF26-B553-3401EA3B137B}" = CCC Help Chinese Standard
"{98C0E007-7225-550C-BD4D-16A53171FA5B}" = CCC Help Chinese Traditional
"{99825ADC-3BAC-40C6-3FA1-A80496C5FE4D}" = CCC Help German
"{99FBF341-96A4-6E6B-F098-F5318F74FD8B}" = Catalyst Control Center Localization Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AEE384F-4CEB-9FD4-0ECA-5A2A5FF3FC65}" = Catalyst Control Center Localization Arabic
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A703E5-975D-8426-B654-A3C86EEA771F}" = Catalyst Control Center Localization Greek
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3400
"{A2E2B102-C07F-2D6A-F826-FBE911583029}" = Catalyst Control Center Localization Arabic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB8465B2-8971-83AA-72AC-08C870CAB14B}" = CCC Help English
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B57D54D5-BE8F-152A-3DDA-2CCC34916ABB}" = Catalyst Control Center Localization Czech
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C2F84222-A797-3ADB-F73F-F9FEA356365E}" = Catalyst Control Center Localization Chinese Standard
"{C5DC24CC-98D8-3714-20DE-F3154692CAC1}" = CCC Help Portuguese
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D6339BC5-BD2E-580C-0A9E-EF09B768C891}" = CCC Help Thai
"{DDFA8768-E4A8-4EFA-637B-DF23DC3EFD04}" = Catalyst Control Center Localization Chinese Traditional
"{DF1F4246-C7DF-7C15-6BBD-211E768EB715}" = Catalyst Control Center Localization Arabic
"{E481BC06-6BBB-093B-728A-C8EEB98E1E47}" = Catalyst Control Center Localization Arabic
"{E5BED6AE-BEF7-8504-38DB-F881A526F5C2}" = Skins
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC69E8A3-A20F-E735-968A-CE6D4E1FA857}" = CCC Help Russian
"{ED8EACD0-3B35-AA21-DA10-6372AB6D19CA}" = CCC Help Dutch
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF602681-E2E7-9FFF-9752-3B0F8E7D38F1}" = Catalyst Control Center Localization Arabic
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Uninstaller" = ATI Uninstaller
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Google Chrome" = Google Chrome
"InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1688565363-3877067027-1528832066-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:32:15 | Computer Name = Christa-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 25.11.2012 13:42:29 | Computer Name = Christa-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 27.11.2012 15:01:46 | Computer Name = Christa-PC | Source = Perflib | ID = 1010
Description = 
 
[ System Events ]
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 25.11.2012 12:51:00 | Computer Name = Christa-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.11.2012 13:04:18 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:02:07 unerwartet heruntergefahren.
 
Error - 25.11.2012 13:25:55 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.11.2012 um 18:23:09 unerwartet heruntergefahren.
 
Error - 25.11.2012 13:42:27 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 27.11.2012 12:43:44 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 27.11.2012 14:39:27 | Computer Name = Christa-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.11.2012 15:32:14 | Computer Name = Christa-PC | Source = bowser | ID = 8003
Description = 
 
Error - 29.11.2012 19:27:12 | Computer Name = Christa-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 30.11.2012 um 00:25:32 unerwartet heruntergefahren.
 
Error - 30.11.2012 08:45:56 | Computer Name = Christa-PC | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         

Alt 30.11.2012, 20:40   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder und stürzt im IE und FF ab... - Standard

PC hängt immer wieder und stürzt im IE und FF ab...



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Antwort

Themen zu PC hängt immer wieder und stürzt im IE und FF ab...
antivirus, autorun, avira, bho, defender, desktop, error, firefox, flash player, format, home, hängt, install.exe, logfile, microsoft office 2003, mozilla, office 2007, realtek, registry, rundll, scan, security, server, software, virus, vista, wlan



Ähnliche Themen: PC hängt immer wieder und stürzt im IE und FF ab...


  1. Firefox stürzt immer wieder ab
    Netzwerk und Hardware - 18.08.2015 (38)
  2. Pc hängt sich für 1-2 sec immer wieder auf und cpu auslastung bei 100%
    Plagegeister aller Art und deren Bekämpfung - 03.03.2015 (5)
  3. Opera stürzt immer wieder ab !
    Plagegeister aller Art und deren Bekämpfung - 25.02.2015 (8)
  4. PC hängt sich immer wieder auf
    Alles rund um Windows - 13.06.2014 (8)
  5. Pc Stürzt immer wieder ab
    Netzwerk und Hardware - 27.05.2014 (2)
  6. Windows 7 , PC stürzt immer wieder ab, nach säuberung mit Vipre immer noch viele verdächtig Datein im Autorun
    Log-Analyse und Auswertung - 15.01.2014 (12)
  7. Pc wieder sehr langsam, Firefox stürzt immer wieder ab.
    Log-Analyse und Auswertung - 21.08.2013 (9)
  8. PC hängt sich immer wieder auf
    Alles rund um Windows - 17.03.2013 (0)
  9. Computer stürzt immer wieder ab
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (3)
  10. Warum stürzt mein Pc immer wieder ab?
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (5)
  11. PC stürzt seit Neuaufsetzung immer wieder ab
    Plagegeister aller Art und deren Bekämpfung - 12.02.2012 (1)
  12. PC hängt immer wieder
    Log-Analyse und Auswertung - 05.01.2012 (3)
  13. PC hängt sich immer wieder auf?
    Plagegeister aller Art und deren Bekämpfung - 22.05.2011 (17)
  14. Pc stürzt immer wieder ab / hängt sich auf mit Windows 7
    Alles rund um Windows - 26.01.2010 (0)
  15. Mein PC hängt sich immer wieder auf....
    Log-Analyse und Auswertung - 02.12.2008 (0)
  16. Pc stürzt immer und immer wieder ab...
    Mülltonne - 30.11.2008 (0)
  17. Explorer.exe stürzt nach 5 sek immer wieder ab !
    Plagegeister aller Art und deren Bekämpfung - 10.07.2005 (5)

Zum Thema PC hängt immer wieder und stürzt im IE und FF ab... - Hallo in die Runde, nachdem Ihr mir schon so wunderbar beim Säubern meines Laptops geholfen habt, möchte ich Euch gerne nochmal um Hilfe bitten. Der Laptop meiner Nachbarin hängt sich - PC hängt immer wieder und stürzt im IE und FF ab......
Archiv
Du betrachtest: PC hängt immer wieder und stürzt im IE und FF ab... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.