Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Freezing - Help Needed!


  • Please log in to reply
17 replies to this topic

#1 arturdux

arturdux

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 31 January 2013 - 07:01 AM


Hello,

Can anyone help me with a problem I am having with my desktop PC? I posted this case in the Windows 7 Forum on 24 January, but I have had no offers of help there, and I now think it may be caused by an infection, so I am reposting the latest on this case here.

My desktop PC runs Windows 7 Home Premium 64-Bit Service Pack 1 (pre-installed when purchased, so I don't have a disk); and I have the following security and clean-up programs: Norton 360 Online; Malwarebytes Anti-Malware (free version); SuperAntiSpyware; Spybot; ccCleaner; Duplicate Cleaner; and CleanUp!

Until recently things were running OK:

- I ran Norton 360 the week before last, ticking the options to automatically update virus definitions, run a complete virus scan, free up disk space, tidy the registry, etc. – no problems were found.
- the only recent problem I can recall was that, a couple of weeks ago, some Lotus IBM Symphony documents refused to open: so I de-installed that software and re-installed the latest version, and all was well.
- the weekend before last, I was doing some tidying up - closing accounts on some websites, looking to remove any software no longer used, etc. Among other things, I closed my Google account. While looking through the folder Programme (X86) I saw a folder called Google, and assuming it was no longer necessary I tried to delete it, but a message popped up saying that administrator rights were needed. I thought I had administrator rights, but I looked at and played around with the folder's permissions to try to get it to allow me to delete it – without success.

Later that day I powered up the PC again and something seemed to have gone wrong – when I clicked on folders, applications, etc., they were not all opening immediately, and some not at all. I decided to do a system restore to try to roll back anything I had done wrong – this completed successfully to the recommended restore point, but did not solve the problem - so I switched off for the day. The next day, when I booted up, I got a Norton error message on screen: an error with the code 3047,58 had occurred, and I was told to start a support session; I did, and Norton said that no automatic solutions had been found, and I was directed to the support website, where I was told to run Live Update and then restart the PC; Norton then reported that some security settings were wrong, so I let Norton correct those. The problem with trying to open folders and applications was still not solved. I ran another full scan - nothing found - after which Norton suggested running its Power Eraser if problems persisted – so I did. Four problems with the system settings were found – but, other than that they were in the registry, no further details were given, so I let Norton correct those problems automatically. But, things were still not right: the first time I rebooted I could not get past the Login screen, which just froze; I rebooted and this time got past the Login screen to the desktop, and for a short time a small blue circle appeared on the task bar: when it disappeared, applications and folders seemed to work for about a minute and then everything froze: they all showed “not responding”, and a small blue circle appeared around the pointer. The only thing I could do was manually power off.

Since making my original post in the Windows 7 Forum on 24 January, I have done the following:

- I have downloaded and run TDSSKiller and ESET, as well as running Norton Anti-Virus and Malwarebytes again: none of these have found any problems. As said in my original post, a system files check (sfc /scannow) and a disk check have also reported no problems. I managed to look at Norton monthly report and see that, on the day after the problem started, Norton detected "Trojan.Gen.2" but that this was isolated and fixed.
- I have looked around the forums to see if anyone else was reporting a similar problem, and found references to infections caused by rogue software called PC Optimizer Pro, WxDownloader and Mocaflix. I had found all of these programmes were "uninvited guests" on my software list when I was clearing out redundant software, and I had deinstalled the first two but kept Mocaflix because I did not know what it was. Anyway, I have now downloaded Revo to get rid of Mocaflix. For the others, I searched the C: drive and the registry for any trace of them: there was little on the C: drive, but there were a few registry keys, which I deleted, and one regular key that had been corrupted by a dialler called Sprotector which I understand is part of these rogues: I have reset that key to settings copied from a clean PC, but I don't know if any more keys have been corrupted less obviously.
- I have also run Farbar Service Scanner, which highlighted some services as missing or not running. One service which was not running was System Restore, which I hadn't stopped, so I have started it again, but whereas when I made my original post, I had several available restore points, today most of those have disappeared: I do not know if it is usual for restore points to be dropped or whether it is happening because of an infection problem.

So, this is how my PC is at the moment: when I power up, in Normal mode, sometimes when I try to get past the Login screen the PC hangs at the Welcome screen; at other times I can get past the Login screen to the desktop, but beyond that I can do almost nothing, because the apps and folders seem to work for only about 1 1/2 minutes and then freeze, with every app or folder saying "Not responding", and a small blue circle appearing around the pointer: if I persist in clicking on apps and folders, the screen greys out or goes black except for the pointer, and all I can do is manually power off. The PC works in safe mode, but that is not a long-term solution. The PC sometimes gets stuck when I try to power off in either mode.

I hope that someone can help to get my PC back to working normally!

arturdux

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 02 February 2013 - 05:10 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 03 February 2013 - 08:29 AM


Hello dev00790,

Thanks for your offer of help - I hope you can fix this frustrating problem.

I have downloaded the tools and tried to run them:

- I can only do this in Safe Mode with Networking - as said in describing the problem, I can do practically nothing in Normal Mode before the PC freezes.
- I could not get MiniToolBox to run - I tried to start it as “Administrator“ from my Desktop but it got stuck on “List IP Configuration“ - so I re-ran it several times, ticking 1 or 2 options at a time, and got results for all but “List IP Configuration“ and “List Restore Points“, where it also gets stuck. Please let me know if there is a fix for MiniToolBox or another tool I can use to get the missing results.
- some of the text in the log(s) comes out in German (PC is in Germany) - I hope the log(s) are still understandable, but if not I can translate.

The results:

