Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden."

justus94 · 09.04.2012, 18:03

Hallo miteinander

Immer wenn ich mein Laptop starte wird nach einiger Zeit (ca 30sek.) der Bildschirm weiß und es steht dort:

"Die Webseite kann nicht angezeigt werden.
Mögliche Vorgehensweise:
Diagnose von Verbindungsproblemen
Weitere Informationen"

Als ich gemerkt habe das da irgendetwas nicht stimmt habe ich sofort W-Lan am Laptop ausgemacht und ihn neugestartet.
Nun tritt der weiße Bildschirm immer wieder auf!

Ich hoffe ich finde hier Hilfe

mit lieben Grüßen
justus94

cosinus · 09.04.2012, 19:31

Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?

Abgesicherter Modus zur Bereinigung

Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

justus94 · 10.04.2012, 15:21

Ja es funktioniert sowohl der abgesicherte Modus mit Netzwerktreibern und der Internetverbindung!

cosinus · 10.04.2012, 15:41

Gut, wenn der Modus geht wirst du erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

justus94 · 11.04.2012, 17:42

Hier die Logs von Malwarebytes:

alter Log:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
griesu :: LAP17 [Administrator]

13.01.2012 18:25:16
mbam-log-2012-01-13 (18-25-16).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305154
Laufzeit: 5 Stunde(n), 24 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

neuer Log:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.10.05

Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
griesu :: LAP17 [Administrator]

10.04.2012 17:04:18
mbam-log-2012-04-10 (17-04-18).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 309198
Laufzeit: 45 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\griesu\AppData\Local\Temp\arg64578.exe (Trojan.Agent.DTGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

nun noch von ESET Online Scanner:

Code:

ATTFilter

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

cosinus · 11.04.2012, 18:43

ESET hast du wahrscheinlich falsch falsch gemacht, da gab es extra einen dicken Hinweis zu

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen

justus94 · 12.04.2012, 19:48

Richtig! Tut mir leid :/

Code:

ATTFilter

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=86a4219f660957448228db1d2fd08c22
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-12 04:22:12
# local_time=2012-04-12 06:22:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 5879276 5879276 0 0
# compatibility_mode=5892 16776573 100 100 86967 171775629 0 0
# compatibility_mode=8192 67108863 100 0 87329 87329 0 0
# scanned=135544
# found=1
# cleaned=0
# scan_time=4830
C:\Users\griesu\Desktop\MovedFiles.zip	a variant of Win32/Kryptik.YNE trojan (unable to clean)	00000000000000000000000000000000	I

cosinus · 12.04.2012, 21:22

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

justus94 · 12.04.2012, 21:41

zu 1: Ja ich stelle keine Probleme fest
zu 2: Nee eig. alles da

cosinus · 12.04.2012, 22:55

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

justus94 · 14.04.2012, 20:15

OTL.txt

Code:

ATTFilter

OTL logfile created on: 14.04.2012 20:10:21 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = c:\Users\griesu\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 41,80% Memory free
4,21 Gb Paging File | 2,83 Gb Available in Paging File | 67,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,37 Gb Total Space | 49,11 Gb Free Space | 42,20% Space Free | Partition Type: NTFS
Drive E: | 115,05 Gb Total Space | 110,96 Gb Free Space | 96,44% Space Free | Partition Type: NTFS
 
Computer Name: LAP17 | User Name: griesu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.14 20:08:25 | 000,593,920 | ---- | M] (OldTimer Tools) -- c:\Users\griesu\Downloads\OTL.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.15 16:00:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.12.15 15:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 15:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.15 15:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.03 10:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.04.11 08:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.28 18:39:22 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.01.29 19:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.22 14:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008.01.22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 15:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007.12.25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 14:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.10.25 17:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.11.04 02:14:04 | 000,054,272 | ---- | M] () -- C:\Programme\Notepad++\NppShell_01.dll
MOD - [2008.01.22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2007.12.25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2007.12.14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2007.12.14 21:28:38 | 004,726,784 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2007.09.13 15:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006.12.01 18:55:42 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2006.10.10 12:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 12:57:04 | 000,053,248 | ---- | M] () -- c:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.15 15:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 15:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.12.25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.02.17 00:07:20 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.15 16:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.15 16:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.01.21 16:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.12.28 20:21:54 | 000,104,448 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.12.26 11:20:32 | 000,290,304 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.12.17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.06.14 14:41:00 | 000,466,048 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV - [2007.06.13 19:30:20 | 000,013,440 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stkrc.sys -- (Ltn_stkrc)
DRV - [2007.04.23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007.02.02 18:30:34 | 000,013,696 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PctvVirtualNdis.sys -- (PctvVirtualNdis)
DRV - [2006.11.20 15:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}
IE - HKLM\..\SearchScopes\{2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes,DefaultScope = {2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA_de
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7TSEA_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=1VcF8dWg9I5nQiljIS450880a30?q={searchTerms}
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\griesu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\griesu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.09.28 18:39:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.18 16:57:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 09:29:44 | 000,000,000 | ---D | M]
 
