| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE FensterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.03.2012, 14:41
| #1 |
 |  Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Dieses Thema hat nichts mit meinem anderen Thema zutun, es handelt sich hier um einen anderen Computer, der separate Hilfe benötigt. Beim Starten von Windows 7 kommt nur ein IE Fenster und der eigene Dateien Ordner geht auf, sonst tut sich nichts. Habe im abgesicherten Modus mit Netzwertktreibern einen MBAM Scan durchgeführt, hier ist der Log: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.23.05 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 JohannesDemleitner :: JOHANNESDEMLEIT [Administrator] Schutz: Deaktiviert 24.03.2012 12:50:27 mbam-log-2012-03-24 (12-50-27).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 317572 Laufzeit: 21 Minute(n), 24 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Users\JohannesDemleitner\AppData\Local\Temp\0.07325805315777567.exe (Trojan.Downloader.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\JohannesDemleitner\AppData\Local\Temp\0.7728566074435136.exe (Trojan.Downloader.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\JohannesDemleitner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.7728566074435136.exe.lnk (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
25.03.2012, 16:47
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Führ bitte auch ESET aus, danach sehen wir weiter:
__________________ESET Online Scanner
__________________ |
|
26.03.2012, 15:47
| #3 |
| | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Ich hoffe das passt... ESET hat sehr lange bei der Scandauer angezeigt, dass sie 39min sei, obwohls schon länger war.
__________________Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=280e98865a1c634bb11371ef6116382c
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-03-26 04:45:37
# local_time=2012-03-26 06:45:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777214 100 75 6232719 33268532 0 0
# compatibility_mode=5893 16776574 100 94 3887761 84406938 0 0
# compatibility_mode=8192 67108863 100 0 71793 71793 0 0
# scanned=131398
# found=8
# cleaned=0
# scan_time=2369
C:\Users\JohannesDemleitner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\74QC1OGQ\82[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AYLMXEF5\main[1].htm JS/Kryptik.KP.Gen trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AYLMXEF5\main[2].htm JS/Kryptik.KP.Gen trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BIR4JGBR\82[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NEOZ47WN\82[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\R5CK7090\82[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\Local\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BF trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\JohannesDemleitner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\68606972-5f758fbd a variant of Java/TrojanDownloader.Agent.NDR trojan (unable to clean) 00000000000000000000000000000000 I
|
|
26.03.2012, 18:26
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.03.2012, 15:42
| #5 |
| | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE FensterCode:
ATTFilter OTL logfile created on: 28.03.2012 15:49:09 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\JohannesDemleitner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,91 Gb Total Physical Memory | 4,46 Gb Available Physical Memory | 75,41% Memory free 11,82 Gb Paging File | 9,87 Gb Available in Paging File | 83,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 172,64 Gb Free Space | 74,13% Space Free | Partition Type: NTFS Drive D: | 232,49 Gb Total Space | 220,84 Gb Free Space | 94,99% Space Free | Partition Type: NTFS Computer Name: JOHANNESDEMLEIT | User Name: JohannesDemleitner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.03.28 15:46:57 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\JohannesDemleitner\Desktop\OTL.exe PRC - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011.02.01 14:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.02.01 14:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.12.03 15:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2010.08.16 11:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe PRC - [2010.08.04 18:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe PRC - [2009.07.28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2009.07.22 14:40:00 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe PRC - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.06 18:25:40 | 000,161,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:64bit: - [2011.12.06 18:16:02 | 000,208,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:64bit: - [2011.12.06 18:15:46 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:64bit: - [2011.03.17 16:39:40 | 000,501,768 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:64bit: - [2011.01.27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV:64bit: - [2010.12.09 18:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2010.12.08 16:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:64bit: - [2010.10.20 15:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @c:\Program Files (x86) SRV - [2011.02.10 09:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) SRV - [2011.02.01 14:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2011.02.01 14:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2011.01.28 12:28:54 | 000,225,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\PROGRA~1\mcafee\msc\mcawfwk.exe -- (McAWFwk) SRV - [2010.11.29 15:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.08.04 18:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2010.04.12 11:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.28 17:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.12.10 16:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.11.23 15:15:53 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter) DRV:64bit: - [2011.10.15 13:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:64bit: - [2011.10.15 13:16:16 | 000,481,768 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:64bit: - [2011.10.15 13:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:64bit: - [2011.10.15 13:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:64bit: - [2011.10.15 13:16:16 | 000,160,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:64bit: - [2011.10.15 13:16:16 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:64bit: - [2011.10.15 13:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk) DRV:64bit: - [2011.10.15 13:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.04.04 21:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.08 20:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:64bit: - [2011.02.03 20:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.01.27 16:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb) DRV:64bit: - [2011.01.13 20:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.01.12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.12.17 20:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.10.18 15:14:02 | 000,042,096 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2010.07.20 18:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.06.18 17:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec) DRV:64bit: - [2010.03.22 11:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter) DRV:64bit: - [2009.07.30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009.07.14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.24 16:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA IE - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA IE - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TEUA_deDE465 IE - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.02.28 08:00:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.01.09 22:21:00 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - Extension: SiteAdvisor = C:\Users\JohannesDemleitner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120109212100.dll (McAfee, Inc.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120109212100.