1) TDSSKiller result

10:32:17.0766 5052 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:32:17.0984 5052 ============================================================
10:32:17.0984 5052 Current date / time: 2013/02/03 10:32:17.0984
10:32:17.0984 5052 SystemInfo:
10:32:17.0984 5052
10:32:17.0984 5052 OS Version: 6.1.7601 ServicePack: 1.0
10:32:17.0984 5052 Product type: Workstation
10:32:17.0984 5052 ComputerName: USER-PC
10:32:17.0984 5052 UserName: User
10:32:17.0984 5052 Windows directory: C:\Windows
10:32:17.0984 5052 System windows directory: C:\Windows
10:32:17.0984 5052 Running under WOW64
10:32:17.0984 5052 Processor architecture: Intel x64
10:32:17.0984 5052 Number of processors: 2
10:32:17.0984 5052 Page size: 0x1000
10:32:17.0984 5052 Boot type: Safe boot with network
10:32:17.0984 5052 ============================================================
10:32:18.0875 5052 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:32:18.0879 5052 ============================================================
10:32:18.0879 5052 \Device\Harddisk0\DR0:
10:32:18.0879 5052 MBR partitions:
10:32:18.0879 5052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:32:18.0879 5052 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
10:32:18.0879 5052 ============================================================
10:32:18.0913 5052 C: <-> \Device\Harddisk0\DR0\Partition2
10:32:18.0913 5052 ============================================================
10:32:18.0913 5052 Initialize success
10:32:18.0913 5052 ============================================================
10:32:24.0333 4924 ============================================================
10:32:24.0333 4924 Scan started
10:32:24.0333 4924 Mode: Manual; SigCheck; TDLFS;
10:32:24.0333 4924 ============================================================
10:32:24.0528 4924 ================ Scan system memory ========================
10:32:24.0528 4924 System memory - ok
10:32:24.0528 4924 ================ Scan services =============================
10:32:24.0634 4924 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:32:24.0661 4924 !SASCORE - ok
10:32:24.0804 4924 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:32:24.0816 4924 1394ohci - ok
10:32:24.0864 4924 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:32:24.0873 4924 ACPI - ok
10:32:24.0901 4924 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:32:24.0911 4924 AcpiPmi - ok
10:32:25.0014 4924 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:32:25.0020 4924 AdobeARMservice - ok
10:32:25.0124 4924 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:32:25.0133 4924 AdobeFlashPlayerUpdateSvc - ok
10:32:25.0188 4924 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:32:25.0199 4924 adp94xx - ok
10:32:25.0221 4924 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:32:25.0231 4924 adpahci - ok
10:32:25.0249 4924 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:32:25.0256 4924 adpu320 - ok
10:32:25.0285 4924 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:32:25.0313 4924 AeLookupSvc - ok
10:32:25.0366 4924 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:32:25.0379 4924 AFD - ok
10:32:25.0414 4924 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:32:25.0420 4924 agp440 - ok
10:32:25.0449 4924 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:32:25.0458 4924 ALG - ok
10:32:25.0473 4924 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:32:25.0479 4924 aliide - ok
10:32:25.0513 4924 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:32:25.0519 4924 amdide - ok
10:32:25.0545 4924 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:32:25.0554 4924 AmdK8 - ok
10:32:25.0585 4924 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:32:25.0594 4924 AmdPPM - ok
10:32:25.0630 4924 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:32:25.0636 4924 amdsata - ok
10:32:25.0670 4924 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:32:25.0679 4924 amdsbs - ok
10:32:25.0704 4924 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:32:25.0710 4924 amdxata - ok
10:32:25.0744 4924 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:32:25.0769 4924 AppID - ok
10:32:25.0794 4924 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:32:25.0821 4924 AppIDSvc - ok
10:32:25.0865 4924 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:32:25.0891 4924 Appinfo - ok
10:32:25.0929 4924 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:32:25.0936 4924 arc - ok
10:32:25.0951 4924 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:32:25.0959 4924 arcsas - ok
10:32:25.0990 4924 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:32:26.0018 4924 AsyncMac - ok
10:32:26.0044 4924 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:32:26.0050 4924 atapi - ok
10:32:26.0101 4924 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:32:26.0133 4924 AudioEndpointBuilder - ok
10:32:26.0151 4924 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:32:26.0183 4924 AudioSrv - ok
10:32:26.0218 4924 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:32:26.0231 4924 AxInstSV - ok
10:32:26.0280 4924 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:32:26.0293 4924 b06bdrv - ok
10:32:26.0333 4924 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:32:26.0343 4924 b57nd60a - ok
10:32:26.0443 4924 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:32:26.0451 4924 BBSvc - ok
10:32:26.0503 4924 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:32:26.0511 4924 BBUpdate - ok
10:32:26.0544 4924 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:32:26.0553 4924 BDESVC - ok
10:32:26.0584 4924 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:32:26.0610 4924 Beep - ok
10:32:26.0670 4924 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:32:26.0703 4924 BFE - ok
10:32:26.0868 4924 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20130116.013\BHDrvx64.sys
10:32:26.0891 4924 BHDrvx64 - ok
10:32:26.0934 4924 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:32:26.0968 4924 BITS - ok
10:32:26.0988 4924 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:32:26.0998 4924 blbdrive - ok
10:32:27.0029 4924 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:32:27.0038 4924 bowser - ok
10:32:27.0069 4924 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:32:27.0079 4924 BrFiltLo - ok
10:32:27.0093 4924 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:32:27.0104 4924 BrFiltUp - ok
10:32:27.0145 4924 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:32:27.0173 4924 BridgeMP - ok
10:32:27.0209 4924 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
10:32:27.0235 4924 Browser - ok
10:32:27.0254 4924 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:32:27.0264 4924 Brserid - ok
10:32:27.0279 4924 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:32:27.0289 4924 BrSerWdm - ok
10:32:27.0298 4924 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:32:27.0308 4924 BrUsbMdm - ok
10:32:27.0318 4924 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:32:27.0326 4924 BrUsbSer - ok
10:32:27.0344 4924 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:32:27.0355 4924 BTHMODEM - ok
10:32:27.0388 4924 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:32:27.0415 4924 bthserv - ok
10:32:27.0425 4924 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:32:27.0453 4924 cdfs - ok
10:32:27.0496 4924 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:32:27.0505 4924 cdrom - ok
10:32:27.0544 4924 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:32:27.0570 4924 CertPropSvc - ok
10:32:27.0618 4924 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:32:27.0628 4924 circlass - ok
10:32:27.0658 4924 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:32:27.0668 4924 CLFS - ok
10:32:27.0720 4924 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:32:27.0726 4924 clr_optimization_v2.0.50727_32 - ok
10:32:27.0771 4924 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:32:27.0778 4924 clr_optimization_v2.0.50727_64 - ok
10:32:27.0860 4924 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:32:27.0866 4924 clr_optimization_v4.0.30319_32 - ok
10:32:27.0908 4924 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:32:27.0914 4924 clr_optimization_v4.0.30319_64 - ok
10:32:27.0934 4924 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:32:27.0943 4924 CmBatt - ok
10:32:27.0974 4924 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:32:27.0980 4924 cmdide - ok
10:32:28.0018 4924 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
10:32:28.0034 4924 CNG - ok
10:32:28.0048 4924 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:32:28.0054 4924 Compbatt - ok
10:32:28.0074 4924 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:32:28.0085 4924 CompositeBus - ok
10:32:28.0094 4924 COMSysApp - ok
10:32:28.0113 4924 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:32:28.0119 4924 crcdisk - ok
10:32:28.0166 4924 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:32:28.0176 4924 CryptSvc - ok
10:32:28.0218 4924 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:32:28.0249 4924 DcomLaunch - ok
10:32:28.0293 4924 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:32:28.0323 4924 defragsvc - ok
10:32:28.0371 4924 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:32:28.0399 4924 DfsC - ok
10:32:28.0483 4924 [ 2609FC634FF93EC2BD081ABFECEEF997 ] DFSVC C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
10:32:28.0490 4924 DFSVC ( UnsignedFile.Multi.Generic ) - warning
10:32:28.0490 4924 DFSVC - detected UnsignedFile.Multi.Generic (1)
10:32:28.0513 4924 [ 245244B2740975F74F56559105093A2D ] DFSYS C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS
10:32:28.0518 4924 DFSYS - ok
10:32:28.0565 4924 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:32:28.0594 4924 Dhcp - ok
10:32:28.0611 4924 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:32:28.0639 4924 discache - ok
10:32:28.0664 4924 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:32:28.0670 4924 Disk - ok
10:32:28.0706 4924 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:32:28.0716 4924 Dnscache - ok
10:32:28.0753 4924 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:32:28.0780 4924 dot3svc - ok
10:32:28.0826 4924 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:32:28.0838 4924 Dot4 - ok
10:32:28.0874 4924 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
10:32:28.0884 4924 Dot4Print - ok
10:32:28.0904 4924 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:32:28.0915 4924 dot4usb - ok
10:32:28.0951 4924 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:32:28.0979 4924 DPS - ok
10:32:29.0010 4924 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:32:29.0021 4924 drmkaud - ok
10:32:29.0074 4924 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:32:29.0093 4924 DXGKrnl - ok
10:32:29.0119 4924 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:32:29.0146 4924 EapHost - ok
10:32:29.0231 4924 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:32:29.0269 4924 ebdrv - ok
10:32:29.0350 4924 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:32:29.0360 4924 eeCtrl - ok
10:32:29.0381 4924 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
10:32:29.0391 4924 EFS - ok
10:32:29.0466 4924 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:32:29.0481 4924 ehRecvr - ok
10:32:29.0514 4924 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:32:29.0524 4924 ehSched - ok
10:32:29.0540 4924 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:32:29.0553 4924 elxstor - ok
10:32:29.0619 4924 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:32:29.0624 4924 EraserUtilRebootDrv - ok
10:32:29.0655 4924 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:32:29.0663 4924 ErrDev - ok