[2008.10.28 17:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\griesu\AppData\Roaming\mozilla\Extensions
[2012.03.08 08:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions
[2010.11.07 17:36:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.18 16:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.21 09:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 07:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 07:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.21 07:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 07:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 07:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 07:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\griesu\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\griesu\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\griesu\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.01.10 22:41:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O15 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DB307EA-C01D-4FEB-B3FE-5DB7CA1CEA6D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDA5B88B-4CEE-4279-8DBC-E34E936F4AFC}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.11 16:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.03.17 21:24:23 | 000,000,000 | ---D | C] -- C:\Users\griesu\Desktop\facharbeit
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.14 20:15:17 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549466931-2409346534-579944023-1000UA.job
[2012.04.14 20:09:52 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.14 20:09:52 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.14 20:09:52 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.14 20:09:52 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.14 20:04:24 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.04.14 20:02:54 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.14 20:02:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.14 20:02:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.14 20:02:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.14 20:02:24 | 2136,952,832 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.12 22:46:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.12 22:23:33 | 000,001,356 | ---- | M] () -- C:\Users\griesu\AppData\Local\d3d9caps.dat
[2012.04.11 17:17:52 | 000,002,086 | ---- | M] () -- C:\Users\griesu\Desktop\Google Chrome.lnk
[2012.04.10 16:54:27 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.03 15:11:48 | 000,016,824 | ---- | M] () -- C:\Users\griesu\Desktop\36701.jpg
[2012.03.31 19:04:14 | 000,271,957 | ---- | M] () -- C:\Users\griesu\Desktop\Logo_Friedland_Bremke.JPG
[2012.03.31 04:15:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549466931-2409346534-579944023-1000Core.job
[2012.03.23 23:52:37 | 000,035,840 | ---- | M] () -- C:\Users\griesu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2012.04.12 22:30:03 | 2136,952,832 | -HS- | C] () -- C:\hiberfil.sys
[2012.04.10 16:54:27 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.03 15:11:56 | 000,016,824 | ---- | C] () -- C:\Users\griesu\Desktop\36701.jpg
[2012.03.31 19:04:23 | 000,271,957 | ---- | C] () -- C:\Users\griesu\Desktop\Logo_Friedland_Bremke.JPG
[2012.01.18 15:22:33 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.04 21:05:01 | 000,001,356 | ---- | C] () -- C:\Users\griesu\AppData\Local\d3d9caps.dat
 
========== LOP Check ==========
 
[2010.12.30 12:51:45 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\.minecraft
[2012.03.25 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\ICQ
[2008.07.08 18:38:50 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\myphotobook
[2012.01.17 22:42:51 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia
[2010.03.14 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia Ovi Suite
[2010.02.25 17:06:43 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Notepad++
[2009.12.28 01:16:07 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\PC Suite
[2012.04.12 22:50:14 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.12.30 12:51:45 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\.minecraft
[2012.01.22 00:09:58 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Adobe
[2012.02.04 16:59:32 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Avira
[2009.12.29 12:45:02 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\CameraWindowDC
[2009.12.29 12:43:20 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\CANON INC
[2010.12.29 18:33:45 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\dvdcss
[2008.07.07 17:24:47 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Google
[2012.03.25 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\ICQ
[2008.07.06 21:17:29 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Identities
[2008.07.06 21:12:23 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\InstallShield
[2008.07.07 20:45:16 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Macromedia
[2012.01.13 19:23:03 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Media Center Programs
[2012.01.22 00:09:58 | 000,000,000 | --SD | M] -- C:\Users\griesu\AppData\Roaming\Microsoft
[2008.10.28 17:15:41 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Mozilla
[2008.07.08 18:38:50 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\myphotobook
[2012.01.17 22:42:51 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia
[2010.03.14 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia Ovi Suite
[2010.02.25 17:06:43 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Notepad++
[2012.03.19 21:59:02 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\OpenOffice.org2
[2009.12.28 01:16:07 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\PC Suite
[2009.12.05 00:34:21 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Real
[2011.04.14 18:14:32 | 000,000,000 | RH-D | M] -- C:\Users\griesu\AppData\Roaming\SecuROM
[2011.12.24 01:00:24 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\skypePM
[2009.04.12 21:41:16 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\teamspeak2
[2009.05.08 15:04:02 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\vlc
[2012.02.05 13:58:56 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\ZoomBrowser EX
 
< %APPDATA%\*.exe /s >
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\sleep.exe
[2010.11.19 18:53:16 | 000,094,257 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\Real\RealPlayer\Temp\~Upg0\RNMOREINFO\rnmoreinfo.exe
[2010.02.23 17:41:44 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.03.21 13:39:05 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011.01.23 19:11:50 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.11.18 11:54:05 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.10.23 13:04:58 | 026,533,840 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer_de.exe
[2011.10.23 13:02:48 | 000,676,624 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer_de.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.20 16:17:52 | 000,580,608 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msfeeds.dll
 
<           >

< End of report >

cosinus · 15.04.2012, 15:51

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=1VcF8dWg9I5nQiljIS450880a30?q={searchTerms}
FF - user.js - File not found
[2010.11.07 17:36:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O3 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

justus94 · 16.04.2012, 09:57

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Picasa Media Detector deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Picasa Media Detector not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: griesu
->Temp folder emptied: 9870864 bytes
->Temporary Internet Files folder emptied: 1409704 bytes
->Java cache emptied: 22326 bytes
->FireFox cache emptied: 48695689 bytes
->Google Chrome cache emptied: 359277215 bytes
->Flash cache emptied: 470 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28083999 bytes
RecycleBin emptied: 196938 bytes
 
Total Files Cleaned = 427,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: griesu
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.2 log created on 04162012_105018

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus · 16.04.2012, 11:43

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

justus94 · 16.04.2012, 14:18

Code:

ATTFilter

15:12:21.0293 6040	TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:12:21.0475 6040	============================================================
15:12:21.0475 6040	Current date / time: 2012/04/16 15:12:21.0475
15:12:21.0475 6040	SystemInfo:
15:12:21.0475 6040	
15:12:21.0475 6040	OS Version: 6.0.6002 ServicePack: 2.0
15:12:21.0475 6040	Product type: Workstation
15:12:21.0475 6040	ComputerName: LAP17
15:12:21.0475 6040	UserName: griesu
15:12:21.0475 6040	Windows directory: C:\Windows
15:12:21.0475 6040	System windows directory: C:\Windows
15:12:21.0475 6040	Processor architecture: Intel x86
15:12:21.0475 6040	Number of processors: 2
15:12:21.0475 6040	Page size: 0x1000
15:12:21.0475 6040	Boot type: Normal boot
15:12:21.0475 6040	============================================================
15:12:22.0567 6040	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:12:22.0569 6040	\Device\Harddisk0\DR0:
15:12:22.0570 6040	MBR used
15:12:22.0570 6040	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xE8BD800
15:12:22.0570 6040	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xEBAC000, BlocksNum 0xE61B800
15:12:22.0638 6040	Initialize success
15:12:22.0638 6040	============================================================
15:15:22.0818 4960	============================================================
15:15:22.0818 4960	Scan started
15:15:22.0818 4960	Mode: Manual; SigCheck; TDLFS; 
15:15:22.0818 4960	============================================================
15:15:23.0406 4960	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:15:23.0600 4960	ACPI - ok
15:15:23.0693 4960	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:15:23.0707 4960	AdobeARMservice - ok
15:15:23.0858 4960	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:15:23.0890 4960	adp94xx - ok
15:15:24.0029 4960	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:15:24.0058 4960	adpahci - ok
15:15:24.0154 4960	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:15:24.0177 4960	adpu160m - ok
15:15:24.0197 4960	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:15:24.0222 4960	adpu320 - ok
15:15:24.0305 4960	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:15:24.0413 4960	AeLookupSvc - ok
15:15:24.0547 4960	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:15:24.0596 4960	AFD - ok
15:15:24.0718 4960	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:15:24.0739 4960	agp440 - ok
15:15:24.0844 4960	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:15:24.0866 4960	aic78xx - ok
15:15:24.0909 4960	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:15:25.0020 4960	ALG - ok
15:15:25.0122 4960	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:15:25.0147 4960	aliide - ok
15:15:25.0243 4960	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:15:25.0273 4960	amdagp - ok
15:15:25.0369 4960	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:15:25.0401 4960	amdide - ok
15:15:25.0447 4960	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:15:25.0530 4960	AmdK7 - ok
15:15:25.0609 4960	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:15:25.0657 4960	AmdK8 - ok
15:15:25.0844 4960	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:15:25.0859 4960	AntiVirSchedulerService - ok
15:15:26.0026 4960	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:15:26.0043 4960	AntiVirService - ok
15:15:26.0146 4960	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:15:26.0202 4960	Appinfo - ok
15:15:26.0313 4960	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:15:26.0340 4960	arc - ok
15:15:26.0426 4960	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:15:26.0454 4960	arcsas - ok
15:15:26.0504 4960	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:15:26.0577 4960	AsyncMac - ok
15:15:26.0655 4960	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:15:26.0681 4960	atapi - ok
15:15:26.0774 4960	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:15:26.0843 4960	AudioEndpointBuilder - ok
15:15:26.0858 4960	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:15:26.0914 4960	Audiosrv - ok
15:15:27.0011 4960	avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
15:15:27.0085 4960	avgntflt - ok
15:15:27.0198 4960	avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
15:15:27.0234 4960	avipbb - ok
15:15:27.0305 4960	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
15:15:27.0339 4960	avkmgr - ok
15:15:27.0437 4960	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:15:27.0533 4960	Beep - ok
15:15:27.0614 4960	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:15:27.0677 4960	BFE - ok
15:15:27.0782 4960	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:15:27.0885 4960	BITS - ok
15:15:27.0983 4960	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:15:28.0031 4960	blbdrive - ok
15:15:28.0085 4960	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:15:28.0129 4960	bowser - ok
15:15:28.0218 4960	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:15:28.0272 4960	BrFiltLo - ok
15:15:28.0312 4960	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:15:28.0373 4960	BrFiltUp - ok
15:15:28.0445 4960	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:15:28.0501 4960	Browser - ok
15:15:28.0571 4960	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:15:28.0776 4960	Brserid - ok
15:15:28.0867 4960	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:15:28.0945 4960	BrSerWdm - ok
15:15:28.0984 4960	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:15:29.0073 4960	BrUsbMdm - ok
15:15:29.0157 4960	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:15:29.0230 4960	BrUsbSer - ok
15:15:29.0273 4960	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:15:29.0361 4960	BTHMODEM - ok
15:15:29.0451 4960	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:15:29.0514 4960	cdfs - ok
15:15:29.0575 4960	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:15:29.0620 4960	cdrom - ok
15:15:29.0714 4960	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:15:29.0767 4960	CertPropSvc - ok
15:15:29.0859 4960	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:15:29.0907 4960	circlass - ok
15:15:29.0994 4960	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:15:30.0028 4960	CLFS - ok
15:15:30.0109 4960	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:15:30.0133 4960	clr_optimization_v2.0.50727_32 - ok
15:15:30.0263 4960	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:15:30.0288 4960	clr_optimization_v4.0.30319_32 - ok
15:15:30.0398 4960	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:15:30.0472 4960	CmBatt - ok
15:15:30.0519 4960	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:15:30.0550 4960	cmdide - ok
15:15:30.0623 4960	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:15:30.0654 4960	Compbatt - ok
15:15:30.0670 4960	COMSysApp - ok
15:15:30.0760 4960	ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:15:30.0787 4960	ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
15:15:30.0787 4960	ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
15:15:30.0875 4960	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:15:30.0909 4960	crcdisk - ok