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH) O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH) O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.) O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-21-3367078856-4057465632-1354356201-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\JohannesDemleitner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: Zu TOSHIBA Bulletin Board hinzufügen - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O8 - Extra context menu item: Zu TOSHIBA Bulletin Board hinzufügen - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>) O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>) O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21495B79-69D1-41B0-AF7C-2785A4A6E8EC}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SafeBootMin:64bit: MCODS - C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SafeBootNet:64bit: MCODS - C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SafeBootNet:64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) SafeBootNet:64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) SafeBootNet:64bit: mfevtp - C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.03.28 15:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012.03.28 15:46:54 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\JohannesDemleitner\Desktop\OTL.exe [2012.03.28 15:45:36 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{603E956F-E0E5-4EE6-AC97-9DAFD63FF1B2} [2012.03.28 15:45:24 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{E1FC079D-71D9-4301-8E76-7DBFC56099EA} [2012.03.25 21:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.03.24 13:49:55 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Roaming\Malwarebytes [2012.03.24 13:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.03.24 13:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.03.24 13:49:50 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.03.24 13:49:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.03.24 13:36:47 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{EFE07AEC-EE5A-4EAD-9D1A-F1C4AD8B54C7} [2012.03.24 10:46:03 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\ElevatedDiagnostics [2012.03.23 14:51:12 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{75207C27-861B-4E47-B802-B59CC85BB3E3} [2012.03.22 08:09:42 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{6BB915FF-EC65-4BCD-884E-34639B200C49} [2012.03.21 07:54:51 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{D48981AE-0B0D-4EA8-BBA0-E8B2CAEF90D6} [2012.03.20 07:48:07 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{05A2DE4C-9E8D-4082-A1ED-F3261268E21F} [2012.03.19 16:55:34 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{698CBBC2-D91E-4AC3-B971-2527DAAEDCF8} [2012.03.18 12:07:46 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{774E5E5C-3C89-48E9-BDE2-57E1A6A09B57} [2012.03.17 03:50:28 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{633921C5-0E74-4931-94FA-E66DA2166A9F} [2012.03.16 15:50:02 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{2E32B1B0-21EC-49A6-A2B9-5B278249C926} [2012.03.14 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{0FE599C0-8705-4383-A040-55D63C263D87} [2012.03.13 17:46:31 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{3B5A4595-783F-411D-8C04-9F4DD7E19E17} [2012.03.12 22:29:21 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{C3919457-8EE8-447F-9DB5-00FEF6D5CDF1} [2012.03.12 22:29:08 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{4BD87920-7D03-4E45-98E4-47234A88DE48} [2012.03.12 22:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012.03.12 22:25:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012.03.06 19:29:10 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{9BE7115C-C243-40CE-8EEB-B88A70E22566} [2012.03.06 19:28:57 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{B146795A-7835-4938-8CF6-8F3F08011A15} [2012.03.05 16:43:58 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{46A12F16-CBA4-4F1D-9795-7C08661143CF} [2012.03.05 16:43:44 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{B65681E0-C54D-4447-909F-3F30BC96B291} [2012.03.01 19:44:53 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{5DE2D751-E6D8-435D-BB68-04AE3768AA86} [2012.03.01 19:44:29 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{B682390E-E10F-49F0-9F04-3BF3466FF016} [2012.03.01 07:43:57 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{C537F6FB-7ACD-4525-9F18-A49E34BEA2BD} [2012.03.01 07:43:45 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{0100BF7D-BF0F-43A0-8439-09CD04347896} [2012.02.29 07:50:26 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{D82C1769-0015-465D-99CA-C2B0297D723E} [2012.02.29 07:49:40 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{961B3E40-F695-43B8-B495-CB3B1AF6F201} [2012.02.28 18:19:10 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{C92CCA4F-2C4A-4699-8C4B-46EF36D69128} [2012.02.28 18:18:56 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{E6BFB8D9-59F5-47D0-B2C9-F17AEE138EF3} [2012.02.27 20:47:13 | 000,000,000 | ---D | C] -- C:\Users\JohannesDemleitner\AppData\Local\{1F93A7DB-7579-45AC-985A-373320968CA4} ========== Files - Modified Within 30 Days ========== [2012.03.28 17:22:15 | 000,002,347 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.03.28 17:18:24 | 464,330,751 | -HS- | M] () -- C:\hiberfil.sys [2012.03.28 15:51:38 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2012.03.28 15:48:04 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.03.28 15:48:04 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.03.28 15:48:04 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.03.28 15:48:04 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.03.28 15:48:04 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.03.28 15:46:57 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\JohannesDemleitner\Desktop\OTL.exe [2012.03.28 15:44:49 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.03.28 15:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.28 15:26:25 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.28 15:26:25 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.24 13:49:52 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.24 10:20:35 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.03.22 17:16:07 | 000,002,046 | ---- | M] () -- C:\Users\JohannesDemleitner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2012.03.22 17:11:12 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.03.24 13:49:52 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.08 13:38:32 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.11.23 15:39:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2011.04.04 21:07:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.04.04 21:06:58 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.04.04 21:06:58 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.02.03 20:56:58 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2010.11.09 13:09:58 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll ========== LOP Check ========== [2012.03.12 22:25:01 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\SoftGrid Client [2012.01.08 13:37:09 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Toshiba [2012.01.12 19:58:14 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\TOSHIBA Online Product Information [2012.01.08 13:37:54 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\TP [2012.03.22 17:12:07 | 000,018,084 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.01.08 13:50:25 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Adobe [2012.01.11 20:00:17 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Google [2012.01.08 13:34:26 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Identities [2012.01.08 14:58:17 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Macromedia [2012.03.24 13:49:55 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Malwarebytes [2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Media Center Programs [2012.02.16 17:05:37 | 000,000,000 | --SD | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Microsoft [2012.01.17 22:51:38 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Nero [2012.02.08 18:18:27 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Skype [2012.03.12 22:25:01 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\SoftGrid Client [2012.01.08 13:37:09 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\Toshiba [2012.01.12 19:58:14 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\TOSHIBA Online Product Information [2012.01.08 13:37:54 | 000,000,000 | ---D | M] -- C:\Users\JohannesDemleitner\AppData\Roaming\TP < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2011.01.12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys [2011.01.12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012.01.13 15:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
|
28.03.2012, 19:42
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Also das Log sieht unauffällig aus Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster |
|
30.03.2012, 11:48
| #7 |
| | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Danke für deine Antwort. Hier das Logfile: Code:
ATTFilter 11:14:51.0708 4092 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
11:14:53.0708 4092 ============================================================
11:14:53.0708 4092 Current date / time: 2012/03/30 11:14:53.0708
11:14:53.0708 4092 SystemInfo:
11:14:53.0708 4092
11:14:53.0708 4092 OS Version: 6.1.7601 ServicePack: 1.0
11:14:53.0708 4092 Product type: Workstation
11:14:53.0708 4092 ComputerName: JOHANNESDEMLEIT
11:14:53.0708 4092 UserName: JohannesDemleitner
11:14:53.0708 4092 Windows directory: C:\Windows
11:14:53.0708 4092 System windows directory: C:\Windows
11:14:53.0708 4092 Running under WOW64
11:14:53.0708 4092 Processor architecture: Intel x64
11:14:53.0708 4092 Number of processors: 4
11:14:53.0708 4092 Page size: 0x1000
11:14:53.0708 4092 Boot type: Normal boot
11:14:53.0708 4092 ============================================================
11:14:54.0178 4092 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:54.0188 4092 \Device\Harddisk0\DR0:
11:14:54.0188 4092 MBR used
11:14:54.0188 4092 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D1C3000
11:14:54.0188 4092 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D28B800, BlocksNum 0x1D0FA800
11:14:54.0248 4092 Initialize success
11:14:54.0248 4092 ============================================================
11:15:00.0808 7708 ============================================================
11:15:00.0808 7708 Scan started
11:15:00.0808 7708 Mode: Manual; SigCheck; TDLFS;
11:15:00.0808 7708 ============================================================
11:15:02.0898 7708 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:15:03.0088 7708 1394ohci - ok
11:15:03.0428 7708 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:15:03.0468 7708 ACPI - ok
11:15:03.0808 7708 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:15:03.0908 7708 AcpiPmi - ok
11:15:03.0988 7708 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:15:04.0018 7708 AdobeARMservice - ok
11:15:04.0358 7708 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:15:04.0408 7708 adp94xx - ok
11:15:04.0798 7708 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:15:04.0838 7708 adpahci - ok
11:15:05.0168 7708 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:15:05.0188 7708 adpu320 - ok
11:15:05.0418 7708 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:15:05.0568 7708 AeLookupSvc - ok
11:15:05.0938 7708 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:15:06.0048 7708 AFD - ok
11:15:06.0378 7708 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:15:06.0408 7708 agp440 - ok
11:15:06.0658 7708 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:15:06.0728 7708 ALG - ok
11:15:07.0058 7708 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:15:07.0078 7708 aliide - ok
11:15:07.0398 7708 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:15:07.0428 7708 amdide - ok
11:15:07.0748 7708 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:15:07.0818 7708 AmdK8 - ok
11:15:08.0128 7708 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:15:08.0188 7708 AmdPPM - ok
11:15:08.0508 7708 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:15:08.0538 7708 amdsata - ok
11:15:08.0868 7708 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:15:08.0908 7708 amdsbs - ok
11:15:09.0218 7708 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:15:09.0248 7708 amdxata - ok
11:15:09.0568 7708 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:15:09.0778 7708 AppID - ok
11:15:10.0028 7708 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:15:10.0148 7708 AppIDSvc - ok
11:15:10.0408 7708 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:15:10.0498 7708 Appinfo - ok
11:15:10.0818 7708 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:15:10.0848 7708 arc - ok
11:15:11.0158 7708 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:15:11.0198 7708 arcsas - ok
11:15:11.0508 7708 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:15:11.0598 7708 AsyncMac - ok
11:15:11.0918 7708 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:15:11.0948 7708 atapi - ok
11:15:12.0348 7708 athr (b2931c83cfb12a3223a47b180473ae1a) C:\Windows\system32\DRIVERS\athrx.sys
11:15:12.0448 7708 athr - ok
11:15:12.0728 7708 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:15:12.0858 7708 AudioEndpointBuilder - ok
11:15:12.0878 7708 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:15:12.0938 7708 AudioSrv - ok
11:15:13.0188 7708 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:15:13.0308 7708 AxInstSV - ok
11:15:13.0638 7708 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:15:13.0718 7708 b06bdrv - ok
11:15:14.0038 7708 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:15:14.0098 7708 b57nd60a - ok
11:15:14.0358 7708 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:15:14.0428 7708 BDESVC - ok
11:15:14.0738 7708 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:15:14.0848 7708 Beep - ok
11:15:15.0118 7708 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:15:15.0228 7708 BFE - ok
11:15:15.0458 7708 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:15:15.0588 7708 BITS - ok
11:15:15.0898 7708 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:15:15.0988 7708 blbdrive - ok
11:15:16.0328 7708 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:15:16.0398 7708 bowser - ok
11:15:16.0708 7708 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:15:16.0768 7708 BrFiltLo - ok
11:15:17.0068 7708 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:15:17.0118 7708 BrFiltUp - ok
11:15:17.0358 7708 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:15:17.0438 7708 Browser - ok
11:15:17.0738 7708 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:15:17.0838 7708 Brserid - ok
11:15:18.0148 7708 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:15:18.0208 7708 BrSerWdm - ok
11:15:18.0528 7708 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:15:18.0598 7708 BrUsbMdm - ok
11:15:18.0908 7708 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:15:18.0948 7708 BrUsbSer - ok
11:15:19.0258 7708 BtFilter (2347abbd13bada65826fdab4caafe357) C:\Windows\system32\DRIVERS\btfilter.sys
11:15:19.0338 7708 BtFilter - ok
11:15:19.0658 7708 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:15:19.0708 7708 BTHMODEM - ok
11:15:19.0948 7708 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:15:20.0038 7708 bthserv - ok
11:15:20.0358 7708 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:15:20.0428 7708 cdfs - ok
11:15:20.0768 7708 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:15:20.0898 7708 cdrom - ok
11:15:21.0208 7708 CeKbFilter (a965b206921c55f2d1481789d609b711) C:\Windows\system32\DRIVERS\CeKbFilter.sys
11:15:21.0238 7708 CeKbFilter - ok
11:15:21.0488 7708 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:15:21.0598 7708 CertPropSvc - ok
11:15:21.0908 7708 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
11:15:21.0938 7708 cfwids - ok
11:15:22.0068 7708 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
11:15:22.0098 7708 cfWiMAXService - ok
11:15:22.0418 7708 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:15:22.0468 7708 circlass - ok
11:15:22.0728 7708 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:15:22.0768 7708 CLFS - ok
11:15:22.0948 7708 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:15:22.0968 7708 clr_optimization_v2.0.50727_32 - ok
11:15:23.0168 7708 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:15:23.0198 7708 clr_optimization_v2.0.50727_64 - ok
11:15:23.0418 7708 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:15:23.0448 7708 clr_optimization_v4.0.30319_32 - ok
11:15:23.0678 7708 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:15:23.0708 7708 clr_optimization_v4.0.30319_64 - ok
11:15:24.0008 7708 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:15:24.0058 7708 CmBatt - ok
11:15:24.0378 7708 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:15:24.0408 7708 cmdide - ok
11:15:24.0748 7708 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:15:24.0808 7708 CNG - ok
11:15:25.0138 7708 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:15:25.0168 7708 Compbatt - ok
11:15:25.0478 7708 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:15:25.0538 7708 CompositeBus - ok
11:15:25.0748 7708 COMSysApp - ok
11:15:25.0878 7708 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
11:15:25.0898 7708 ConfigFree Service - ok
11:15:26.0218 7708 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:15:26.0248 7708 crcdisk - ok
11:15:26.0498 7708 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
11:15:26.0598 7708 CryptSvc - ok
11:15:26.0708 7708 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:15:26.0778 7708 cvhsvc - ok
11:15:27.0038 7708 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:15:27.0138 7708 DcomLaunch - ok
11:15:27.0378 7708 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:15:27.0458 7708 defragsvc - ok
11:15:27.0768 7708 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:15:27.0878 7708 DfsC - ok
11:15:28.0128 7708 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:15:28.0238 7708 Dhcp - ok
11:15:28.0558 7708 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:15:28.0668 7708 discache - ok
11:15:29.0008 7708 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:15:29.0048 7708 Disk - ok
11:15:29.0278 7708 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:15:29.0378 7708 Dnscache - ok
11:15:29.0608 7708 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:15:29.0698 7708 dot3svc - ok
11:15:29.0938 7708 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:15:30.0028 7708 DPS - ok
11:15:30.0338 7708 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:15:30.0388 7708 drmkaud - ok
11:15:30.0698 7708 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:15:30.0758 7708 DXGKrnl - ok
11:15:30.0998 7708 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:15:31.0098 7708 EapHost - ok
11:15:31.0498 7708 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:15:31.0568 7708 ebdrv - ok
11:15:31.0858 7708 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:15:31.0958 7708 EFS - ok
11:15:32.0088 7708 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:15:32.0178 7708 ehRecvr - ok
11:15:32.0308 7708 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:15:32.0358 7708 ehSched - ok
11:15:32.0668 7708 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:15:32.0718 7708 elxstor - ok
11:15:33.0018 7708 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:15:33.0058 7708 ErrDev - ok
11:15:33.0278 7708 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:15:33.0318 7708 EventSystem - ok
11:15:33.0608 7708 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:15:33.0708 7708 exfat - ok
11:15:34.0008 7708 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:15:34.0108 7708 fastfat - ok
11:15:34.0348 7708 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:15:34.0428 7708 Fax - ok
11:15:34.0728 7708 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:15:34.0778 7708 fdc - ok
11:15:34.0988 7708 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:15:35.0108 7708 fdPHost - ok
11:15:35.0318 7708 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:15:35.0408 7708 FDResPub - ok
11:15:35.0718 7708 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:15:35.0748 7708 FileInfo - ok
11:15:36.0038 7708 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:15:36.0138 7708 Filetrace - ok
11:15:36.0438 7708 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:15:36.0478 7708 flpydisk - ok
11:15:36.0788 7708 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:15:36.0828 7708 FltMgr - ok
11:15:37.0118 7708 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:15:37.0228 7708 FontCache - ok
11:15:37.0328 7708 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:15:37.0348 7708 FontCache3.0.0.0 - ok
11:15:37.0608 7708 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:15:37.0628 7708 FsDepends - ok
11:15:37.0948 7708 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:15:37.0978 7708 Fs_Rec - ok
11:15:38.0298 7708 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:15:38.0338 7708 fvevol - ok
11:15:38.0658 7708 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:15:38.0688 7708 gagp30kx - ok
11:15:38.0788 7708 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:15:38.0828 7708 GamesAppService - ok
11:15:39.0108 7708 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:15:39.0188 7708 gpsvc - ok
11:15:39.0258 7708 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:15:39.0278 7708 gupdate - ok
11:15:39.0298 7708 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:15:39.0318 7708 gupdatem - ok
11:15:39.0338 7708 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:15:39.0368 7708 gusvc - ok
11:15:39.0688 7708 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:15:39.0758 7708 hcw85cir - ok
11:15:40.0068 7708 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:15:40.0138 7708 HdAudAddService - ok
11:15:40.0468 7708 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:15:40.0528 7708 HDAudBus - ok
11:15:40.0798 7708 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:15:40.0848 7708 HidBatt - ok
11:15:41.0138 7708 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:15:41.0188 7708 HidBth - ok
11:15:41.0508 7708 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:15:41.0548 7708 HidIr - ok
11:15:41.0758 7708 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:15:41.0858 7708 hidserv - ok
11:15:42.0158 7708 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:15:42.0198 7708 HidUsb - ok
11:15:42.0398 7708 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:15:42.0498 7708 hkmsvc - ok
11:15:42.0698 7708 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:15:42.0778 7708 HomeGroupListener - ok
11:15:42.0988 7708 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:15:43.0048 7708 HomeGroupProvider - ok
11:15:43.0338 7708 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:15:43.0368 7708 HpSAMD - ok
11:15:43.0688 7708 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:15:43.0818 7708 HTTP - ok
11:15:44.0178 7708 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:15:44.0208 7708 hwpolicy - ok
11:15:44.0598 7708 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:15:44.0638 7708 i8042prt - ok
11:15:45.0018 7708 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
11:15:45.0058 7708 iaStor - ok
11:15:45.0408 7708 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:15:45.0458 7708 iaStorV - ok
11:15:45.0568 7708 IconMan_R (dabfbe88774a3c1a8cea198348e02740) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
11:15:45.0648 7708 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
11:15:45.0648 7708 IconMan_R - detected UnsignedFile.Multi.Generic (1)
11:15:45.0758 7708 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:15:45.0808 7708 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:15:45.0808 7708 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:15:45.0948 7708 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:15:46.0018 7708 idsvc - ok
11:15:46.0658 7708 igfx (370c2a8629b30f910f740387795ddc6f) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:15:47.0038 7708 igfx - ok
11:15:47.0398 7708 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:15:47.0428 7708 iirsp - ok
11:15:47.0678 7708 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:15:47.0788 7708 IKEEXT - ok
11:15:48.0138 7708 IntcAzAudAddService (2cc2f7c5990bb76767038f4b16d17a56) C:\Windows\system32\drivers\RTKVHD64.sys
11:15:48.0188 7708 IntcAzAudAddService - ok
11:15:48.0508 7708 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:15:48.0518 7708 intelide - ok
11:15:48.0868 7708 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:15:48.0918 7708 intelppm - ok
11:15:49.0158 7708 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:15:49.0248 7708 IPBusEnum - ok
11:15:49.0578 7708 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:15:49.0658 7708 IpFilterDriver - ok
11:15:49.0918 7708 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:15:50.0058 7708 iphlpsvc - ok
11:15:50.0378 7708 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:15:50.0428 7708 IPMIDRV - ok
11:15:50.0758 7708 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:15:50.0858 7708 IPNAT - ok
11:15:51.0208 7708 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:15:51.0258 7708 IRENUM - ok
11:15:51.0608 7708 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:15:51.0628 7708 isapnp - ok
11:15:51.0958 7708 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:15:51.0998 7708 iScsiPrt - ok
11:15:52.0348 7708 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
11:15:52.0378 7708 kbdclass - ok
11:15:52.0718 7708 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:15:52.0768 7708 kbdhid - ok
11:15:52.0978 7708 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:15:53.0008 7708 KeyIso - ok
11:15:53.0368 7708 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:15:53.0398 7708 KSecDD - ok
11:15:53.0758 7708 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:15:53.0788 7708 KSecPkg - ok
11:15:54.0128 7708 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:15:54.0218 7708 ksthunk - ok
11:15:54.0448 7708 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:15:54.0558 7708 KtmRm - ok
11:15:54.0818 7708 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:15:54.0908 7708 LanmanServer - ok
11:15:55.0148 7708 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:15:55.0248 7708 LanmanWorkstation - ok
11:15:55.0608 7708 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:15:55.0708 7708 lltdio - ok
11:15:55.0928 7708 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:15:56.0018 7708 lltdsvc - ok
11:15:56.0258 7708 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:15:56.0368 7708 lmhosts - ok
11:15:56.0438 7708 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:15:56.0478 7708 LMS - ok
11:15:56.0818 7708 LPCFilter (2825a71e7501cb33b3b9f856610c729d) C:\Windows\system32\DRIVERS\LPCFilter.sys
11:15:56.0848 7708 LPCFilter - ok
11:15:57.0198 7708 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:15:57.0228 7708 LSI_FC - ok
11:15:57.0568 7708 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:15:57.0598 7708 LSI_SAS - ok
11:15:57.0948 7708 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:15:57.0978 7708 LSI_SAS2 - ok
11:15:58.0328 7708 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:15:58.0358 7708 LSI_SCSI - ok
11:15:58.0708 7708 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:15:58.0808 7708 luafv - ok
11:15:59.0158 7708 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
11:15:59.0178 7708 MBAMProtector - ok
11:15:59.0238 7708 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:15:59.0298 7708 MBAMService - ok
11:15:59.0368 7708 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:15:59.0398 7708 McAfee SiteAdvisor Service - ok
11:15:59.0448 7708 McAWFwk (f48571922079bbab289c57bafefe88f3) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
11:15:59.0478 7708 McAWFwk - ok
11:15:59.0548 7708 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:15:59.0578 7708 McMPFSvc - ok
11:15:59.0598 7708 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:15:59.0628 7708 mcmscsvc - ok
11:15:59.0638 7708 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:15:59.0668 7708 McNaiAnn - ok
11:15:59.0688 7708 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:15:59.0718 7708 McNASvc - ok
11:15:59.0788 7708 McODS (c6232488cdbf063ce077fc7f8f8c248c) C:\Program Files\mcafee\VirusScan\mcods.exe
11:15:59.0828 7708 McODS - ok
11:15:59.0878 7708 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:15:59.0908 7708 McOobeSv - ok
11:15:59.0918 7708 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:15:59.0938 7708 McProxy - ok
11:15:59.0968 7708 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:15:59.0978 7708 McShield - ok
11:16:00.0198 7708 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:16:00.0248 7708 Mcx2Svc - ok
11:16:00.0578 7708 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:16:00.0598 7708 megasas - ok
11:16:00.0948 7708 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:16:00.0988 7708 MegaSR - ok
11:16:01.0388 7708 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:16:01.0418 7708 MEIx64 - ok
11:16:01.0758 7708 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
11:16:01.0778 7708 mfeapfk - ok
11:16:02.0118 7708 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
11:16:02.0148 7708 mfeavfk - ok
11:16:02.0478 7708 mfeavfk01 - ok
11:16:02.0538 7708 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:16:02.0638 7708 mfefire - ok
11:16:02.0978 7708 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
11:16:03.0018 7708 mfefirek - ok
11:16:03.0388 7708 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
11:16:03.0438 7708 mfehidk - ok
11:16:03.0768 7708 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
11:16:03.0798 7708 mfenlfk - ok
11:16:04.0128 7708 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
11:16:04.0158 7708 mferkdet - ok
11:16:04.0398 7708 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
11:16:04.0428 7708 mfevtp - ok
11:16:04.0778 7708 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
11:16:04.0808 7708 mfewfpk - ok
11:16:05.0058 7708 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:16:05.0148 7708 MMCSS - ok
11:16:05.0488 7708 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:16:05.0568 7708 Modem - ok
11:16:05.0908 7708 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:16:05.0958 7708 monitor - ok
11:16:06.0318 7708 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:16:06.0348 7708 mouclass - ok
11:16:06.0708 7708 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:16:06.0748 7708 mouhid - ok
11:16:07.0098 7708 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:16:07.0128 7708 mountmgr - ok
11:16:07.0468 7708 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:16:07.0508 7708 mpio - ok
11:16:07.0838 7708 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:16:07.0988 7708 mpsdrv - ok
11:16:08.0248 7708 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:16:08.0298 7708 MpsSvc - ok
11:16:08.0648 7708 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:16:08.0718 7708 MRxDAV - ok
11:16:09.0058 7708 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:16:09.0118 7708 mrxsmb - ok
11:16:09.0498 7708 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:16:09.0568 7708 mrxsmb10 - ok
11:16:09.0908 7708 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:16:09.0958 7708 mrxsmb20 - ok
11:16:10.0288 7708 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
11:16:10.0318 7708 msahci - ok
11:16:10.0658 7708 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:16:10.0698 7708 msdsm - ok
11:16:10.0928 7708 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:16:10.0968 7708 MSDTC - ok
11:16:11.0318 7708 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:16:11.0388 7708 Msfs - ok
11:16:11.0738 7708 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:16:11.0848 7708 mshidkmdf - ok
11:16:12.0158 7708 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:16:12.0188 7708 msisadrv - ok
11:16:12.0418 7708 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:16:12.0498 7708 MSiSCSI - ok
11:16:12.0708 7708 msiserver - ok
11:16:12.0768 7708 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:16:12.0798 7708 MSK80Service - ok
11:16:13.0138 7708 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:16:13.0228 7708 MSKSSRV - ok
11:16:13.0548 7708 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:16:13.0638 7708 MSPCLOCK - ok
11:16:13.0968 7708 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:16:14.0058 7708 MSPQM - ok
11:16:14.0408 7708 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:16:14.0448 7708 MsRPC - ok
11:16:14.0778 7708 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:16:14.0808 7708 mssmbios - ok
11:16:15.0168 7708 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:16:15.0248 7708 MSTEE - ok
11:16:15.0578 7708 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:16:15.0628 7708 MTConfig - ok
11:16:15.0968 7708 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:16:15.0998 7708 Mup - ok
11:16:16.0218 7708 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:16:16.0318 7708 napagent - ok
11:16:16.0678 7708 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:16:16.0748 7708 NativeWifiP - ok
11:16:16.0828 7708 NAUpdate (13aa2130f2a104dd775ead0f0ee5417b) c:\Program Files (x86)\Nero\Update\NASvc.exe
11:16:16.0868 7708 NAUpdate - ok
11:16:17.0238 7708 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:16:17.0288 7708 NDIS - ok
11:16:17.0638 7708 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:16:17.0718 7708 NdisCap - ok
11:16:18.0058 7708 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:16:18.0138 7708 NdisTapi - ok
11:16:18.0488 7708 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:16:18.0558 7708 Ndisuio - ok
11:16:18.0898 7708 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:16:18.0978 7708 NdisWan - ok
11:16:19.0318 7708 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:16:19.0398 7708 NDProxy - ok
11:16:19.0758 7708 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:16:19.0858 7708 NetBIOS - ok
11:16:20.0188 7708 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:16:20.0268 7708 NetBT - ok
11:16:20.0498 7708 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:16:20.0538 7708 Netlogon - ok
11:16:20.0778 7708 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:16:20.0888 7708 Netman - ok
11:16:21.0138 7708 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:16:21.0238 7708 netprofm - ok
11:16:21.0368 7708 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:16:21.0398 7708 NetTcpPortSharing - ok
11:16:21.0758 7708 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:16:21.0788 7708 nfrd960 - ok
11:16:22.0038 7708 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:16:22.0148 7708 NlaSvc - ok
11:16:22.0478 7708 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:16:22.0568 7708 Npfs - ok
11:16:22.0808 7708 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:16:22.0898 7708 nsi - ok
11:16:23.0288 7708 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:16:23.0388 7708 nsiproxy - ok
11:16:23.0808 7708 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:16:23.0868 7708 Ntfs - ok
11:16:24.0238 7708 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:16:24.0338 7708 Null - ok
11:16:24.0688 7708 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:16:24.0718 7708 nvraid - ok
11:16:25.0078 7708 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:16:25.0118 7708 nvstor - ok
11:16:25.0508 7708 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:16:25.0538 7708 nv_agp - ok
11:16:25.0888 7708 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:16:25.0938 7708 ohci1394 - ok
11:16:25.0988 7708 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:16:26.0018 7708 ose - ok
11:16:26.0188 7708 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:16:26.0378 7708 osppsvc - ok
11:16:26.0608 7708 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:16:26.0668 7708 p2pimsvc - ok
11:16:26.0908 7708 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:16:26.0968 7708 p2psvc - ok
11:16:27.0318 7708 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:16:27.0358 7708 Parport - ok
11:16:27.0688 7708 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:16:27.0718 7708 partmgr - ok
11:16:27.0958 7708 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:16:28.0028 7708 PcaSvc - ok
11:16:28.0368 7708 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:16:28.0398 7708 pci - ok
11:16:28.0728 7708 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:16:28.0758 7708 pciide - ok
11:16:29.0098 7708 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:16:29.0128 7708 pcmcia - ok
11:16:29.0458 7708 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:16:29.0488 7708 pcw - ok
11:16:29.0848 7708 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:16:29.0948 7708 PEAUTH - ok
11:16:30.0158 7708 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:16:30.0208 7708 PerfHost - ok
11:16:30.0548 7708 PGEffect (91111cebbde8015e822c46120ed9537c) C:\Windows\system32\DRIVERS\pgeffect.sys
11:16:30.0578 7708 PGEffect - ok
11:16:30.0818 7708 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:16:30.0908 7708 pla - ok
11:16:31.0158 7708 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:16:31.0228 7708 PlugPlay - ok
11:16:31.0428 7708 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:16:31.0478 7708 PNRPAutoReg - ok
11:16:31.0718 7708 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:16:31.0758 7708 PNRPsvc - ok
11:16:31.0998 7708 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:16:32.0118 7708 PolicyAgent - ok
11:16:32.0358 7708 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:16:32.0438 7708 Power - ok
11:16:32.0778 7708 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:16:32.0868 7708 PptpMiniport - ok
11:16:33.0218 7708 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:16:33.0268 7708 Processor - ok
11:16:33.0518 7708 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
11:16:33.0618 7708 ProfSvc - ok
11:16:33.0908 7708 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:16:33.0948 7708 ProtectedStorage - ok
11:16:34.0318 7708 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:16:34.0428 7708 Psched - ok
11:16:34.0808 7708 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:16:34.0898 7708 ql2300 - ok
11:16:35.0258 7708 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:16:35.0288 7708 ql40xx - ok
11:16:35.0498 7708 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:16:35.0528 7708 QWAVE - ok
11:16:35.0858 7708 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:16:35.0918 7708 QWAVEdrv - ok
11:16:36.0248 7708 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:16:36.0348 7708 RasAcd - ok
11:16:36.0688 7708 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:16:36.0738 7708 RasAgileVpn - ok
11:16:36.0968 7708 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:16:37.0018 7708 RasAuto - ok
11:16:37.0358 7708 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:16:37.0388 7708 Rasl2tp - ok
11:16:37.0648 7708 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:16:37.0748 7708 RasMan - ok
11:16:38.0118 7708 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:16:38.0208 7708 RasPppoe - ok
11:16:38.0528 7708 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:16:38.0638 7708 RasSstp - ok
11:16:38.0978 7708 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:16:39.0068 7708 rdbss - ok
11:16:39.0398 7708 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:16:39.0448 7708 rdpbus - ok
11:16:39.0778 7708 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:16:39.0868 7708 RDPCDD - ok
11:16:40.0208 7708 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:16:40.0278 7708 RDPENCDD - ok
11:16:40.0628 7708 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:16:40.0708 7708 RDPREFMP - ok
11:16:41.0038 7708 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:16:41.0108 7708 RDPWD - ok
11:16:41.0478 7708 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:16:41.0518 7708 rdyboost - ok
11:16:41.0748 7708 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:16:41.0848 7708 RemoteAccess - ok
11:16:42.0078 7708 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:16:42.0148 7708 RemoteRegistry - ok
11:16:42.0358 7708 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:16:42.0438 7708 RpcEptMapper - ok
11:16:42.0648 7708 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:16:42.0688 7708 RpcLocator - ok
11:16:42.0938 7708 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:16:43.0018 7708 RpcSs - ok
11:16:43.0348 7708 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:16:43.0448 7708 rspndr - ok
11:16:43.0788 7708 RSUSBSTOR (9beb5f18a418ff70659ce2e356829568) C:\Windows\system32\Drivers\RtsUStor.sys
11:16:43.0818 7708 RSUSBSTOR - ok
11:16:44.0158 7708 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:16:44.0198 7708 RTL8167 - ok
11:16:44.0428 7708 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:16:44.0458 7708 SamSs - ok
11:16:44.0788 7708 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:16:44.0818 7708 sbp2port - ok
11:16:45.0038 7708 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:16:45.0128 7708 SCardSvr - ok
11:16:45.0448 7708 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:16:45.0538 7708 scfilter - ok
11:16:45.0758 7708 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:16:45.0868 7708 Schedule - ok
11:16:46.0098 7708 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:16:46.0168 7708 SCPolicySvc - ok
11:16:46.0388 7708 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:16:46.0478 7708 SDRSVC - ok
11:16:46.0798 7708 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:16:46.0878 7708 secdrv - ok
11:16:47.0088 7708 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:16:47.0168 7708 seclogon - ok
11:16:47.0388 7708 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:16:47.0488 7708 SENS - ok
11:16:47.0698 7708 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:16:47.0768 7708 SensrSvc - ok
11:16:48.0098 7708 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:16:48.0148 7708 Serenum - ok
11:16:48.0488 7708 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:16:48.0558 7708 Serial - ok
11:16:48.0868 7708 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:16:48.0918 7708 sermouse - ok
11:16:49.0128 7708 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:16:49.0228 7708 SessionEnv - ok
11:16:49.0558 7708 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:16:49.0628 7708 sffdisk - ok
11:16:49.0948 7708 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:16:50.0008 7708 sffp_mmc - ok
11:16:50.0318 7708 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:16:50.0368 7708 sffp_sd - ok
11:16:50.0698 7708 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:16:50.0748 7708 sfloppy - ok
11:16:51.0088 7708 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:16:51.0148 7708 Sftfs - ok
11:16:51.0218 7708 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:16:51.0258 7708 sftlist - ok
11:16:51.0578 7708 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:16:51.0618 7708 Sftplay - ok
11:16:51.0968 7708 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:16:51.0998 7708 Sftredir - ok
11:16:52.0358 7708 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:16:52.0378 7708 Sftvol - ok
11:16:52.0438 7708 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:16:52.0478 7708 sftvsa - ok
11:16:52.0718 7708 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:16:52.0828 7708 SharedAccess - ok
11:16:53.0058 7708 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:16:53.0178 7708 ShellHWDetection - ok
11:16:53.0518 7708 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:16:53.0548 7708 SiSRaid2 - ok
11:16:53.0898 7708 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:16:53.0928 7708 SiSRaid4 - ok
11:16:54.0318 7708 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:16:54.0408 7708 Smb - ok
11:16:54.0668 7708 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:16:54.0708 7708 SNMPTRAP - ok
11:16:55.0038 7708 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:16:55.0058 7708 spldr - ok
11:16:55.0288 7708 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:16:55.0398 7708 Spooler - ok
11:16:55.0718 7708 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:16:55.0858 7708 sppsvc - ok
11:16:56.0088 7708 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:16:56.0198 7708 sppuinotify - ok
11:16:56.0528 7708 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:16:56.0618 7708 srv - ok
11:16:56.0958 7708 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:16:57.0018 7708 srv2 - ok
11:16:57.0348 7708 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:16:57.0398 7708 srvnet - ok
11:16:57.0678 7708 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:16:57.0788 7708 SSDPSRV - ok
11:16:58.0008 7708 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:16:58.0098 7708 SstpSvc - ok
11:16:58.0418 7708 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:16:58.0448 7708 stexstor - ok
11:16:58.0698 7708 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:16:58.0768 7708 stisvc - ok
11:16:59.0088 7708 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:16:59.0118 7708 swenum - ok
11:16:59.0348 7708 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:16:59.0438 7708 swprv - ok
11:16:59.0868 7708 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\Windows\system32\DRIVERS\SynTP.sys
11:16:59.0928 7708 SynTP - ok
11:17:00.0198 7708 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:17:00.0278 7708 SysMain - ok
11:17:00.0498 7708 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:17:00.0548 7708 TabletInputService - ok
11:17:00.0768 7708 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:17:00.0858 7708 TapiSrv - ok
11:17:01.0078 7708 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:17:01.0158 7708 TBS - ok
11:17:01.0548 7708 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:17:01.0618 7708 Tcpip - ok
11:17:01.0998 7708 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:17:02.0048 7708 TCPIP6 - ok
11:17:02.0368 7708 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:17:02.0448 7708 tcpipreg - ok
11:17:02.0788 7708 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:17:02.0798 7708 tdcmdpst - ok
11:17:03.0138 7708 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:17:03.0178 7708 TDPIPE - ok
11:17:03.0508 7708 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:17:03.0558 7708 TDTCP - ok
11:17:03.0908 7708 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:17:04.0008 7708 tdx - ok
11:17:04.0088 7708 TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:17:04.0118 7708 TemproMonitoringService - ok
11:17:04.0438 7708 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:17:04.0468 7708 TermDD - ok
11:17:04.0698 7708 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:17:04.0828 7708 TermService - ok
11:17:05.0038 7708 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:17:05.0108 7708 Themes - ok
11:17:05.0318 7708 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:17:05.0388 7708 THREADORDER - ok
11:17:05.0478 7708 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:17:05.0498 7708 TMachInfo - ok
11:17:05.0758 7708 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
11:17:05.0788 7708 TODDSrv - ok
11:17:05.0888 7708 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:17:05.0928 7708 TosCoSrv - ok
11:17:06.0068 7708 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
11:17:06.0098 7708 TOSHIBA Bluetooth Service - ok
11:17:06.0188 7708 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:17:06.0208 7708 TOSHIBA HDD SSD Alert Service - ok
11:17:06.0538 7708 Tosrfcom - ok
11:17:06.0878 7708 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\Windows\system32\DRIVERS\tosrfec.sys
11:17:06.0908 7708 tosrfec - ok
11:17:07.0228 7708 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\Windows\system32\DRIVERS\tosrfusb.sys
11:17:07.0248 7708 Tosrfusb - ok
11:17:07.0588 7708 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\Windows\system32\DRIVERS\tos_sps64.sys
11:17:07.0638 7708 tos_sps64 - ok
11:17:07.0858 7708 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:17:07.0958 7708 TrkWks - ok
11:17:08.0048 7708 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:17:08.0158 7708 TrustedInstaller - ok
11:17:08.0448 7708 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:08.0538 7708 tssecsrv - ok
11:17:08.0878 7708 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:17:08.0938 7708 TsUsbFlt - ok
11:17:09.0268 7708 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:17:09.0308 7708 TsUsbGD - ok
11:17:09.0658 7708 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:17:09.0738 7708 tunnel - ok
11:17:10.0128 7708 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:17:10.0148 7708 TVALZ - ok
11:17:10.0498 7708 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:17:10.0528 7708 uagp35 - ok
11:17:10.0868 7708 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:17:10.0948 7708 udfs - ok
11:17:11.0178 7708 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:17:11.0218 7708 UI0Detect - ok
11:17:11.0568 7708 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:17:11.0598 7708 uliagpkx - ok
11:17:11.0958 7708 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:17:11.0998 7708 umbus - ok
11:17:12.0318 7708 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:17:12.0378 7708 UmPass - ok
11:17:12.0518 7708 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:17:12.0608 7708 UNS - ok
11:17:12.0838 7708 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:17:12.0948 7708 upnphost - ok
11:17:13.0288 7708 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:13.0348 7708 usbccgp - ok
11:17:13.0688 7708 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:17:13.0738 7708 usbcir - ok
11:17:14.0078 7708 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:17:14.0128 7708 usbehci - ok
11:17:14.0508 7708 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:17:14.0568 7708 usbhub - ok
11:17:14.0898 7708 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:17:14.0938 7708 usbohci - ok
11:17:15.0278 7708 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:17:15.0328 7708 usbprint - ok
11:17:15.0668 7708 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:15.0748 7708 USBSTOR - ok
11:17:16.0068 7708 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:17:16.0118 7708 usbuhci - ok
11:17:16.0468 7708 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:17:16.0528 7708 usbvideo - ok
11:17:16.0758 7708 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:17:16.0838 7708 UxSms - ok
11:17:17.0068 7708 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:17:17.0108 7708 VaultSvc - ok
11:17:17.0458 7708 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:17:17.0478 7708 vdrvroot - ok
11:17:17.0728 7708 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:17:17.0838 7708 vds - ok
11:17:18.0188 7708 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:18.0238 7708 vga - ok
11:17:18.0568 7708 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:17:18.0668 7708 VgaSave - ok
11:17:19.0018 7708 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:17:19.0058 7708 vhdmp - ok
11:17:19.0388 7708 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:17:19.0408 7708 viaide - ok
11:17:19.0758 7708 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:17:19.0788 7708 volmgr - ok
11:17:20.0138 7708 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:17:20.0178 7708 volmgrx - ok
11:17:20.0528 7708 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
11:17:20.0568 7708 volsnap - ok
11:17:20.0938 7708 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:17:20.0968 7708 vsmraid - ok
11:17:21.0238 7708 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:17:21.0358 7708 VSS - ok
11:17:21.0708 7708 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:17:21.0758 7708 vwifibus - ok
11:17:22.0138 7708 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:17:22.0198 7708 vwififlt - ok
11:17:22.0448 7708 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:17:22.0538 7708 W32Time - ok
11:17:22.0878 7708 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:17:22.0928 7708 WacomPen - ok
11:17:23.0268 7708 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:17:23.0358 7708 WANARP - ok
11:17:23.0378 7708 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:17:23.0428 7708 Wanarpv6 - ok
11:17:23.0708 7708 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:17:23.0778 7708 WatAdminSvc - ok
11:17:24.0058 7708 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:17:24.0168 7708 wbengine - ok
11:17:24.0418 7708 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:17:24.0478 7708 WbioSrvc - ok
11:17:24.0728 7708 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:17:24.0798 7708 wcncsvc - ok
11:17:25.0028 7708 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:17:25.0108 7708 WcsPlugInService - ok
11:17:25.0438 7708 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:17:25.0468 7708 Wd - ok
11:17:25.0808 7708 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:17:25.0858 7708 Wdf01000 - ok
11:17:26.0098 7708 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:17:26.0168 7708 WdiServiceHost - ok
11:17:26.0168 7708 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:17:26.0198 7708 WdiSystemHost - ok
11:17:26.0448 7708 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:17:26.0508 7708 WebClient - ok
11:17:26.0738 7708 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:17:26.0858 7708 Wecsvc - ok
11:17:27.0098 7708 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:17:27.0168 7708 wercplsupport - ok
11:17:27.0408 7708 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:17:27.0488 7708 WerSvc - ok
11:17:27.0838 7708 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:17:27.0918 7708 WfpLwf - ok
11:17:28.0248 7708 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:17:28.0278 7708 WIMMount - ok
11:17:28.0318 7708 WinDefend - ok
11:17:28.0338 7708 WinHttpAutoProxySvc - ok
11:17:28.0658 7708 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:17:28.0748 7708 Winmgmt - ok
11:17:29.0018 7708 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:17:29.0128 7708 WinRM - ok
11:17:29.0388 7708 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:17:29.0478 7708 Wlansvc - ok
11:17:29.0568 7708 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:17:29.0588 7708 wlcrasvc - ok
11:17:29.0708 7708 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:17:29.0778 7708 wlidsvc - ok
11:17:30.0168 7708 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:17:30.0208 7708 WmiAcpi - ok
11:17:30.0548 7708 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:17:30.0598 7708 wmiApSrv - ok
11:17:30.0638 7708 WMPNetworkSvc - ok
11:17:30.0878 7708 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:17:30.0948 7708 WPCSvc - ok
11:17:31.0168 7708 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:17:31.0188 7708 WPDBusEnum - ok
11:17:31.0518 7708 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:17:31.0608 7708 ws2ifsl - ok
11:17:31.0838 7708 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:17:31.0888 7708 wscsvc - ok
11:17:32.0098 7708 WSearch - ok
11:17:32.0368 7708 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:17:32.0448 7708 wuauserv - ok
11:17:32.0808 7708 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:17:32.0868 7708 WudfPf - ok
11:17:33.0258 7708 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:33.0298 7708 WUDFRd - ok
11:17:33.0598 7708 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:17:33.0648 7708 wudfsvc - ok
11:17:34.0498 7708 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:17:34.0548 7708 WwanSvc - ok
11:17:34.0588 7708 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:17:34.0728 7708 \Device\Harddisk0\DR0 - ok
11:17:34.0778 7708 Boot (0x1200) (663c0542b6be61042b4ce6e9991f1a8e) \Device\Harddisk0\DR0\Partition0
11:17:34.0778 7708 \Device\Harddisk0\DR0\Partition0 - ok
11:17:34.0838 7708 Boot (0x1200) (1fe4519ff92fc205b30d159120755fc2) \Device\Harddisk0\DR0\Partition1
11:17:34.0838 7708 \Device\Harddisk0\DR0\Partition1 - ok
11:17:34.0838 7708 ============================================================
11:17:34.0838 7708 Scan finished
11:17:34.0838 7708 ============================================================
11:17:34.0868 7696 Detected object count: 2
11:17:34.0868 7696 Actual detected object count: 2
12:47:06.0035 7696 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
12:47:06.0035 7696 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:47:06.0035 7696 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:47:06.0035 7696 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.03.2012, 15:01
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Auch das ist unauffällig. Sollen wir tiefer graben=?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.03.2012, 16:20
| #9 |
| | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Wenn es nicht unbedingt von Nöten ist, muss das meiner Ansicht nach nicht sein. Was meinst du? |
|
30.03.2012, 17:10
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Nur wenn noch Probleme offen sind oder du erhebliche Zweifel hast 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.03.2012, 10:25
| #11 |
| | Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster Probleme sind nicht mehr offen. Zweifel hab ich auch nicht. Dann lassen wir das. |
|
| Themen zu Beim Starten von Win7 tut sich nichts, es öffnet sich ein IE Fenster |
| administrator, anti-malware, appdata, autostart, beim starten, code, computer, dateien, dateisystem, explorer, gelöscht, heuristiks/extra, heuristiks/shuriken, log, malwarebytes, mbam, microsoft, ordner, roaming, scan, speicher, starten, temp, trojan.downloader.gen, win, win7, windows, öffnet |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