10:32:29.0695 4924 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:32:29.0725 4924 EventSystem - ok
10:32:29.0750 4924 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:32:29.0779 4924 exfat - ok
10:32:29.0799 4924 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:32:29.0828 4924 fastfat - ok
10:32:29.0876 4924 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:32:29.0890 4924 Fax - ok
10:32:29.0909 4924 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:32:29.0918 4924 fdc - ok
10:32:29.0939 4924 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:32:29.0965 4924 fdPHost - ok
10:32:29.0971 4924 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:32:30.0000 4924 FDResPub - ok
10:32:30.0026 4924 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:32:30.0034 4924 FileInfo - ok
10:32:30.0044 4924 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:32:30.0071 4924 Filetrace - ok
10:32:30.0086 4924 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:32:30.0095 4924 flpydisk - ok
10:32:30.0130 4924 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:32:30.0139 4924 FltMgr - ok
10:32:30.0196 4924 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:32:30.0215 4924 FontCache - ok
10:32:30.0274 4924 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:32:30.0279 4924 FontCache3.0.0.0 - ok
10:32:30.0305 4924 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:32:30.0313 4924 FsDepends - ok
10:32:30.0325 4924 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:32:30.0331 4924 Fs_Rec - ok
10:32:30.0375 4924 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:32:30.0386 4924 fvevol - ok
10:32:30.0404 4924 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:32:30.0410 4924 gagp30kx - ok
10:32:30.0446 4924 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:32:30.0451 4924 GEARAspiWDM - ok
10:32:30.0498 4924 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:32:30.0531 4924 gpsvc - ok
10:32:30.0549 4924 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:32:30.0558 4924 hcw85cir - ok
10:32:30.0619 4924 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:32:30.0633 4924 HdAudAddService - ok
10:32:30.0661 4924 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:32:30.0673 4924 HDAudBus - ok
10:32:30.0689 4924 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:32:30.0698 4924 HidBatt - ok
10:32:30.0711 4924 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:32:30.0723 4924 HidBth - ok
10:32:30.0755 4924 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:32:30.0766 4924 HidIr - ok
10:32:30.0806 4924 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:32:30.0833 4924 hidserv - ok
10:32:30.0860 4924 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:32:30.0869 4924 HidUsb - ok
10:32:30.0903 4924 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:32:30.0929 4924 hkmsvc - ok
10:32:30.0956 4924 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:32:30.0968 4924 HomeGroupListener - ok
10:32:31.0008 4924 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:32:31.0019 4924 HomeGroupProvider - ok
10:32:31.0131 4924 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:32:31.0136 4924 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:32:31.0136 4924 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:32:31.0153 4924 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:32:31.0156 4924 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:32:31.0156 4924 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:32:31.0194 4924 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:32:31.0200 4924 HpSAMD - ok
10:32:31.0255 4924 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:32:31.0288 4924 HTTP - ok
10:32:31.0326 4924 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:32:31.0333 4924 hwpolicy - ok
10:32:31.0369 4924 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:32:31.0379 4924 i8042prt - ok
10:32:31.0403 4924 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:32:31.0414 4924 iaStorV - ok
10:32:31.0463 4924 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:32:31.0478 4924 idsvc - ok
10:32:31.0561 4924 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20130201.001\IDSvia64.sys
10:32:31.0573 4924 IDSVia64 - ok
10:32:31.0585 4924 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:32:31.0593 4924 iirsp - ok
10:32:31.0639 4924 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:32:31.0673 4924 IKEEXT - ok
10:32:31.0718 4924 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:32:31.0723 4924 intelide - ok
10:32:31.0749 4924 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:32:31.0758 4924 intelppm - ok
10:32:31.0780 4924 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:32:31.0808 4924 IPBusEnum - ok
10:32:31.0839 4924 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:32:31.0864 4924 IpFilterDriver - ok
10:32:31.0924 4924 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:32:31.0954 4924 iphlpsvc - ok
10:32:31.0986 4924 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:32:31.0996 4924 IPMIDRV - ok
10:32:32.0026 4924 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:32:32.0054 4924 IPNAT - ok
10:32:32.0079 4924 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:32:32.0090 4924 IRENUM - ok
10:32:32.0123 4924 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:32:32.0129 4924 isapnp - ok
10:32:32.0163 4924 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:32:32.0173 4924 iScsiPrt - ok
10:32:32.0190 4924 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:32:32.0196 4924 kbdclass - ok
10:32:32.0236 4924 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:32:32.0245 4924 kbdhid - ok
10:32:32.0256 4924 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
10:32:32.0266 4924 KeyIso - ok
10:32:32.0305 4924 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:32:32.0313 4924 KSecDD - ok
10:32:32.0345 4924 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:32:32.0354 4924 KSecPkg - ok
10:32:32.0371 4924 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:32:32.0399 4924 ksthunk - ok
10:32:32.0430 4924 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:32:32.0461 4924 KtmRm - ok
10:32:32.0510 4924 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:32:32.0539 4924 LanmanServer - ok
10:32:32.0576 4924 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:32:32.0604 4924 LanmanWorkstation - ok
10:32:32.0634 4924 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:32:32.0661 4924 lltdio - ok
10:32:32.0685 4924 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:32:32.0715 4924 lltdsvc - ok
10:32:32.0731 4924 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:32:32.0759 4924 lmhosts - ok
10:32:32.0780 4924 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:32:32.0788 4924 LSI_FC - ok
10:32:32.0806 4924 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:32:32.0814 4924 LSI_SAS - ok
10:32:32.0850 4924 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:32:32.0856 4924 LSI_SAS2 - ok
10:32:32.0875 4924 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:32:32.0883 4924 LSI_SCSI - ok
10:32:32.0896 4924 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:32:32.0924 4924 luafv - ok
10:32:32.0959 4924 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:32:32.0969 4924 Mcx2Svc - ok
10:32:32.0984 4924 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:32:32.0993 4924 megasas - ok
10:32:33.0014 4924 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:32:33.0024 4924 MegaSR - ok
10:32:33.0053 4924 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:32:33.0080 4924 MMCSS - ok
10:32:33.0091 4924 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:32:33.0119 4924 Modem - ok
10:32:33.0136 4924 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:32:33.0148 4924 monitor - ok
10:32:33.0188 4924 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:32:33.0194 4924 mouclass - ok
10:32:33.0224 4924 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:32:33.0234 4924 mouhid - ok
10:32:33.0274 4924 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:32:33.0280 4924 mountmgr - ok
10:32:33.0314 4924 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:32:33.0321 4924 mpio - ok
10:32:33.0335 4924 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:32:33.0363 4924 mpsdrv - ok
10:32:33.0458 4924 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:32:33.0491 4924 MpsSvc - ok
10:32:33.0533 4924 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:32:33.0545 4924 MRxDAV - ok
10:32:33.0591 4924 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:32:33.0600 4924 mrxsmb - ok
10:32:33.0644 4924 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:32:33.0655 4924 mrxsmb10 - ok
10:32:33.0704 4924 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:32:33.0713 4924 mrxsmb20 - ok
10:32:33.0745 4924 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:32:33.0751 4924 msahci - ok
10:32:33.0768 4924 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:32:33.0775 4924 msdsm - ok
10:32:33.0793 4924 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:32:33.0804 4924 MSDTC - ok
10:32:33.0828 4924 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:32:33.0855 4924 Msfs - ok
10:32:33.0871 4924 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:32:33.0899 4924 mshidkmdf - ok
10:32:33.0933 4924 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:32:33.0939 4924 msisadrv - ok
10:32:33.0969 4924 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:32:33.0998 4924 MSiSCSI - ok
10:32:34.0001 4924 msiserver - ok
10:32:34.0024 4924 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:32:34.0051 4924 MSKSSRV - ok
10:32:34.0055 4924 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:32:34.0083 4924 MSPCLOCK - ok
10:32:34.0086 4924 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:32:34.0114 4924 MSPQM - ok
10:32:34.0150 4924 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:32:34.0160 4924 MsRPC - ok
10:32:34.0176 4924 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:32:34.0183 4924 mssmbios - ok
10:32:34.0186 4924 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:32:34.0214 4924 MSTEE - ok
10:32:34.0224 4924 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:32:34.0233 4924 MTConfig - ok
10:32:34.0241 4924 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:32:34.0249 4924 Mup - ok
10:32:34.0349 4924 [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360 C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
10:32:34.0355 4924 N360 - ok
10:32:34.0393 4924 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:32:34.0423 4924 napagent - ok
10:32:34.0446 4924 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:32:34.0461 4924 NativeWifiP - ok
10:32:34.0565 4924 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130201.033\ENG64.SYS
10:32:34.0571 4924 NAVENG - ok
10:32:34.0621 4924 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130201.033\EX64.SYS
10:32:34.0651 4924 NAVEX15 - ok
10:32:34.0706 4924 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:32:34.0724 4924 NDIS - ok
10:32:34.0755 4924 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:32:34.0783 4924 NdisCap - ok
10:32:34.0808 4924 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:32:34.0834 4924 NdisTapi - ok
10:32:34.0868 4924 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:32:34.0893 4924 Ndisuio - ok
10:32:34.0929 4924 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:32:34.0955 4924 NdisWan - ok
10:32:34.0991 4924 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:32:35.0019 4924 NDProxy - ok
10:32:35.0065 4924 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:32:35.0069 4924 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:32:35.0069 4924 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:32:35.0093 4924 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:32:35.0120 4924 NetBIOS - ok