15:15:30.0940 4960	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:15:31.0028 4960	Crusoe - ok
15:15:31.0123 4960	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:15:31.0190 4960	CryptSvc - ok
15:15:31.0261 4960	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:15:31.0354 4960	DcomLaunch - ok
15:15:31.0441 4960	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:15:31.0478 4960	DfsC - ok
15:15:31.0585 4960	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:15:31.0708 4960	DFSR - ok
15:15:31.0825 4960	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:15:31.0870 4960	Dhcp - ok
15:15:31.0914 4960	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:15:31.0936 4960	disk - ok
15:15:32.0016 4960	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:15:32.0062 4960	Dnscache - ok
15:15:32.0131 4960	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:15:32.0176 4960	dot3svc - ok
15:15:32.0246 4960	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:15:32.0296 4960	DPS - ok
15:15:32.0376 4960	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:15:32.0439 4960	drmkaud - ok
15:15:32.0538 4960	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:15:32.0603 4960	DXGKrnl - ok
15:15:32.0708 4960	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:15:32.0789 4960	E1G60 - ok
15:15:32.0837 4960	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:15:32.0917 4960	EapHost - ok
15:15:33.0035 4960	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:15:33.0063 4960	Ecache - ok
15:15:33.0124 4960	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:15:33.0144 4960	ehRecvr - ok
15:15:33.0169 4960	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:15:33.0204 4960	ehSched - ok
15:15:33.0222 4960	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:15:33.0249 4960	ehstart - ok
15:15:33.0334 4960	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:15:33.0362 4960	elxstor - ok
15:15:33.0466 4960	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:15:33.0547 4960	EMDMgmt - ok
15:15:33.0649 4960	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:15:33.0695 4960	ErrDev - ok
15:15:33.0768 4960	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:15:33.0797 4960	EventSystem - ok
15:15:33.0887 4960	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:15:33.0926 4960	exfat - ok
15:15:34.0012 4960	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:15:34.0064 4960	fastfat - ok
15:15:34.0122 4960	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:15:34.0178 4960	fdc - ok
15:15:34.0242 4960	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:15:34.0288 4960	fdPHost - ok
15:15:34.0328 4960	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:15:34.0422 4960	FDResPub - ok
15:15:34.0463 4960	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:15:34.0489 4960	FileInfo - ok
15:15:34.0560 4960	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:15:34.0620 4960	Filetrace - ok
15:15:34.0775 4960	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
15:15:34.0995 4960	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
15:15:34.0995 4960	FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
15:15:35.0092 4960	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:15:35.0174 4960	flpydisk - ok
15:15:35.0232 4960	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:15:35.0271 4960	FltMgr - ok
15:15:35.0383 4960	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:15:35.0449 4960	FontCache - ok
15:15:35.0572 4960	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:15:35.0586 4960	FontCache3.0.0.0 - ok
15:15:35.0644 4960	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:15:35.0686 4960	Fs_Rec - ok
15:15:35.0740 4960	FwLnk           (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
15:15:35.0761 4960	FwLnk - ok
15:15:35.0827 4960	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:15:35.0843 4960	gagp30kx - ok
15:15:35.0958 4960	GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:15:35.0973 4960	GoogleDesktopManager-051210-111108 - ok
15:15:36.0066 4960	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:15:36.0188 4960	gpsvc - ok
15:15:36.0295 4960	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:15:36.0317 4960	gupdate - ok
15:15:36.0330 4960	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:15:36.0350 4960	gupdatem - ok
15:15:36.0462 4960	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:15:36.0592 4960	HdAudAddService - ok
15:15:36.0698 4960	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:15:36.0766 4960	HDAudBus - ok
15:15:36.0849 4960	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:15:36.0962 4960	HidBth - ok
15:15:36.0985 4960	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:15:37.0050 4960	HidIr - ok
15:15:37.0125 4960	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:15:37.0158 4960	hidserv - ok
15:15:37.0211 4960	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:15:37.0236 4960	HidUsb - ok
15:15:37.0301 4960	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:15:37.0346 4960	hkmsvc - ok
15:15:37.0395 4960	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:15:37.0417 4960	HpCISSs - ok
15:15:37.0511 4960	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:15:37.0563 4960	HSFHWAZL - ok
15:15:37.0624 4960	HSF_DPV         (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:15:37.0707 4960	HSF_DPV - ok
15:15:37.0822 4960	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:15:37.0913 4960	HTTP - ok
15:15:38.0009 4960	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:15:38.0033 4960	i2omp - ok
15:15:38.0076 4960	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:15:38.0138 4960	i8042prt - ok
15:15:38.0252 4960	iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
15:15:38.0297 4960	iaStor - ok
15:15:38.0349 4960	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:15:38.0390 4960	iaStorV - ok
15:15:38.0498 4960	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:15:38.0547 4960	idsvc - ok
15:15:38.0673 4960	igfx            (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:15:38.0825 4960	igfx - ok
15:15:38.0911 4960	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:15:38.0931 4960	iirsp - ok
15:15:39.0002 4960	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:15:39.0066 4960	IKEEXT - ok
15:15:39.0216 4960	IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
15:15:39.0333 4960	IntcAzAudAddService - ok
15:15:39.0436 4960	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:15:39.0459 4960	intelide - ok
15:15:39.0514 4960	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:15:39.0565 4960	intelppm - ok
15:15:39.0598 4960	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:15:39.0662 4960	IPBusEnum - ok
15:15:39.0743 4960	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:15:39.0808 4960	IpFilterDriver - ok
15:15:39.0862 4960	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:15:39.0925 4960	iphlpsvc - ok
15:15:40.0021 4960	IpInIp - ok
15:15:40.0101 4960	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:15:40.0164 4960	IPMIDRV - ok