10:32:35.0158 4924 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:32:35.0186 4924 NetBT - ok
10:32:35.0200 4924 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
10:32:35.0209 4924 Netlogon - ok
10:32:35.0244 4924 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:32:35.0274 4924 Netman - ok
10:32:35.0290 4924 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:32:35.0321 4924 netprofm - ok
10:32:35.0375 4924 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
10:32:35.0394 4924 netr28ux - ok
10:32:35.0420 4924 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:32:35.0425 4924 NetTcpPortSharing - ok
10:32:35.0458 4924 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:32:35.0464 4924 nfrd960 - ok
10:32:35.0505 4924 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:32:35.0534 4924 NlaSvc - ok
10:32:35.0558 4924 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:32:35.0585 4924 Npfs - ok
10:32:35.0603 4924 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:32:35.0630 4924 nsi - ok
10:32:35.0641 4924 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:32:35.0669 4924 nsiproxy - ok
10:32:35.0734 4924 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:32:35.0760 4924 Ntfs - ok
10:32:35.0768 4924 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:32:35.0794 4924 Null - ok
10:32:35.0828 4924 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
10:32:35.0840 4924 NVENETFD - ok
10:32:36.0095 4924 [ B34E9BFBD9C61048EF6281C3E7EC210A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:32:36.0259 4924 nvlddmkm - ok
10:32:36.0319 4924 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
10:32:36.0328 4924 NVNET - ok
10:32:36.0359 4924 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:32:36.0366 4924 nvraid - ok
10:32:36.0404 4924 [ F6C6D8298DD85507F680437EC2E6899C ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
10:32:36.0409 4924 nvsmu - ok
10:32:36.0436 4924 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:32:36.0444 4924 nvstor - ok
10:32:36.0514 4924 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc C:\Windows\system32\nvvsvc.exe
10:32:36.0530 4924 nvsvc - ok
10:32:36.0610 4924 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:32:36.0641 4924 nvUpdatusService - ok
10:32:36.0684 4924 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:32:36.0691 4924 nv_agp - ok
10:32:36.0719 4924 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:32:36.0729 4924 ohci1394 - ok
10:32:36.0763 4924 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:32:36.0774 4924 p2pimsvc - ok
10:32:36.0808 4924 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:32:36.0820 4924 p2psvc - ok
10:32:36.0861 4924 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:32:36.0870 4924 Parport - ok
10:32:36.0904 4924 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:32:36.0910 4924 partmgr - ok
10:32:36.0923 4924 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:32:36.0936 4924 PcaSvc - ok
10:32:36.0966 4924 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:32:36.0975 4924 pci - ok
10:32:37.0006 4924 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:32:37.0011 4924 pciide - ok
10:32:37.0033 4924 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:32:37.0041 4924 pcmcia - ok
10:32:37.0060 4924 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:32:37.0066 4924 pcw - ok
10:32:37.0088 4924 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:32:37.0120 4924 PEAUTH - ok
10:32:37.0185 4924 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:32:37.0195 4924 PerfHost - ok
10:32:37.0256 4924 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:32:37.0295 4924 pla - ok
10:32:37.0343 4924 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:32:37.0355 4924 PlugPlay - ok
10:32:37.0399 4924 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:32:37.0403 4924 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:32:37.0403 4924 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:32:37.0421 4924 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:32:37.0430 4924 PNRPAutoReg - ok
10:32:37.0446 4924 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:32:37.0458 4924 PNRPsvc - ok
10:32:37.0479 4924 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:32:37.0510 4924 PolicyAgent - ok
10:32:37.0536 4924 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:32:37.0564 4924 Power - ok
10:32:37.0598 4924 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:32:37.0624 4924 PptpMiniport - ok
10:32:37.0639 4924 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:32:37.0648 4924 Processor - ok
10:32:37.0680 4924 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:32:37.0690 4924 ProfSvc - ok
10:32:37.0708 4924 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
10:32:37.0716 4924 ProtectedStorage - ok
10:32:37.0766 4924 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:32:37.0794 4924 Psched - ok
10:32:37.0825 4924 PSEXESVC - ok
10:32:37.0865 4924 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:32:37.0890 4924 ql2300 - ok
10:32:37.0928 4924 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:32:37.0934 4924 ql40xx - ok
10:32:37.0955 4924 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:32:37.0969 4924 QWAVE - ok
10:32:37.0993 4924 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:32:38.0005 4924 QWAVEdrv - ok
10:32:38.0021 4924 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:32:38.0049 4924 RasAcd - ok
10:32:38.0075 4924 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:32:38.0103 4924 RasAgileVpn - ok
10:32:38.0115 4924 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:32:38.0143 4924 RasAuto - ok
10:32:38.0179 4924 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:32:38.0205 4924 Rasl2tp - ok
10:32:38.0235 4924 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:32:38.0264 4924 RasMan - ok
10:32:38.0280 4924 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:32:38.0308 4924 RasPppoe - ok
10:32:38.0315 4924 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:32:38.0343 4924 RasSstp - ok
10:32:38.0379 4924 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:32:38.0408 4924 rdbss - ok
10:32:38.0420 4924 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:32:38.0431 4924 rdpbus - ok
10:32:38.0453 4924 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:32:38.0479 4924 RDPCDD - ok
10:32:38.0485 4924 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:32:38.0513 4924 RDPENCDD - ok
10:32:38.0519 4924 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:32:38.0545 4924 RDPREFMP - ok
10:32:38.0580 4924 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:32:38.0590 4924 RDPWD - ok
10:32:38.0623 4924 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:32:38.0630 4924 rdyboost - ok
10:32:38.0668 4924 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:32:38.0695 4924 RemoteAccess - ok
10:32:38.0719 4924 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:32:38.0748 4924 RemoteRegistry - ok
10:32:38.0759 4924 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:32:38.0786 4924 RpcEptMapper - ok
10:32:38.0811 4924 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:32:38.0821 4924 RpcLocator - ok
10:32:38.0860 4924 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:32:38.0891 4924 RpcSs - ok
10:32:38.0913 4924 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:32:38.0940 4924 rspndr - ok
10:32:38.0949 4924 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
10:32:38.0959 4924 SamSs - ok
10:32:39.0038 4924 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:32:39.0043 4924 SASDIFSV - ok
10:32:39.0071 4924 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:32:39.0075 4924 SASKUTIL - ok
10:32:39.0106 4924 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:32:39.0114 4924 sbp2port - ok
10:32:39.0200 4924 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:32:39.0219 4924 SBSDWSCService - ok
10:32:39.0248 4924 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:32:39.0276 4924 SCardSvr - ok
10:32:39.0313 4924 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:32:39.0339 4924 scfilter - ok
10:32:39.0388 4924 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:32:39.0424 4924 Schedule - ok
10:32:39.0453 4924 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:32:39.0479 4924 SCPolicySvc - ok
10:32:39.0515 4924 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:32:39.0525 4924 SDRSVC - ok
10:32:39.0543 4924 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:32:39.0569 4924 secdrv - ok
10:32:39.0601 4924 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:32:39.0628 4924 seclogon - ok
10:32:39.0644 4924 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:32:39.0671 4924 SENS - ok
10:32:39.0689 4924 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:32:39.0698 4924 SensrSvc - ok
10:32:39.0721 4924 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:32:39.0730 4924 Serenum - ok
10:32:39.0738 4924 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:32:39.0748 4924 Serial - ok
10:32:39.0784 4924 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:32:39.0793 4924 sermouse - ok
10:32:39.0834 4924 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:32:39.0861 4924 SessionEnv - ok
10:32:39.0896 4924 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:32:39.0906 4924 sffdisk - ok
10:32:39.0918 4924 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:32:39.0928 4924 sffp_mmc - ok
10:32:39.0944 4924 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:32:39.0954 4924 sffp_sd - ok
10:32:39.0970 4924 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:32:39.0979 4924 sfloppy - ok
10:32:40.0016 4924 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:32:40.0046 4924 SharedAccess - ok
10:32:40.0089 4924 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:32:40.0119 4924 ShellHWDetection - ok
10:32:40.0158 4924 [ BD0D88034925E49A273A44905E2796A8 ] SipIMNDI C:\Windows\system32\DRIVERS\SipIMNDI64.sys
10:32:40.0161 4924 SipIMNDI - ok
10:32:40.0173 4924 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:32:40.0179 4924 SiSRaid2 - ok
10:32:40.0191 4924 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:32:40.0198 4924 SiSRaid4 - ok
10:32:40.0226 4924 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:32:40.0254 4924 Smb - ok
10:32:40.0275 4924 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:32:40.0285 4924 SNMPTRAP - ok
10:32:40.0296 4924 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:32:40.0301 4924 spldr - ok
10:32:40.0323 4924 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
10:32:40.0354 4924 Spooler - ok
10:32:40.0438 4924 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:32:40.0495 4924 sppsvc - ok
10:32:40.0514 4924 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:32:40.0541 4924 sppuinotify - ok
10:32:40.0643 4924 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
10:32:40.0656 4924 SRTSP - ok
10:32:40.0674 4924 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
10:32:40.0678 4924 SRTSPX - ok
10:32:40.0723 4924 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:32:40.0735 4924 srv - ok
10:32:40.0770 4924 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:32:40.0781 4924 srv2 - ok
10:32:40.0798 4924 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:32:40.0806 4924 srvnet - ok
10:32:40.0841 4924 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:32:40.0870 4924 SSDPSRV - ok
10:32:40.0881 4924 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:32:40.0910 4924 SstpSvc - ok
10:32:40.0923 4924 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:32:40.0929 4924 stexstor - ok
10:32:40.0978 4924 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:32:40.0999 4924 stisvc - ok
10:32:41.0044 4924 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:32:41.0050 4924 swenum - ok
10:32:41.0083 4924 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:32:41.0115 4924 swprv - ok
10:32:41.0174 4924 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
10:32:41.0183 4924 SymDS - ok
10:32:41.0249 4924 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
10:32:41.0265 4924 SymEFA - ok
10:32:41.0314 4924 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:32:41.0320 4924 SymEvent - ok
10:32:41.0370 4924 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
10:32:41.0376 4924 SymIRON - ok
10:32:41.0425 4924 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS
10:32:41.0434 4924 SymNetS - ok
10:32:41.0489 4924 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:32:41.0519 4924 SysMain - ok
10:32:41.0566 4924 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:32:41.0580 4924 TabletInputService - ok
10:32:41.0628 4924 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
10:32:41.0633 4924 taphss - ok
10:32:41.0666 4924 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:32:41.0695 4924 TapiSrv - ok
10:32:41.0734 4924 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
10:32:41.0739 4924 tbhsd - ok
10:32:41.0761 4924 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:32:41.0789 4924 TBS - ok
10:32:41.0863 4924 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:32:41.0891 4924 Tcpip - ok
10:32:41.0949 4924 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:32:41.0978 4924 TCPIP6 - ok
10:32:42.0013 4924 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:32:42.0039 4924 tcpipreg - ok
10:32:42.0068 4924 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:32:42.0075 4924 TDPIPE - ok
10:32:42.0100 4924 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:32:42.0108 4924 TDTCP - ok
10:32:42.0133 4924 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:32:42.0159 4924 tdx - ok
10:32:42.0198 4924 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:32:42.0204 4924 TermDD - ok
10:32:42.0244 4924 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:32:42.0276 4924 TermService - ok
10:32:42.0304 4924 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:32:42.0318 4924 Themes - ok
10:32:42.0345 4924 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:32:42.0373 4924 THREADORDER - ok
10:32:42.0385 4924 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:32:42.0414 4924 TrkWks - ok
10:32:42.0463 4924 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:32:42.0489 4924 TrustedInstaller - ok
10:32:42.0525 4924 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:32:42.0550 4924 tssecsrv - ok
10:32:42.0610 4924 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:32:42.0618 4924 TsUsbFlt - ok
10:32:42.0666 4924 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:32:42.0693 4924 tunnel - ok
10:32:42.0719 4924 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:32:42.0726 4924 uagp35 - ok
10:32:42.0761 4924 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:32:42.0790 4924 udfs - ok
10:32:42.0821 4924 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:32:42.0831 4924 UI0Detect - ok
10:32:42.0851 4924 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:32:42.0859 4924 uliagpkx - ok
10:32:42.0901 4924 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:32:42.0910 4924 umbus - ok
10:32:42.0925 4924 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:32:42.0934 4924 UmPass - ok
10:32:42.0950 4924 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:32:42.0981 4924 upnphost - ok
10:32:43.0003 4924 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:32:43.0011 4924 usbccgp - ok
10:32:43.0048 4924 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:32:43.0059 4924 usbcir - ok
10:32:43.0083 4924 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:32:43.0091 4924 usbehci - ok
10:32:43.0120 4924 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:32:43.0131 4924 usbhub - ok
10:32:43.0143 4924 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:32:43.0150 4924 usbohci - ok
10:32:43.0171 4924 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:32:43.0183 4924 usbprint - ok
10:32:43.0214 4924 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:32:43.0225 4924 usbscan - ok
10:32:43.0258 4924 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:32:43.0266 4924 USBSTOR - ok
10:32:43.0290 4924 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:32:43.0299 4924 usbuhci - ok
10:32:43.0320 4924 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:32:43.0348 4924 UxSms - ok
10:32:43.0358 4924 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
10:32:43.0366 4924 VaultSvc - ok
10:32:43.0418 4924 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:32:43.0424 4924 vdrvroot - ok
10:32:43.0465 4924 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:32:43.0496 4924 vds - ok
10:32:43.0525 4924 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:32:43.0535 4924 vga - ok
10:32:43.0548 4924 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:32:43.0575 4924 VgaSave - ok
10:32:43.0613 4924 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:32:43.0621 4924 vhdmp - ok
10:32:43.0659 4924 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:32:43.0664 4924 viaide - ok
10:32:43.0696 4924 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:32:43.0703 4924 volmgr - ok
10:32:43.0748 4924 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:32:43.0758 4924 volmgrx - ok
10:32:43.0773 4924 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:32:43.0783 4924 volsnap - ok
10:32:43.0799 4924 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:32:43.0806 4924 vsmraid - ok
10:32:43.0859 4924 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:32:43.0899 4924 VSS - ok
10:32:43.0923 4924 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:32:43.0933 4924 vwifibus - ok
10:32:43.0960 4924 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:32:43.0971 4924 vwififlt - ok
10:32:43.0990 4924 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:32:44.0003 4924 vwifimp - ok
10:32:44.0034 4924 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:32:44.0064 4924 W32Time - ok
10:32:44.0081 4924 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:32:44.0090 4924 WacomPen - ok
10:32:44.0126 4924 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:32:44.0153 4924 WANARP - ok
10:32:44.0168 4924 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:32:44.0194 4924 Wanarpv6 - ok
10:32:44.0250 4924 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:32:44.0273 4924 wbengine - ok
10:32:44.0290 4924 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:32:44.0305 4924 WbioSrvc - ok
10:32:44.0340 4924 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:32:44.0356 4924 wcncsvc - ok
10:32:44.0373 4924 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:32:44.0381 4924 WcsPlugInService - ok
10:32:44.0419 4924 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:32:44.0425 4924 Wd - ok
10:32:44.0463 4924 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:32:44.0476 4924 Wdf01000 - ok
10:32:44.0486 4924 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:32:44.0501 4924 WdiServiceHost - ok
10:32:44.0505 4924 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:32:44.0519 4924 WdiSystemHost - ok
10:32:44.0550 4924 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:32:44.0566 4924 WebClient - ok
10:32:44.0583 4924 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:32:44.0613 4924 Wecsvc - ok
10:32:44.0630 4924 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:32:44.0659 4924 wercplsupport - ok
10:32:44.0684 4924 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:32:44.0713 4924 WerSvc - ok
10:32:44.0733 4924 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:32:44.0760 4924 WfpLwf - ok
10:32:44.0775 4924 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:32:44.0781 4924 WIMMount - ok
10:32:44.0820 4924 WinDefend - ok
10:32:44.0825 4924 WinHttpAutoProxySvc - ok
10:32:44.0875 4924 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:32:44.0904 4924 Winmgmt - ok
10:32:44.0966 4924 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:32:45.0013 4924 WinRM - ok
10:32:45.0070 4924 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:32:45.0081 4924 WinUsb - ok
10:32:45.0116 4924 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:32:45.0138 4924 Wlansvc - ok
10:32:45.0179 4924 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:32:45.0188 4924 WmiAcpi - ok
10:32:45.0220 4924 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:32:45.0230 4924 wmiApSrv - ok
10:32:45.0253 4924 WMPNetworkSvc - ok
10:32:45.0263 4924 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:32:45.0271 4924 WPCSvc - ok
10:32:45.0299 4924 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:32:45.0310 4924 WPDBusEnum - ok
10:32:45.0331 4924 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:32:45.0359 4924 ws2ifsl - ok
10:32:45.0410 4924 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:32:45.0423 4924 wscsvc - ok
10:32:45.0428 4924 WSearch - ok
10:32:45.0496 4924 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
10:32:45.0545 4924 wuauserv - ok
10:32:45.0579 4924 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:32:45.0606 4924 WudfPf - ok
10:32:45.0623 4924 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:32:45.0650 4924 WUDFRd - ok
10:32:45.0685 4924 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:32:45.0711 4924 wudfsvc - ok
10:32:45.0736 4924 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:32:45.0751 4924 WwanSvc - ok
10:32:45.0778 4924 ================ Scan global ===============================
10:32:45.0795 4924 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:32:45.0825 4924 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:32:45.0831 4924 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:32:45.0856 4924 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:32:45.0884 4924 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:32:45.0886 4924 [Global] - ok
10:32:45.0886 4924 ================ Scan MBR ==================================
10:32:45.0894 4924 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:32:46.0200 4924 \Device\Harddisk0\DR0 - ok
10:32:46.0200 4924 ================ Scan VBR ==================================
10:32:46.0203 4924 [ 4CCCCE0DE1044D34781304F4DD9E6F2F ] \Device\Harddisk0\DR0\Partition1
10:32:46.0204 4924 \Device\Harddisk0\DR0\Partition1 - ok
10:32:46.0235 4924 [ C330D8737829A71009CA187C46D7AD89 ] \Device\Harddisk0\DR0\Partition2
10:32:46.0236 4924 \Device\Harddisk0\DR0\Partition2 - ok
10:32:46.0238 4924 ============================================================
10:32:46.0238 4924 Scan finished
10:32:46.0238 4924 ============================================================
10:32:46.0251 1376 Detected object count: 5
10:32:46.0251 1376 Actual detected object count: 5
10:32:58.0321 1376 DFSVC ( UnsignedFile.Multi.Generic ) - skipped by user
10:32:58.0321 1376 DFSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:32:58.0324 1376 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:32:58.0324 1376 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:32:58.0325 1376 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:32:58.0326 1376 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:32:58.0328 1376 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:32:58.0328 1376 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:32:58.0329 1376 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:32:58.0329 1376 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:33:02.0200 4236 Deinitialize success