15:15:40.0203 4960	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:15:40.0280 4960	IPNAT - ok
15:15:40.0355 4960	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:15:40.0417 4960	IRENUM - ok
15:15:40.0461 4960	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:15:40.0494 4960	isapnp - ok
15:15:40.0549 4960	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:15:40.0588 4960	iScsiPrt - ok
15:15:40.0656 4960	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:15:40.0687 4960	iteatapi - ok
15:15:40.0725 4960	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:15:40.0755 4960	iteraid - ok
15:15:40.0787 4960	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:15:40.0818 4960	kbdclass - ok
15:15:40.0848 4960	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:15:40.0889 4960	kbdhid - ok
15:15:40.0954 4960	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:41.0000 4960	KeyIso - ok
15:15:41.0054 4960	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:15:41.0085 4960	KSecDD - ok
15:15:41.0181 4960	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:15:41.0287 4960	KtmRm - ok
15:15:41.0364 4960	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:15:41.0388 4960	LanmanServer - ok
15:15:41.0454 4960	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:15:41.0490 4960	LanmanWorkstation - ok
15:15:41.0574 4960	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:15:41.0636 4960	lltdio - ok
15:15:41.0703 4960	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:15:41.0766 4960	lltdsvc - ok
15:15:41.0820 4960	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:15:41.0924 4960	lmhosts - ok
15:15:41.0975 4960	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:15:42.0009 4960	LSI_FC - ok
15:15:42.0080 4960	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:15:42.0115 4960	LSI_SAS - ok
15:15:42.0179 4960	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:15:42.0213 4960	LSI_SCSI - ok
15:15:42.0314 4960	Ltn_stk7070P    (23b55d27a0afb7fe9cbcb20b617cc168) C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys
15:15:42.0400 4960	Ltn_stk7070P - ok
15:15:42.0529 4960	Ltn_stkrc       (1fa7503d019291c027fedae509bc5500) C:\Windows\system32\DRIVERS\Ltn_stkrc.sys
15:15:42.0568 4960	Ltn_stkrc - ok
15:15:42.0618 4960	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:15:42.0695 4960	luafv - ok
15:15:42.0778 4960	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:15:42.0822 4960	Mcx2Svc - ok
15:15:42.0853 4960	mdmxsdk - ok
15:15:42.0925 4960	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:15:42.0942 4960	megasas - ok
15:15:42.0997 4960	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:15:43.0026 4960	MegaSR - ok
15:15:43.0107 4960	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:15:43.0152 4960	MMCSS - ok
15:15:43.0190 4960	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:15:43.0239 4960	Modem - ok
15:15:43.0314 4960	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:15:43.0360 4960	monitor - ok
15:15:43.0398 4960	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:15:43.0414 4960	mouclass - ok
15:15:43.0437 4960	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:15:43.0484 4960	mouhid - ok
15:15:43.0560 4960	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:15:43.0586 4960	MountMgr - ok
15:15:43.0630 4960	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:15:43.0648 4960	mpio - ok
15:15:43.0671 4960	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:15:43.0708 4960	mpsdrv - ok
15:15:43.0781 4960	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:15:43.0833 4960	MpsSvc - ok
15:15:43.0893 4960	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:15:43.0911 4960	Mraid35x - ok
15:15:43.0991 4960	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:15:44.0030 4960	MRxDAV - ok
15:15:44.0080 4960	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:15:44.0123 4960	mrxsmb - ok
15:15:44.0217 4960	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:15:44.0259 4960	mrxsmb10 - ok
15:15:44.0306 4960	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:15:44.0346 4960	mrxsmb20 - ok
15:15:44.0420 4960	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
15:15:44.0445 4960	msahci - ok
15:15:44.0481 4960	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:15:44.0509 4960	msdsm - ok
15:15:44.0552 4960	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:15:44.0616 4960	MSDTC - ok
15:15:44.0704 4960	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:15:44.0759 4960	Msfs - ok
15:15:44.0843 4960	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:15:44.0867 4960	msisadrv - ok
15:15:44.0976 4960	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:15:45.0061 4960	MSiSCSI - ok
15:15:45.0091 4960	msiserver - ok
15:15:45.0178 4960	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:15:45.0254 4960	MSKSSRV - ok
15:15:45.0298 4960	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:15:45.0359 4960	MSPCLOCK - ok
15:15:45.0418 4960	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:15:45.0496 4960	MSPQM - ok
15:15:45.0561 4960	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:15:45.0600 4960	MsRPC - ok
15:15:45.0666 4960	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:15:45.0697 4960	mssmbios - ok
15:15:45.0744 4960	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:15:45.0779 4960	MSTEE - ok
15:15:45.0815 4960	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:15:45.0833 4960	Mup - ok
15:15:45.0867 4960	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:15:45.0908 4960	napagent - ok
15:15:46.0006 4960	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:15:46.0025 4960	NativeWifiP - ok
15:15:46.0080 4960	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:15:46.0135 4960	NDIS - ok
15:15:46.0217 4960	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:15:46.0257 4960	NdisTapi - ok
15:15:46.0290 4960	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:15:46.0327 4960	Ndisuio - ok
15:15:46.0412 4960	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:15:46.0446 4960	NdisWan - ok
15:15:46.0508 4960	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:15:46.0549 4960	NDProxy - ok
15:15:46.0586 4960	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:15:46.0647 4960	NetBIOS - ok
15:15:46.0725 4960	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:15:46.0778 4960	netbt - ok
15:15:46.0821 4960	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:46.0847 4960	Netlogon - ok
15:15:46.0905 4960	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:15:46.0973 4960	Netman - ok
15:15:47.0015 4960	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:15:47.0063 4960	netprofm - ok
15:15:47.0196 4960	NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:47.0213 4960	NetTcpPortSharing - ok
15:15:47.0363 4960	NETw3v32        (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
15:15:47.0640 4960	NETw3v32 - ok
15:15:47.0722 4960	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:15:47.0745 4960	nfrd960 - ok
15:15:47.0791 4960	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:15:47.0843 4960	NlaSvc - ok