2) AdwCleaner result

# AdwCleaner v2.109 - Datei am 03/02/2013 um 10:34:45 erstellt
# Aktualisiert am 26/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : User - USER-PC
# Bootmodus : Abgesicherter Modus mit Netzwerkunterstützung
# Ausgeführt unter : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Program Files (x86)\FreeRIP3
Ordner Gefunden : C:\ProgramData\FreeRIP

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\PIP
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gefunden : HKLM\Software\AedgePerformanceBCN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gefunden : HKLM\Software\PIP
Schlüssel Gefunden : HKLM\Software\SP Global
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKU\S-1-5-21-2641664016-221319625-1538156112-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B106B661-3E1B-4015-AF5C-195E909F35C6}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B106B661-3E1B-4015-AF5C-195E909F35C6}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.just-browse.info/

*************************

AdwCleaner[R2].txt - [4030 octets] - [03/02/2013 10:34:45]

########## EOF - C:\AdwCleaner[R2].txt - [4090 octets] ##########


3) FSS Result

Farbar Service Scanner Version: 30-01-2013
Ran by User (administrator) on 03-02-2013 at 10:36:04
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


4) MiniToolBox results

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:14:13
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:15:45
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:17:01
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:17:36
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:18:40
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/03/2013 10:47:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.


Details:
System Writer object failed to initialize VSS.

System Error:
Unzulässige Funktion.
.

Error: (02/03/2013 09:17:02 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/03/2013 09:12:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.


Details:
System Writer object failed to initialize VSS.

System Error:
Unzulässige Funktion.
.

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f) (0x8004117f)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=1100} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (02/03/2013 11:15:10 AM) (Source: DCOM) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (02/03/2013 10:50:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (02/03/2013 10:50:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (02/03/2013 10:50:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (02/03/2013 10:50:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (02/03/2013 10:50:18 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/03/2013 10:50:17 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/03/2013 10:50:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (02/03/2013 10:50:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (02/03/2013 10:50:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (02/03/2013 10:47:17 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
System Writer object failed to initialize VSS.

System Error:
Unzulässige Funktion.

Error: (02/03/2013 09:17:02 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Downloads\Seven\esetsmartinstaller_enu.exe

Error: (02/03/2013 09:12:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
System Writer object failed to initialize VSS.

System Error:
Unzulässige Funktion.

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f) (0x8004117f)

Error: (02/03/2013 09:10:04 AM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
1100


CodeIntegrity Errors:
===================================
Date: 2013-02-02 21:47:17.767
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:18:58.494
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:08:11.811
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:00:02.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 20:52:53.066
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 20:39:40.868
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 20:33:26.964
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-21 12:01:33.668
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-20 17:59:11.145
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-01-20 16:19:25.259
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:21:01
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) - Deutsch (Version: 10.1.5)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Any Video Converter 3.2.1
Avidemux 2.5 (Version: 2.5.6.7716)
Bing Bar (Version: 7.0.850.0)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 3.26)
CleanUp!
Copy (Version: 130.0.366.000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000)
ESET Online Scanner v3
F2400 (Version: 130.0.373.000)
FormatFactory 2.40 (Version: 2.40)
Foxit Reader 5.1 (Version: 5.1.4.104)
FreePDF (Remove only)
FreeRIP 3.92 (Version: 3.92)
GEAR driver installer for x86 and x64 (Version: 4.008.5)
GPBaseService2 (Version: 130.0.371.000)
GPL Ghostscript 8.71
Guitar Pro 6
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
IBM Lotus Symphony (Version: 3.01.12011)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 7 Update 2 (64-bit) (Version: 7.0.20)
Junk Mail filter update (Version: 14.0.8089.726)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mp3nity 2.2.020
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton 360 (Version: 5.2.2.3)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Grafiktreiber 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Systemsteuerung 275.33 (Version: 275.33)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
Orbit Downloader
Paint.NET v3.5.10 (Version: 3.60.0)
PVSonyDll (Version: 1.00.0001)
RedMon - Redirection Port Monitor
Revo Uninstaller 1.94 (Version: 1.94)
Scan (Version: 140.0.80.000)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Speedport W 102 Stick (Version: 1.0.0.18)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.373.000)
SUPERAntiSpyware (Version: 5.0.1144)
T-Home Dialerschutz-Software
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
WebReg (Version: 130.0.132.017)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
WinRAR 4.10 (64-Bit) (Version: 4.10.0)
YTD Video Downloader 3.9.2

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:43:40
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Devices: ================================

Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:24:56
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 3839.24 MB
Available physical RAM: 3016.54 MB
Total Pagefile: 7676.67 MB
Available Pagefile: 6855.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3987.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:392.05 GB) NTFS

========================= Users: ========================================

Benutzerkonten fr \\USER-PC

Administrator Gast UpdatusUser
User
Der Befehl wurde erfolgreich ausgefhrt.

**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 03-02-2013 at 11:26:26
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************
========================= Minidump Files ==================================

No minidump file found

**** End of log ****



I hope that this helps, and look forward to your reply.

- arturdux

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 03 February 2013 - 11:13 AM

Hi

Please do the following next:

:step1:

Please download Rkill by Grinler from Link 1 and save it to your desktop.

Link 1
Link 2 (renamed Rkill)

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If that does not work: delete the file, then download and use the one provided in Link 2 above.
  • If that does not work: repeat the process and attempt to use one of the remaining links under RKill download links here until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.

Please post the log created by rkill in your next reply.


:step2:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


:step3:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step4:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step5:

Please rerun Minitoolbox on your desktop

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 04 February 2013 - 11:49 AM

Hello dev00790,

Thanks for the swift response - apologies for my slow reply...

When I powered on today, I left the PC briefly, and it automatically booted into normal mode, and things seemed to be working – internet, other apps, etc. - and so far the PC has not frozen (though I have yet to power off fully...). So I ran the required tools in normal mode, not safe mode as before - I hope this is OK, if not please say and I will revert to safe mode until the problem is completely solved. I had no problems with any of the tools:

- Rkill ran without a problem.
- adwcleaner.exe ran and found several items, which I deleted as instructed, except for one file which my dialler protection software (which may be redundant given that I have Norton 360) warned against deleting, so I left it.
- Malwarebytes found nothing.
- ESET found and automatically quarantined one threat.
- MiniToolBox ran in one go.

I have posted the full results below.

Things look more promising than yesterday - again I look forward to your reply.

- arturdux

The results:

1) Rkill

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/04/2013 01:25:03 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/04/2013 01:25:20 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)


2) adwcleaner.exe

# AdwCleaner v2.110 - Datei am 04/02/2013 um 11:36:00 erstellt
# Aktualisiert am 03/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : User - USER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Program Files (x86)\FreeRIP3
Ordner Gefunden : C:\ProgramData\FreeRIP

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKCU\Software\PIP
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gefunden : HKLM\Software\AedgePerformanceBCN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gefunden : HKLM\Software\PIP
Schlüssel Gefunden : HKLM\Software\SP Global
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKU\S-1-5-21-2641664016-221319625-1538156112-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B106B661-3E1B-4015-AF5C-195E909F35C6}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B106B661-3E1B-4015-AF5C-195E909F35C6}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.just-browse.info/

*************************

AdwCleaner[R3].txt - [4227 octets] - [04/02/2013 11:36:00]

########## EOF - C:\AdwCleaner[R3].txt - [4287 octets] ##########


3)Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.04.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]

04.02.2013 11:43:55
mbam-log-2013-02-04 (11-43-55).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 371515
Time elapsed: 54 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


4)ESET

C:\Program Files (x86)\Orbitdownloader\OrbitDownloaderSetup.exe Win32/OpenCandy application cleaned by deleting – quarantined


5)MiniToolBox

MiniToolBox by Farbar Version:10-01-2013
Ran by User (administrator) on 04-02-2013 at 15:08:12
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = LAN-Verbindung (Connecting)
Speedport W 102 Stick-IEEE 802.11n-USB-2.0-Adapter = Drahtlosnetzwerkverbindung 10 (Connected)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 11 (Media disconnected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

Hostname . . . . . . . . . . . . : User-PC
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein

Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 11:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physikalische Adresse . . . . . . : 00-23-08-6C-AB-FE
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja

Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 10:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Speedport W 102 Stick-IEEE 802.11n-USB-2.0-Adapter #10
Physikalische Adresse . . . . . . : 00-23-08-6C-AB-FF
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::d5ea:12db:2b9a:f21a%21(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.2.106(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Montag, 4. Februar 2013 14:33:52
Lease l„uft ab. . . . . . . . . . : Montag, 25. Februar 2013 14:33:57
Standardgateway . . . . . . . . . : 192.168.2.1
DHCP-Server . . . . . . . . . . . : 192.168.2.1
DHCPv6-IAID . . . . . . . . . . . : 587211528
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-12-BE-B5-CF-00-30-67-3B-5D-40
DNS-Server . . . . . . . . . . . : 192.168.2.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Tunneladapter isatap.{CF550C76-C6D2-4C01-AD31-970DFE844194}:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja

Tunneladapter Reusable ISATAP Interface {0A6BA6C8-1FAC-450F-A613-EE3417E7CD67}:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #3
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja

Tunneladapter LAN-Verbindung* 24:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fd:2822:8ef:3f57:fd95(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::2822:8ef:3f57:fd95%41(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS ber TCP/IP . . . . . . . : Deaktiviert

Tunneladapter isatap.{A8A542C0-4138-4FDD-B7D0-BC102ABFAF4D}:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #4
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: speedport.ip
Address: 192.168.2.1

Name: google.com
Addresses: 2a00:1450:4008:c01::65
173.194.69.113
173.194.69.100
173.194.69.138
173.194.69.101
173.194.69.102
173.194.69.139


Ping wird ausgefhrt fr google.com [173.194.69.113] mit 32 Bytes Daten:
Antwort von 173.194.69.113: Bytes=32 Zeit=49ms TTL=50
Antwort von 173.194.69.113: Bytes=32 Zeit=45ms TTL=50

Ping-Statistik fr 173.194.69.113:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 45ms, Maximum = 49ms, Mittelwert = 47ms
Server: speedport.ip
Address: 192.168.2.1

Name: yahoo.com
Addresses: 206.190.36.45
98.139.183.24
98.138.253.109


Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=284ms TTL=49
Antwort von 206.190.36.45: Bytes=32 Zeit=287ms TTL=49

Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 284ms, Maximum = 287ms, Mittelwert = 285ms

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
22...00 23 08 6c ab fe ......Microsoft Virtual WiFi Miniport Adapter
21...00 23 08 6c ab ff ......Speedport W 102 Stick-IEEE 802.11n-USB-2.0-Adapter #10
1...........................Software Loopback Interface 1
40...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
42...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #3
41...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
43...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #4
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.106 20
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.2.0 255.255.255.0 Auf Verbindung 192.168.2.106 276
192.168.2.106 255.255.255.255 Auf Verbindung 192.168.2.106 276
192.168.2.255 255.255.255.255 Auf Verbindung 192.168.2.106 276
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.2.106 276
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.2.106 276
===========================================================================
Ständige Routen:
Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
41 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
41 58 2001::/32 Auf Verbindung
41 306 2001:0:5ef5:79fd:2822:8ef:3f57:fd95/128
Auf Verbindung
21 276 fe80::/64 Auf Verbindung
41 306 fe80::/64 Auf Verbindung
41 306 fe80::2822:8ef:3f57:fd95/128
Auf Verbindung
21 276 fe80::d5ea:12db:2b9a:f21a/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
41 306 ff00::/8 Auf Verbindung
21 276 ff00::/8 Auf Verbindung
===========================================================================
Ständige Routen:
Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f) (0x8004117f)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=1100} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f))

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f) (0x8004117f)


System errors:
=============
Error: (02/04/2013 01:17:50 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 217 Mal passiert.

Error: (02/04/2013 01:17:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.

Error: (02/04/2013 01:17:50 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 216 Mal passiert.

Error: (02/04/2013 01:17:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.

Error: (02/04/2013 01:17:50 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 215 Mal passiert.

Error: (02/04/2013 01:17:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.

Error: (02/04/2013 01:17:48 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 214 Mal passiert.

Error: (02/04/2013 01:17:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.

Error: (02/04/2013 01:17:47 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 213 Mal passiert.

Error: (02/04/2013 01:17:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147218174.


Microsoft Office Sessions:
=========================
Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service)(User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f) (0x8004117f)

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
1100

Error: (02/04/2013 01:03:26 PM) (Source: Windows Search Service)(User: )
Description:
Details:
0x%08x (0x8004117f - Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f))

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service)(User: )
Description:
Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Das Objekt, das Sie erstellen wollen, ist bereits vorhanden. Verwenden Sie einen anderen Namen. (HRESULT : 0x80040d02) (0x80040d02)

Error: (02/04/2013 01:03:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden. (HRESULT : 0x8004117f) (0x8004117f)


CodeIntegrity Errors:
===================================
Date: 2013-02-04 12:41:50.561
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-04 11:34:59.369
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-04 11:22:15.163
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:47:17.767
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:18:58.494
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:08:11.811
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 21:00:02.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 20:52:53.066
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 20:39:40.868
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-02-02 20:33:26.964
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) - Deutsch (Version: 10.1.5)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Any Video Converter 3.2.1
Avidemux 2.5 (Version: 2.5.6.7716)
Bing Bar (Version: 7.0.850.0)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 3.26)
CleanUp!
Copy (Version: 130.0.366.000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000)
ESET Online Scanner v3
F2400 (Version: 130.0.373.000)
FormatFactory 2.40 (Version: 2.40)
Foxit Reader 5.1 (Version: 5.1.4.104)
FreePDF (Remove only)
FreeRIP 3.92 (Version: 3.92)
GEAR driver installer for x86 and x64 (Version: 4.008.5)
GPBaseService2 (Version: 130.0.371.000)
GPL Ghostscript 8.71
Guitar Pro 6
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
IBM Lotus Symphony (Version: 3.01.12011)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 7 Update 2 (64-bit) (Version: 7.0.20)
Junk Mail filter update (Version: 14.0.8089.726)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mp3nity 2.2.020
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton 360 (Version: 5.2.2.3)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Grafiktreiber 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Systemsteuerung 275.33 (Version: 275.33)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
Orbit Downloader
Paint.NET v3.5.10 (Version: 3.60.0)
PVSonyDll (Version: 1.00.0001)
RedMon - Redirection Port Monitor
Revo Uninstaller 1.94 (Version: 1.94)
Scan (Version: 140.0.80.000)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Speedport W 102 Stick (Version: 1.0.0.18)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.373.000)
SUPERAntiSpyware (Version: 5.0.1144)
T-Home Dialerschutz-Software
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
WebReg (Version: 130.0.132.017)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
WinRAR 4.10 (64-Bit) (Version: 4.10.0)
YTD Video Downloader 3.9.2

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3839.24 MB
Available physical RAM: 2183.77 MB
Total Pagefile: 7676.67 MB
Available Pagefile: 6147.31 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:391.39 GB) NTFS

========================= Users: ========================================

Benutzerkonten fr \\USER-PC

Administrator Gast UpdatusUser
User
Der Befehl wurde erfolgreich ausgefhrt.