15:15:47.0930 4960	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:15:47.0974 4960	Npfs - ok
15:15:48.0003 4960	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:15:48.0060 4960	nsi - ok
15:15:48.0135 4960	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:15:48.0213 4960	nsiproxy - ok
15:15:48.0299 4960	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:15:48.0429 4960	Ntfs - ok
15:15:48.0520 4960	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:15:48.0629 4960	ntrigdigi - ok
15:15:48.0671 4960	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:15:48.0712 4960	Null - ok
15:15:48.0745 4960	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:15:48.0764 4960	nvraid - ok
15:15:48.0836 4960	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:15:48.0853 4960	nvstor - ok
15:15:48.0888 4960	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:15:48.0906 4960	nv_agp - ok
15:15:48.0918 4960	NwlnkFlt - ok
15:15:48.0934 4960	NwlnkFwd - ok
15:15:48.0972 4960	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:15:49.0026 4960	ohci1394 - ok
15:15:49.0130 4960	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:49.0182 4960	p2pimsvc - ok
15:15:49.0230 4960	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:49.0336 4960	p2psvc - ok
15:15:49.0443 4960	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:15:49.0498 4960	Parport - ok
15:15:49.0553 4960	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:15:49.0571 4960	partmgr - ok
15:15:49.0595 4960	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:15:49.0660 4960	Parvdm - ok
15:15:49.0733 4960	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:15:49.0763 4960	PcaSvc - ok
15:15:49.0820 4960	pccsmcfd - ok
15:15:49.0870 4960	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:15:49.0895 4960	pci - ok
15:15:49.0992 4960	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
15:15:50.0011 4960	pciide - ok
15:15:50.0063 4960	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:15:50.0090 4960	pcmcia - ok
15:15:50.0170 4960	PctvVirtualNdis (eedb845b7648d6fd632ddb8744892743) C:\Windows\system32\DRIVERS\PctvVirtualNdis.sys
15:15:50.0227 4960	PctvVirtualNdis - ok
15:15:50.0343 4960	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:15:50.0633 4960	PEAUTH - ok
15:15:50.0782 4960	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:15:50.0916 4960	pla - ok
15:15:51.0003 4960	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:15:51.0034 4960	PlugPlay - ok
15:15:51.0098 4960	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:51.0136 4960	PNRPAutoReg - ok
15:15:51.0160 4960	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:51.0266 4960	PNRPsvc - ok
15:15:51.0372 4960	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:15:51.0468 4960	PolicyAgent - ok
15:15:51.0560 4960	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:15:51.0621 4960	PptpMiniport - ok
15:15:51.0659 4960	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:15:51.0717 4960	Processor - ok
15:15:51.0794 4960	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:15:51.0836 4960	ProfSvc - ok
15:15:51.0876 4960	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:51.0902 4960	ProtectedStorage - ok
15:15:51.0980 4960	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:15:52.0029 4960	PSched - ok
15:15:52.0098 4960	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:15:52.0226 4960	ql2300 - ok
15:15:52.0324 4960	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:15:52.0357 4960	ql40xx - ok
15:15:52.0410 4960	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:15:52.0471 4960	QWAVE - ok
15:15:52.0552 4960	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:15:52.0587 4960	QWAVEdrv - ok
15:15:52.0617 4960	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:15:52.0690 4960	RasAcd - ok
15:15:52.0740 4960	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:15:52.0821 4960	RasAuto - ok
15:15:52.0891 4960	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:15:52.0961 4960	Rasl2tp - ok
15:15:53.0029 4960	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:15:53.0103 4960	RasMan - ok
15:15:53.0183 4960	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:15:53.0248 4960	RasPppoe - ok
15:15:53.0293 4960	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:15:53.0326 4960	RasSstp - ok
15:15:53.0412 4960	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:15:53.0479 4960	rdbss - ok
15:15:53.0522 4960	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:15:53.0597 4960	RDPCDD - ok
15:15:53.0691 4960	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:15:53.0761 4960	rdpdr - ok
15:15:53.0843 4960	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:15:53.0917 4960	RDPENCDD - ok
15:15:53.0980 4960	RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:15:54.0022 4960	RDPWD - ok
15:15:54.0101 4960	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:15:54.0133 4960	RemoteAccess - ok
15:15:54.0185 4960	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:15:54.0212 4960	RemoteRegistry - ok
15:15:54.0277 4960	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:15:54.0305 4960	RpcLocator - ok
15:15:54.0369 4960	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:15:54.0413 4960	RpcSs - ok
15:15:54.0486 4960	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:15:54.0533 4960	rspndr - ok
15:15:54.0582 4960	RTL8169         (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
15:15:54.0628 4960	RTL8169 - ok
15:15:54.0746 4960	RTL8187B        (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
15:15:54.0791 4960	RTL8187B - ok
15:15:54.0865 4960	RtlProt         (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
15:15:54.0884 4960	RtlProt - ok
15:15:54.0953 4960	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:54.0976 4960	SamSs - ok
15:15:55.0075 4960	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:15:55.0095 4960	sbp2port - ok
15:15:55.0191 4960	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:15:55.0233 4960	SCardSvr - ok
15:15:55.0331 4960	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:15:55.0394 4960	Schedule - ok
15:15:55.0501 4960	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:15:55.0558 4960	SCPolicySvc - ok
15:15:55.0620 4960	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:15:55.0664 4960	SDRSVC - ok
15:15:55.0745 4960	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:15:55.0806 4960	secdrv - ok
15:15:55.0849 4960	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:15:55.0881 4960	seclogon - ok
15:15:55.0946 4960	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:15:55.0995 4960	SENS - ok
15:15:56.0045 4960	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:15:56.0097 4960	Serenum - ok
15:15:56.0162 4960	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:15:56.0224 4960	Serial - ok
15:15:56.0264 4960	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:15:56.0296 4960	sermouse - ok
15:15:56.0342 4960	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:15:56.0375 4960	SessionEnv - ok