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

22-01-2013 08:06:09 22.1.2013
01-02-2013 21:35:53 Windows-Sicherung
04-02-2013 09:53:44 Windows-Sicherung

**** End of log ****

----

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 04 February 2013 - 03:26 PM

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 04 February 2013 - 05:19 PM


Hello dev00790,

The PC is running unpredictably.

After running the tools and posting the results this afternoon I logged off but did not power off: everything seemed to be running OK, in fact it seemed to me the PC was working more snappily than before the problem arose, but I did not want to push my luck!

But I guess I have to see if things are working, so later this evening I logged on again and things still seemed to be OK. However, after about half an hour, when I closed the browser and opened e-mail, things froze again – mail stopped reacting, browser would not open, folders inaccessible. I could not log off or power off via the Start menu – I had to manually power off and start up again. I went back into normal mode and this time things went OK for just a few minutes before freezing again.

So it seems there was an improvement, in that I could use normal mode for a while, but it was shortlived, and something is still wrong, because it is still freezing up.

I am now back in safe mode and, after posting this, I will power off and see what tomorrow brings - and I hope you can maybe explain and fix this strange behaviour.

Regards,

- arturdux

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 04 February 2013 - 05:37 PM

When you say opened email - do you do this in a browser? / or use e.g. Windows Live Mail?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 05 February 2013 - 02:22 AM

Hi,

Sorry, I should have been clearer when I said that the freeze happened when I opened e-mail. I was using the browser (IE9) but I then closed it and opened Windows Live Mail (which collects my e-mails from t-online and Yahoo). I recall trying to get back into IE9 for some info, and it may have been the attempt to re-open IE9 while Live Mail was open which triggered the freeze, rather than the freeze just happening while (or because) Live Mail was open, but I'm not sure.

When I clicked in the Start menu to power off last night - from safe mode - the PC switched off OK - no hanging and staying switched on. But while it was turning itself off a screen with a message appeared - it looked like the message that appears if you try to power off when an app is still running and asks whether you want Windows to close it or you want to go back and close it yourself; but it appeared and disappeared so quickly that I couldn't read which app was apparently still running, and nothing was running that I know about. I don't know if this is useful?

I haven't tried normal mode yet today - I will wait for your response.

- arturdux


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 05 February 2013 - 03:28 PM

Ok let's try and replicate this:

Boot your computer normally, then open Windows Live mail.
Do not open internet explorer.
Leave live mail open for a few minutes.
Then open internet explorer (with live mail still open).
After internet explorer is opened do you get any freezing?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 06 February 2013 - 11:32 AM


Hi dev00790,

I did exactly as you said this morning.
Powered up - PC went straight into normal mode - no problem.
Opened Live Mail and was able to toggle between e-mails.
About ten minutes later opened IE9 and tried to open Bleeping Computer site - IE9 stuttered at first and came up with the "not responding" message in the top left corner - then quickly settled, and I could switch between pages of BC, open pages in new tabs, and open other websites.
After a couple of minutes, a screen opened from Norton 360 - said it was looking for updates: then came a screen with a message about error 3052,2 and asking me to begin a support session; when I clicked yes it started scanning (but it did not say what it was scanning) and then came a screen saying no automatic solutions had been found and asking me to go to the support website; I clicked to do this, and a Norton page opened in IE9 telling me that this error can occur when I try to do a full scan (which I hadn't tried!) and advising me to de- and re-install Norton! I closed this page and opened Norton 360 and looked for updates - this ran and Norton said it was now up to date. Strange...
Throughout this Live Mail and IE9 remained OK and I could still switch between e-mails, webpages, etc.
I closed and opened IE9 and Live Mail alone and together in different orders and they still appeared to be working OK.
I sent a test e-mail to my Yahoo account and this was received in Live Mail.
I also opened and used a .txt file and a spreadsheet, and again IE9 and Live Mail continued to function simultaneously with no freezing.
I then tried a restart and this worked - straight back into normal mode with no problem.

So - that was this morning - things looked good.

I will keep the PC under observation for the rest of today and record anything that happens - unless you have any other procedures that you think I should carry out right away?

Regards,

- arturdux

#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 06 February 2013 - 05:08 PM

Hi

Please do the following next:

:step1:
Clear the Java cache

Clearing the Java Plug-in cache forces the browser to load the latest versions of web pages and programs.
Malicious software can frequently reside in the java cache.

To clear the Java Plug-in cache:

  • Click Start > Control Panel.
  • Double-click the Java icon in the control panel. The Java Control Panel appears.
  • Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears.
  • Click Delete Files. The Delete Temporary Files dialog box appears.
  • Click OK on Delete Temporary Files window.
    Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click OK on Temporary Files Settings window.
  • Click OK on Java Control Panel window.
You can also view these instructions along with screenshots here.


:step2:

Run IE with addons disabled

  • Boot your computer normally, then open Windows Live mail.
  • Do not open internet explorer.
  • Leave live mail open for a few minutes.
  • Then click on the Windows "Orb" button on the taskbar.
  • Copy the below
    iexplore.exe -extoff
  • Paste it (using CTRL and V) into the Search Programs and files box, then press enter.
  • Do you get the freezing with Internet explorer now (addons disabled)?

Edited by dev00790, 06 February 2013 - 05:10 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 07 February 2013 - 04:08 PM

Hello dev00790,

 

Good news - yesterday evening the PC worked very well - snappy response with no freezing; and this morning I did as you suggested and so far it has worked without freezing, and response - especially the internet - seems even better - the Norton error mesage has not recurred - and it also powers off and on smoothly.


(Since the latest steps involved Java, I suspect you are going to tell me to update my Java - I seem to have 2 out-of-date versions on my software list...).

 

Out of curiosity, I looked in Event Viewer to see what was happening in the PC a couple of days ago when it seemed to be working fine but then froze; and among the entries are errors with Windows Search, which run as follows:


- Windows Search fails to open the Jet Properties Store

- Search Service finds corrupted data files in an index: it tries to rebuild the Index

- Windows Search cannot load Properties Store files: it advises ending and restarting the Search Service as a first step to solving this issue

- Windows Search cannot initialise Search.JetPropStore and Search.TripoliIndexerplug-ins

- Windows Search cannot initialise Gatherer Object, another unnamed application and an Index.

- Windows Search stops with the service-specific error: 2147218174.

- Windows Search was unexpectedly stopped. This has already happened x times.


This series of errors repeats over and over again during a session - even today, when the PC has been running OK. After Troubleshooting the error 2147218174, Windows tells me that the permissions on Windows Search are wrong, and Windows Search is not running. Could a Windows Search problem be connected to whatever caused the freezing problem?


But overall it's looking good! I will keep you informed as to how the PC performs - please let me know if there is anything else I can do.

 

- arturdux


Edited by arturdux, 07 February 2013 - 04:36 PM.


#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:47 AM

Posted 07 February 2013 - 05:38 PM

Hi

Good that it seems to be better smile.png

After live mail is running for a few mins, then opening IE normally - do you get the freezing now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 arturdux

arturdux
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:47 AM

Posted 08 February 2013 - 03:52 AM

Hi,

 

Sorry, I should have been clearer - no, I opened and closed Live Mail and IE9 in different sequences and have had no freezing problems at all yesterday or today so far. I have just looked in Event Viewer and I am still getting error messages about Windows Search today, but I don't know what practical effect this issue has. Overall the PC seems to be working faster and better than it has for a long time!  

 

- arturdux        






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users