15:15:56.0447 4960	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:15:56.0478 4960	sffdisk - ok
15:15:56.0509 4960	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:15:56.0548 4960	sffp_mmc - ok
15:15:56.0561 4960	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:15:56.0606 4960	sffp_sd - ok
15:15:56.0679 4960	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:15:56.0743 4960	sfloppy - ok
15:15:56.0791 4960	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:15:56.0835 4960	SharedAccess - ok
15:15:56.0910 4960	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:15:56.0931 4960	ShellHWDetection - ok
15:15:56.0983 4960	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:15:57.0004 4960	sisagp - ok
15:15:57.0022 4960	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:15:57.0045 4960	SiSRaid2 - ok
15:15:57.0063 4960	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:15:57.0085 4960	SiSRaid4 - ok
15:15:57.0258 4960	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:15:57.0516 4960	slsvc - ok
15:15:57.0624 4960	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:15:57.0678 4960	SLUINotify - ok
15:15:57.0739 4960	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:15:57.0794 4960	Smb - ok
15:15:57.0867 4960	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:15:57.0893 4960	SNMPTRAP - ok
15:15:57.0950 4960	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:15:57.0975 4960	spldr - ok
15:15:58.0024 4960	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:15:58.0065 4960	Spooler - ok
15:15:58.0151 4960	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:15:58.0199 4960	srv - ok
15:15:58.0251 4960	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:15:58.0310 4960	srv2 - ok
15:15:58.0400 4960	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:15:58.0434 4960	srvnet - ok
15:15:58.0476 4960	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:15:58.0523 4960	SSDPSRV - ok
15:15:58.0610 4960	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
15:15:58.0622 4960	ssmdrv - ok
15:15:58.0681 4960	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:15:58.0716 4960	SstpSvc - ok
15:15:58.0797 4960	StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
15:15:58.0839 4960	StillCam - ok
15:15:58.0920 4960	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:15:58.0960 4960	stisvc - ok
15:15:59.0045 4960	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:15:59.0069 4960	swenum - ok
15:15:59.0140 4960	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:15:59.0198 4960	swprv - ok
15:15:59.0268 4960	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:15:59.0302 4960	Symc8xx - ok
15:15:59.0337 4960	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:15:59.0361 4960	Sym_hi - ok
15:15:59.0391 4960	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:15:59.0406 4960	Sym_u3 - ok
15:15:59.0439 4960	SynTP           (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
15:15:59.0458 4960	SynTP - ok
15:15:59.0541 4960	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:15:59.0604 4960	SysMain - ok
15:15:59.0673 4960	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:15:59.0706 4960	TabletInputService - ok
15:15:59.0769 4960	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:15:59.0815 4960	TapiSrv - ok
15:15:59.0895 4960	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:15:59.0966 4960	TBS - ok
15:16:00.0104 4960	Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
15:16:00.0190 4960	Tcpip - ok
15:16:00.0372 4960	Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
15:16:00.0517 4960	Tcpip6 - ok
15:16:00.0618 4960	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
15:16:00.0654 4960	tcpipreg - ok
15:16:00.0696 4960	tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:16:00.0741 4960	tdcmdpst - ok
15:16:00.0781 4960	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:16:00.0813 4960	TDPIPE - ok
15:16:00.0888 4960	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:16:00.0926 4960	TDTCP - ok
15:16:00.0973 4960	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:16:00.0999 4960	tdx - ok
15:16:01.0071 4960	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:16:01.0088 4960	TermDD - ok
15:16:01.0148 4960	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:16:01.0220 4960	TermService - ok
15:16:01.0299 4960	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:16:01.0328 4960	Themes - ok
15:16:01.0373 4960	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:16:01.0414 4960	THREADORDER - ok
15:16:01.0469 4960	TODDSrv         (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
15:16:01.0494 4960	TODDSrv - ok
15:16:01.0618 4960	TosCoSrv        (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:16:01.0680 4960	TosCoSrv - ok
15:16:01.0727 4960	TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
15:16:01.0767 4960	TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0767 4960	TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
15:16:01.0870 4960	tos_sps32       (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
15:16:01.0900 4960	tos_sps32 - ok
15:16:01.0969 4960	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:16:02.0002 4960	TrkWks - ok
15:16:02.0076 4960	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:16:02.0113 4960	TrustedInstaller - ok
15:16:02.0161 4960	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:16:02.0216 4960	tssecsrv - ok
15:16:02.0287 4960	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:16:02.0322 4960	tunmp - ok
15:16:02.0374 4960	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:16:02.0396 4960	tunnel - ok
15:16:02.0473 4960	TVALZ           (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:16:02.0495 4960	TVALZ - ok
15:16:02.0543 4960	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:16:02.0569 4960	uagp35 - ok
15:16:02.0617 4960	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:16:02.0660 4960	udfs - ok
15:16:02.0724 4960	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:16:02.0788 4960	UI0Detect - ok
15:16:02.0854 4960	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:16:02.0887 4960	uliagpkx - ok
15:16:02.0970 4960	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:16:03.0012 4960	uliahci - ok
15:16:03.0104 4960	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:16:03.0137 4960	UlSata - ok
15:16:03.0170 4960	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:16:03.0204 4960	ulsata2 - ok
15:16:03.0228 4960	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:16:03.0297 4960	umbus - ok
15:16:03.0371 4960	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:16:03.0408 4960	upnphost - ok
15:16:03.0452 4960	upperdev - ok
15:16:03.0491 4960	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:16:03.0519 4960	usbccgp - ok
15:16:03.0591 4960	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:16:03.0661 4960	usbcir - ok
15:16:03.0722 4960	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:16:03.0752 4960	usbehci - ok
15:16:03.0839 4960	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:16:03.0879 4960	usbhub - ok
15:16:03.0921 4960	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:16:03.0973 4960	usbohci - ok
15:16:04.0067 4960	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:16:04.0098 4960	usbprint - ok
15:16:04.0141 4960	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:16:04.0177 4960	USBSTOR - ok
15:16:04.0248 4960	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:16:04.0281 4960	usbuhci - ok
15:16:04.0319 4960	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:16:04.0359 4960	usbvideo - ok
15:16:04.0437 4960	UVCFTR          (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
15:16:04.0457 4960	UVCFTR - ok
15:16:04.0506 4960	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:16:04.0533 4960	UxSms - ok
15:16:04.0617 4960	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:16:04.0655 4960	vds - ok
15:16:04.0715 4960	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:16:04.0761 4960	vga - ok
15:16:04.0841 4960	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:16:04.0894 4960	VgaSave - ok
15:16:04.0995 4960	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:16:05.0015 4960	viaagp - ok
15:16:05.0100 4960	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:16:05.0148 4960	ViaC7 - ok
15:16:05.0179 4960	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:16:05.0202 4960	viaide - ok
15:16:05.0235 4960	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:16:05.0260 4960	volmgr - ok
15:16:05.0335 4960	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:16:05.0371 4960	volmgrx - ok
15:16:05.0457 4960	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:16:05.0491 4960	volsnap - ok
15:16:05.0586 4960	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:16:05.0622 4960	vsmraid - ok
15:16:05.0729 4960	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:16:05.0898 4960	VSS - ok
15:16:05.0985 4960	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:16:06.0046 4960	W32Time - ok
15:16:06.0108 4960	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:16:06.0223 4960	WacomPen - ok
15:16:06.0312 4960	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:16:06.0339 4960	Wanarp - ok
15:16:06.0346 4960	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:16:06.0374 4960	Wanarpv6 - ok
15:16:06.0430 4960	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:16:06.0470 4960	wcncsvc - ok
15:16:06.0544 4960	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:16:06.0572 4960	WcsPlugInService - ok
15:16:06.0624 4960	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:16:06.0640 4960	Wd - ok
15:16:06.0681 4960	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:16:06.0714 4960	Wdf01000 - ok
15:16:06.0768 4960	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:16:06.0820 4960	WdiServiceHost - ok
15:16:06.0829 4960	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:16:06.0863 4960	WdiSystemHost - ok
15:16:06.0927 4960	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:16:06.0984 4960	WebClient - ok
15:16:07.0055 4960	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:16:07.0081 4960	Wecsvc - ok
15:16:07.0136 4960	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:16:07.0180 4960	wercplsupport - ok
15:16:07.0256 4960	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:16:07.0291 4960	WerSvc - ok
15:16:07.0382 4960	winachsf        (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:16:07.0452 4960	winachsf - ok
15:16:07.0529 4960	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:16:07.0559 4960	WinDefend - ok
15:16:07.0574 4960	WinHttpAutoProxySvc - ok
15:16:07.0670 4960	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:16:07.0723 4960	Winmgmt - ok
15:16:07.0833 4960	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:16:07.0941 4960	WinRM - ok
15:16:08.0063 4960	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:16:08.0114 4960	Wlansvc - ok
15:16:08.0169 4960	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
15:16:08.0204 4960	WmiAcpi - ok
15:16:08.0302 4960	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:16:08.0344 4960	wmiApSrv - ok
15:16:08.0441 4960	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:16:08.0485 4960	WMPNetworkSvc - ok
15:16:08.0576 4960	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:16:08.0603 4960	WPCSvc - ok
15:16:08.0661 4960	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:16:08.0694 4960	WPDBusEnum - ok
15:16:08.0786 4960	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:16:08.0804 4960	WpdUsb - ok
15:16:08.0938 4960	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:16:08.0976 4960	WPFFontCache_v0400 - ok
15:16:09.0061 4960	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:16:09.0116 4960	ws2ifsl - ok
15:16:09.0147 4960	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:16:09.0181 4960	wscsvc - ok
15:16:09.0235 4960	WSearch - ok
15:16:09.0396 4960	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:16:09.0516 4960	wuauserv - ok
15:16:09.0606 4960	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:09.0666 4960	WUDFRd - ok
15:16:09.0717 4960	wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:16:09.0787 4960	wudfsvc - ok
15:16:09.0830 4960	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:16:10.0034 4960	\Device\Harddisk0\DR0 - ok
15:16:10.0038 4960	Boot (0x1200)   (02586d450b783f03b25ee3d1b0148d07) \Device\Harddisk0\DR0\Partition0
15:16:10.0040 4960	\Device\Harddisk0\DR0\Partition0 - ok
15:16:10.0065 4960	Boot (0x1200)   (42276976273fce3778fb37a415ca0f6e) \Device\Harddisk0\DR0\Partition1
15:16:10.0066 4960	\Device\Harddisk0\DR0\Partition1 - ok
15:16:10.0067 4960	============================================================
15:16:10.0068 4960	Scan finished
15:16:10.0068 4960	============================================================
15:16:10.0084 6072	Detected object count: 3
15:16:10.0084 6072	Actual detected object count: 3
15:16:50.0157 6072	ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:50.0157 6072	ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:16:50.0158 6072	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:50.0158 6072	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:16:50.0164 6072	TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:50.0164 6072	TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

09.04.2012, 19:31	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden." Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung? Abgesicherter Modus zur Bereinigung Windows mit F8-Taste beim Start in den abgesicherten Modus bringen. Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern: __________________ __________________

11.04.2012, 18:43	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden." ESET hast du wahrscheinlich falsch falsch gemacht, da gab es extra einen dicken Hinweis zu Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen __________________ --> Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden."

12.04.2012, 21:22	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden." Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden."

Log-Analyse und Auswertung: Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden."