| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner verschickt Emails über Yahoo-AccountWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
10.06.2012, 11:17
| #1 |
 |  Trojaner verschickt Emails über Yahoo-Account Hallo, auch mein Rechner hat nun über meinen Yahoo-Account Emails an Leute aus meinem Adressbuch versendet. Antivir hatte folgendes gefunden: In der Datei 'C:\Users\Mira Bellenbaum\AppData\Local\Temp\0.9636606201283792golda.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.ZBot.digx' [trojan] gefunden. Ausgeführte Aktion: Datei in Quarantäne verschieben Anschließend habe ich dieses Forum entdeckt und bin nach der Anleitung vorgegangen. Ich habe die erzeugten Dateien angehangen. Hoffentlich habe ich alles richtig gemacht? Was muss ich jetzt tun? Viele Grüße, Thomas |
|
12.06.2012, 14:37
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner verschickt Emails über Yahoo-Account Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
19.06.2012, 05:56
| #3 |
| | Trojaner verschickt Emails über Yahoo-Account 2012/06/19 06:40:35 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection
__________________2012/06/19 06:40:38 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully 2012/06/19 06:40:41 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection 2012/06/19 06:40:46 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully 012/06/18 22:49:01 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting database refresh 2012/06/18 22:49:01 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Stopping IP protection 2012/06/18 22:49:11 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection stopped 2012/06/18 22:49:32 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Database refreshed successfully 2012/06/18 22:49:32 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection 2012/06/18 22:49:38 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully 2012/06/14 03:39:32 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection 2012/06/14 03:39:36 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully 2012/06/14 03:39:39 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection 2012/06/14 03:39:44 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully 2012/06/12 18:47:12 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Executing scheduled update: Daily 2012/06/12 18:47:14 +0200 MZ-BOYZ-PC Mira Bellenbaum ERROR Scheduled update failed: Host not found failed with error code 0 2012/06/10 09:00:48 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection 2012/06/10 09:00:48 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Executing scheduled update: Daily 2012/06/10 09:00:50 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Database already up-to-date 2012/06/10 09:00:51 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully 2012/06/10 09:00:54 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection 2012/06/10 09:00:59 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully 2012/06/10 11:18:05 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Stopping IP protection 2012/06/10 11:18:12 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection stopped 2012/06/10 11:39:08 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting protection 2012/06/10 11:39:16 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Protection started successfully 2012/06/10 11:39:19 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE Starting IP protection 2012/06/10 11:39:26 +0200 MZ-BOYZ-PC Mira Bellenbaum MESSAGE IP Protection started successfully |
|
19.06.2012, 08:33
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Emails über Yahoo-Account Das ist kein Vollscan-Log!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.06.2012, 17:57
| #5 |
| | Trojaner verschickt Emails über Yahoo-Account Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.18.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19272 Mira Bellenbaum :: MZ-BOYZ-PC [Administrator] Schutz: Aktiviert 19.06.2012 18:59:16 mbam-log-2012-06-19 (18-59-16).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 245645 Laufzeit: 15 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Geändert von Thomaz (19.06.2012 um 18:19 Uhr) |
|
19.06.2012, 22:57
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Emails über Yahoo-AccountZitat:
__________________ --> Trojaner verschickt Emails über Yahoo-Account |
|
21.06.2012, 00:08
| #7 |
| | Trojaner verschickt Emails über Yahoo-Account Sorry! Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.06.18.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19272 Mira Bellenbaum :: MZ-BOYZ-PC [Administrator] Schutz: Aktiviert 20.06.2012 18:20:54 mbam-log-2012-06-20 (18-20-54).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 448326 Laufzeit: 2 Stunde(n), 19 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1ba6859371d8db448706af4ecf173948
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-21 01:54:12
# local_time=2012-06-21 03:54:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 153418 115752915 0 0
# compatibility_mode=5892 16776573 100 100 25492 177766780 0 0
# compatibility_mode=8192 67108863 100 0 203 203 0 0
# scanned=262014
# found=5
# cleaned=0
# scan_time=9643
C:\$RECYCLE.BIN\S-1-5-21-1464321324-2098860524-3849462411-1000\$R9P99UY.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\$RECYCLE.BIN\S-1-5-21-1464321324-2098860524-3849462411-1000\$REPWZL1.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
C:\$RECYCLE.BIN\S-1-5-21-1464321324-2098860524-3849462411-1000\$RX6HL9P.exe a variant of Win32/SlowPCfighter application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Mira Bellenbaum\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\469c32a2-5dccc19c Java/Agent.EA trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Mira Bellenbaum\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\31c85909-494b9128 Java/Exploit.CVE-2011-3544.T trojan (unable to clean) 00000000000000000000000000000000 I
Geändert von Thomaz (21.06.2012 um 00:17 Uhr) |
|
21.06.2012, 11:53
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Emails über Yahoo-Account Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.06.2012, 18:37
| #9 |
| | Trojaner verschickt Emails über Yahoo-AccountCode:
ATTFilter OTL logfile created on: 21.06.2012 19:08:54 - Run 2 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\Mira Bellenbaum\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,60 Gb Available Physical Memory | 30,21% Memory free 4,21 Gb Paging File | 2,52 Gb Available in Paging File | 59,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 93,08 Gb Total Space | 18,19 Gb Free Space | 19,54% Space Free | Partition Type: NTFS Drive E: | 91,76 Gb Total Space | 54,74 Gb Free Space | 59,65% Space Free | Partition Type: NTFS Computer Name: MZ-BOYZ-PC | User Name: Mira Bellenbaum | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.21 19:04:54 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Mira Bellenbaum\Desktop\OTL.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ubd.exe PRC - [2011.10.03 10:14:06 | 001,409,384 | ---- | M] (Garmin) -- C:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe PRC - [2010.09.15 11:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe PRC - [2010.08.23 17:58:06 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.05 12:26:34 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.06.11 08:47:30 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.02 12:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2008.08.03 09:35:52 | 001,281,536 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Programme\Hardcopy\hardcopy.exe PRC - [2008.03.17 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2008.01.29 19:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.01.29 16:00:40 | 000,430,080 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2008.01.25 13:33:50 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe PRC - [2008.01.22 14:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008.01.21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.21 04:32:50 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2008.01.17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2008.01.09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2007.12.25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007.11.19 04:19:36 | 000,128,352 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [1999.09.30 22:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Programme\PrintKey2000\Printkey2000.exe ========== Modules (No Company Name) ========== MOD - [2012.06.14 03:43:58 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8ad39a1c48ba36b5210abe02ef03bc2a\System.Messaging.ni.dll MOD - [2012.06.14 03:43:46 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll MOD - [2012.06.14 03:41:22 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll MOD - [2012.06.14 03:41:07 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll MOD - [2012.06.14 03:15:02 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll MOD - [2012.06.14 03:07:48 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll MOD - [2012.06.14 03:07:28 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll MOD - [2012.06.14 03:07:12 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll MOD - [2012.06.14 03:07:09 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll MOD - [2012.05.10 03:47:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll MOD - [2012.05.10 03:45:59 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll MOD - [2012.05.10 03:43:52 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll MOD - [2012.05.10 03:43:41 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll MOD - [2012.05.10 03:17:40 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll MOD - [2012.05.10 03:17:40 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll MOD - [2012.05.10 03:14:51 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll MOD - [2012.05.10 03:09:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll MOD - [2012.05.10 03:09:13 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll MOD - [2012.05.10 03:09:01 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll MOD - [2012.05.10 03:08:52 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.08.14 17:16:12 | 000,034,816 | ---- | M] () -- C:\Programme\Google\Google Desktop Search\gzlib.dll MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.08.03 09:32:49 | 000,441,344 | ---- | M] () -- C:\Programme\Hardcopy\HcDllS.dll MOD - [2008.08.02 12:02:45 | 000,057,344 | ---- | M] () -- C:\Programme\Hardcopy\HcDLL2_23_Win32.dll MOD - [2008.02.02 23:08:12 | 001,722,368 | ---- | M] () -- C:\Programme\TUGZip\Plugins\TzArchive10.tgp MOD - [2008.01.29 16:00:40 | 000,430,080 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe MOD - [2007.12.25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll MOD - [2007.12.14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll MOD - [2007.12.14 21:28:38 | 004,726,784 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\BlackPng.dll MOD - [2007.09.13 15:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll MOD - [2007.03.12 23:34:20 | 000,162,304 | ---- | M] () -- C:\Windows\System32\ztvunrar36.dll MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- c:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll MOD - [2006.05.14 13:03:54 | 000,655,360 | ---- | M] () -- C:\Programme\TUGZip\TzShell.dll MOD - [2005.02.17 23:15:22 | 000,077,824 | ---- | M] () -- C:\Programme\TUGZip\Plugins\TzImage10.tgp MOD - [2003.11.20 13:18:06 | 000,045,056 | ---- | M] () -- C:\Programme\Hardcopy\hardcopy.dll ========== Win32 Services (SafeList) ========== SRV - [2012.06.16 12:45:33 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.05.05 07:43:28 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.08.05 12:26:34 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.06.11 08:47:30 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008.01.21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.21 04:32:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008.01.21 04:32:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010.07.30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010.07.30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010.07.30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010.07.30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009.12.08 19:49:19 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.06.11 08:47:31 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.06.11 08:47:31 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.05.13 18:20:09 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV06.sys -- (ACEDRV06) DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.03.17 12:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.01.21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) DRV - [2008.01.21 04:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007.12.28 20:21:54 | 000,104,448 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.12.26 11:20:32 | 000,290,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B) DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007.10.17 23:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007.04.23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt) DRV - [2006.11.20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [1999.04.22 05:38:00 | 000,073,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SENTINEL.SYS -- (Sentinel) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes,DefaultScope = {A6FA2E86-5740-4C25-8C83-F8F3303CF6FE} IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=YYYYYYYYDE&apn_uid=C002A827-A03D-4C7C-BDC7-F7BB64193C52&apn_sauid=4EC71F60-5206-4708-A4C9-03B898AAF5E1 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}: "URL" = hxxp://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=ykK0_xUh6saWFErEbG2RIAq1upk?q={searchTerms} IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Mira Bellenbaum\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.16 12:45:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.20 00:24:16 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.16 12:45:34 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.20 00:24:16 | 000,000,000 | ---D | M] [2008.07.07 21:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Extensions [2012.06.02 12:29:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions [2011.08.27 07:40:08 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2010.05.11 22:17:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.05.18 15:47:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.06.02 12:29:52 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.01.01 15:17:48 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.05.21 18:49:55 | 000,000,000 | ---D | M] (ST-de3 Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2011.03.28 14:39:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\engine@conduit.com [2011.03.27 04:06:01 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com [2012.01.16 08:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.09.27 21:33:10 | 000,000,000 | ---D | M] (VMLoad) -- C:\Programme\Mozilla Firefox\extensions\{464F169E-ACE1-4C5F-A778-A433A3DABBAE} [2009.02.19 09:56:33 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF} [2012.06.16 12:45:34 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.07.19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2006.07.31 17:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll [2011.10.01 07:26:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.01 07:26:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.01 07:26:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.10.01 07:26:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.01 07:26:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.01 07:26:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>) O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll () O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.) O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin) O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll () O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll () O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [Garmin Lifetime Updater] C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin) O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe () O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Mira Bellenbaum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann) O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube Download - C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin) O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} hxxp://picasaweb.google.com/s/v/70.22/uploader2.cab (UploadListView Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7ECD9FB-FEC1-4A64-944D-B6FEC246F950}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007.11.14 13:31:04 | 000,101,888 | ---- | M] (Destinator Technologies, Inc.) - C:\autorunce.exe -- [ NTFS ] O32 - AutoRun File - [2007.12.03 14:10:36 | 000,005,360 | ---- | M] () - C:\Autorunce.ini -- [ NTFS ] O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL () Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.21 19:05:34 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Mira Bellenbaum\Desktop\OTL.exe [2012.06.21 01:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.06.19 06:57:50 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Mira Bellenbaum\Desktop\esetsmartinstaller_enu.exe [2012.06.10 08:59:43 | 000,000,000 | ---D | C] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Malwarebytes [2012.06.10 08:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.10 08:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.10 08:59:27 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.06.10 08:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.06.10 08:42:16 | 000,000,000 | ---D | C] -- C:\Users\Mira Bellenbaum\Desktop\Geile BMW [2012.06.09 10:28:50 | 000,000,000 | ---D | C] -- C:\Users\Mira Bellenbaum\Desktop\Fotos 06-2012 [2012.06.03 10:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.06.03 10:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.06.03 10:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.21 19:04:54 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Mira Bellenbaum\Desktop\OTL.exe [2012.06.21 19:00:58 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.21 18:58:51 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.21 18:58:47 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Mira Bellenbaum-Startup.job [2012.06.21 18:58:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.21 18:58:38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.21 18:58:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.21 18:58:24 | 2136,961,024 | -HS- | M] () -- C:\hiberfil.sys [2012.06.21 06:48:50 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.19 06:57:55 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Mira Bellenbaum\Desktop\esetsmartinstaller_enu.exe [2012.06.16 18:11:39 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.06.16 18:11:39 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.06.16 18:11:39 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.06.16 18:11:39 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.06.14 03:35:57 | 000,352,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.06.10 11:19:27 | 000,302,592 | ---- | M] () -- C:\Users\Mira Bellenbaum\Desktop\ewf2e5g9.exe [2012.06.10 10:43:52 | 000,000,000 | ---- | M] () -- C:\Users\Mira Bellenbaum\defogger_reenable [2012.06.10 08:59:29 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.03 10:19:56 | 000,039,436 | ---- | M] () -- C:\Users\Mira Bellenbaum\Desktop\Gummikuh00.jpg [2012.06.03 10:03:26 | 000,001,669 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.10 11:19:23 | 000,302,592 | ---- | C] () -- C:\Users\Mira Bellenbaum\Desktop\ewf2e5g9.exe [2012.06.10 10:43:52 | 000,000,000 | ---- | C] () -- C:\Users\Mira Bellenbaum\defogger_reenable [2012.06.10 08:59:29 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.03 11:23:16 | 000,039,436 | ---- | C] () -- C:\Users\Mira Bellenbaum\Desktop\Gummikuh00.jpg [2012.06.03 10:03:26 | 000,001,669 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.12.28 06:02:54 | 000,000,000 | ---- | C] () -- C:\Users\Mira Bellenbaum\AppData\Local\{5488039B-A1FF-4A15-88B1-757693C6EACE} [2010.10.23 16:22:22 | 000,073,216 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS [2010.10.23 16:22:22 | 000,047,616 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL [2010.10.23 16:22:22 | 000,017,920 | ---- | C] () -- C:\Windows\System32\RNBOVDD.DLL ========== LOP Check ========== [2012.02.14 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib [2010.02.22 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Buhl Data Service [2009.01.22 11:49:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Canon [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DesktopSMS [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Destinator [2011.01.01 15:17:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoft [2011.01.01 15:17:45 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers [2011.08.27 23:20:47 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\GARMIN [2009.03.24 18:21:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Haufe [2010.09.27 20:55:23 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Iggels [2010.09.27 22:19:44 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\IN-MEDIAKG [2010.12.30 18:35:07 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin [2009.03.12 04:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Lexware [2010.09.27 22:20:03 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\mresreg [2008.09.24 15:08:33 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook [2011.07.14 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Nokia [2009.06.06 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PasswordSafe [2011.07.24 09:37:54 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PC Suite [2010.10.23 10:29:49 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\RibbonSoft [2010.05.10 22:41:36 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\streamripper [2011.09.20 20:32:06 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Teleca [2008.11.04 21:12:29 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Template [2008.09.24 15:02:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Toshiba [2010.08.21 15:02:30 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Uniblue [2010.10.15 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad [2012.02.08 20:29:39 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh [2012.06.21 07:05:45 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.06.21 18:58:47 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Mira Bellenbaum-Startup.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2008.10.07 23:24:25 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Adobe [2012.02.14 20:15:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib [2012.04.26 21:04:18 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Apple Computer [2010.02.22 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Buhl Data Service [2009.01.22 11:49:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Canon [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DesktopSMS [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Destinator [2011.01.01 15:17:04 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoft [2011.01.01 15:17:45 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\DVDVideoSoftIEHelpers [2011.08.27 23:20:47 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\GARMIN [2010.01.22 19:20:55 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Google [2009.03.24 18:21:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Haufe [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Identities [2010.09.27 20:55:23 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Iggels [2010.09.27 22:19:44 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\IN-MEDIAKG [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\InstallShield [2010.12.30 18:35:07 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin [2009.03.12 04:12:19 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Lexware [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Macromedia [2012.06.10 08:59:43 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Malwarebytes [2012.01.09 22:52:56 | 000,000,000 | --SD | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Microsoft [2008.09.24 15:02:17 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Mozilla [2010.09.27 22:20:03 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\mresreg [2008.09.24 15:08:33 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook [2011.07.14 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Nokia [2012.04.15 22:40:26 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\OpenOffice.org2 [2009.06.06 22:22:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PasswordSafe [2011.07.24 09:37:54 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\PC Suite [2010.10.23 10:29:49 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\RibbonSoft [2011.06.11 12:39:10 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Sony Ericsson [2010.05.10 22:41:36 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\streamripper [2011.09.20 20:32:06 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Teleca [2008.11.04 21:12:29 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Template [2008.09.24 15:02:14 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Toshiba [2010.08.21 15:02:30 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Uniblue [2012.01.13 23:22:49 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\vlc [2010.10.15 03:04:28 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad [2012.02.08 20:29:39 | 000,000,000 | ---D | M] -- C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh < %APPDATA%\*.exe /s > [2010.12.03 22:55:02 | 000,752,688 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin\kikin_updater_2.4.15.exe [2010.12.30 18:35:14 | 001,166,568 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\kikin\kikin_updater_2.9.1.exe [2009.02.19 09:56:37 | 000,086,016 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Mira Bellenbaum\AppData\Roaming\Microsoft\Installer\{F48AAE0F-52F4-11DD-B1F7-0050560400B1}\ARPPRODUCTICON.exe [2011.03.21 21:07:33 | 003,325,832 | ---- | M] (Ask) -- C:\Users\Mira Bellenbaum\AppData\Roaming\Mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe [2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\localVista.exe [2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\localXP.exe [2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\shellExecute.exe [2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\Mira Bellenbaum\AppData\Roaming\myphotobook\xtras\sleep.exe < %SYSTEMDRIVE%\*.exe > [2007.11.14 13:31:04 | 000,101,888 | ---- | M] (Destinator Technologies, Inc.) -- C:\autorunce.exe < MD5 for: AGP440.SYS > [2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:34:02 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:34:35 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
|
21.06.2012, 19:42
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Emails über Yahoo-Account Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes,DefaultScope = {A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=RY&apn_dtid=YYYYYYYYDE&apn_uid=C002A827-A03D-4C7C-BDC7-F7BB64193C52&apn_sauid=4EC71F60-5206-4708-A4C9-03B898AAF5E1
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}: "URL" = http://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=ykK0_xUh6saWFErEbG2RIAq1upk?q={searchTerms}
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
[2010.05.11 22:17:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.18 15:47:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.06.02 12:29:52 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.01.01 15:17:48 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.21 18:49:55 | 000,000,000 | ---D | M] (ST-de3 Community Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.28 14:39:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\engine@conduit.com
[2011.03.27 04:06:01 | 000,000,000 | ---D | M] (PandoraTV Toolbar) -- C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad\addin\VMLoad.dll (TODO: <Company name>)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKU\S-1-5-21-1464321324-2098860524-3849462411-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.11.14 13:31:04 | 000,101,888 | ---- | M] (Destinator Technologies, Inc.) - C:\autorunce.exe -- [ NTFS ]
O32 - AutoRun File - [2007.12.03 14:10:36 | 000,005,360 | ---- | M] () - C:\Autorunce.ini -- [ NTFS ]
O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun
O33 - MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell - "" = AutoRun
O33 - MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\Shell\AutoRun\command - "" = D:\AutoRun.exe
:Files
C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib
C:\Users\Mira Bellenbaum\AppData\Roaming\kikin
C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.06.2012, 20:48
| #11 |
| | Trojaner verschickt Emails über Yahoo-Account Während dem Fixen ist OTL abgeschmiert ("OTL funktioniert nicht mehr"). Danach wurde der Rechner neu gestartet und ist zunächst nicht mehr hochgefahren. Nach ewigem Warten hat es dann doch noch funktioniert. Dann war folgendes in einem neuen Fenster zu lesen: Code:
ATTFilter Files\Folders moved on Reboot...
C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com folder moved successfully.
Registry entries deleted on Reboot...
|
|
21.06.2012, 21:09
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Emails über Yahoo-Account Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus. Wiederhol den Fix da dann bitte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.06.2012, 21:37
| #13 |
| | Trojaner verschickt Emails über Yahoo-AccountCode:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\tbsoft.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1464321324-2098860524-3849462411-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\tbsoft.dll not found.
HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FA2E86-5740-4C25-8C83-F8F3303CF6FE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\engine@conduit.com\ not found.
Folder C:\Users\Mira Bellenbaum\AppData\Roaming\mozilla\Firefox\Profiles\nptgehl2.default\extensions\toolbar@ask.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C17C7688-31D1-46D7-8C9B-5D253E4F5D5E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C17C7688-31D1-46D7-8C9B-5D253E4F5D5E}\ not found.
File C:\Users\Mira Bellenbaum\AppData\Roaming\VMLoad\addin\VMLoad.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}\ not found.
File C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Programme\softonic-de3\tbsoft.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
File C:\Programme\kikin\ie_kikin.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
File C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
File C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Programme\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
File de3\tbsoft.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1464321324-2098860524-3849462411-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryBooster not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
File C:\autorunce.exe not found.
File C:\Autorunce.ini not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72a0-e0f3-11dd-9312-001e33427d65}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d53b72c8-e0f3-11dd-9312-001e33427d65}\ not found.
File D:\AutoRun.exe not found.
========== FILES ==========
File\Folder C:\Users\Mira Bellenbaum\AppData\Roaming\Ahussib not found.
File\Folder C:\Users\Mira Bellenbaum\AppData\Roaming\kikin not found.
File\Folder C:\Users\Mira Bellenbaum\AppData\Roaming\Yxmeh not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Mira Bellenbaum
->Temp folder emptied: 77868 bytes
->Temporary Internet Files folder emptied: 483700394 bytes
->Java cache emptied: 11525729 bytes
->FireFox cache emptied: 259165194 bytes
->Flash cache emptied: 133655 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 893100589 bytes
RecycleBin emptied: 3620427724 bytes
Total Files Cleaned = 5.024,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Mira Bellenbaum
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.50.0 log created on 06212012_222717
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
22.06.2012, 08:59
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner verschickt Emails über Yahoo-Account Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.06.2012, 09:19
| #15 |
| | Trojaner verschickt Emails über Yahoo-AccountCode:
ATTFilter 10:14:06.0052 6132 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
10:14:06.0215 6132 ============================================================
10:14:06.0215 6132 Current date / time: 2012/06/22 10:14:06.0215
10:14:06.0215 6132 SystemInfo:
10:14:06.0215 6132
10:14:06.0215 6132 OS Version: 6.0.6002 ServicePack: 2.0
10:14:06.0215 6132 Product type: Workstation
10:14:06.0215 6132 ComputerName: MZ-BOYZ-PC
10:14:06.0216 6132 UserName: Mira Bellenbaum
10:14:06.0216 6132 Windows directory: C:\Windows
10:14:06.0216 6132 System windows directory: C:\Windows
10:14:06.0216 6132 Processor architecture: Intel x86
10:14:06.0216 6132 Number of processors: 2
10:14:06.0216 6132 Page size: 0x1000
10:14:06.0216 6132 Boot type: Normal boot
10:14:06.0216 6132 ============================================================
10:14:06.0692 6132 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:14:06.0694 6132 ============================================================
10:14:06.0694 6132 \Device\Harddisk0\DR0:
10:14:06.0695 6132 MBR partitions:
10:14:06.0695 6132 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xBA29000
10:14:06.0695 6132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xBD17800, BlocksNum 0xB7871B0
10:14:06.0695 6132 ============================================================
10:14:06.0744 6132 C: <-> \Device\Harddisk0\DR0\Partition0
10:14:06.0800 6132 E: <-> \Device\Harddisk0\DR0\Partition1
10:14:06.0801 6132 ============================================================
10:14:06.0801 6132 Initialize success
10:14:06.0801 6132 ============================================================
10:14:46.0227 4484 ============================================================
10:14:46.0227 4484 Scan started
10:14:46.0227 4484 Mode: Manual;
10:14:46.0228 4484 ============================================================
10:14:48.0291 4484 ACEDRV06 (44010948bde6ade50dd1386657c73e83) C:\Windows\system32\drivers\ACEDRV06.sys
10:14:48.0294 4484 ACEDRV06 - ok
10:14:48.0372 4484 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:14:48.0375 4484 ACPI - ok
10:14:48.0493 4484 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:14:48.0496 4484 AdobeFlashPlayerUpdateSvc - ok
10:14:48.0589 4484 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:14:48.0602 4484 adp94xx - ok
10:14:48.0649 4484 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:14:48.0658 4484 adpahci - ok
10:14:48.0692 4484 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:14:48.0695 4484 adpu160m - ok
10:14:48.0738 4484 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:14:48.0743 4484 adpu320 - ok
10:14:48.0825 4484 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:14:48.0827 4484 AeLookupSvc - ok
10:14:48.0923 4484 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:14:48.0930 4484 AFD - ok
10:14:49.0003 4484 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:14:49.0005 4484 agp440 - ok
10:14:49.0041 4484 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:14:49.0044 4484 aic78xx - ok
10:14:49.0076 4484 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:14:49.0078 4484 ALG - ok
10:14:49.0110 4484 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:14:49.0112 4484 aliide - ok
10:14:49.0134 4484 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:14:49.0136 4484 amdagp - ok
10:14:49.0162 4484 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:14:49.0163 4484 amdide - ok
10:14:49.0217 4484 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:14:49.0219 4484 AmdK7 - ok
10:14:49.0260 4484 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:14:49.0262 4484 AmdK8 - ok
10:14:49.0390 4484 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:14:49.0391 4484 AntiVirSchedulerService - ok
10:14:49.0460 4484 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:14:49.0461 4484 AntiVirService - ok
10:14:49.0529 4484 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:14:49.0530 4484 Appinfo - ok
10:14:49.0706 4484 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:14:49.0708 4484 Apple Mobile Device - ok
10:14:49.0742 4484 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:14:49.0745 4484 arc - ok
10:14:49.0798 4484 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:14:49.0801 4484 arcsas - ok
10:14:49.0831 4484 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:14:49.0833 4484 AsyncMac - ok
10:14:49.0934 4484 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:14:49.0935 4484 atapi - ok
10:14:50.0029 4484 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:14:50.0033 4484 AudioEndpointBuilder - ok
10:14:50.0040 4484 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:14:50.0043 4484 Audiosrv - ok
10:14:50.0067 4484 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
10:14:50.0067 4484 avgio - ok
10:14:50.0125 4484 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
10:14:50.0125 4484 avgntflt - ok
10:14:50.0178 4484 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
10:14:50.0179 4484 avipbb - ok
10:14:50.0244 4484 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:14:50.0245 4484 Beep - ok
10:14:50.0339 4484 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:14:50.0344 4484 BFE - ok
10:14:50.0482 4484 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:14:50.0501 4484 BITS - ok
10:14:50.0549 4484 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:14:50.0551 4484 blbdrive - ok
10:14:50.0710 4484 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:14:50.0720 4484 Bonjour Service - ok
10:14:50.0780 4484 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:14:50.0783 4484 bowser - ok
10:14:50.0845 4484 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:14:50.0847 4484 BrFiltLo - ok
10:14:50.0871 4484 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:14:50.0872 4484 BrFiltUp - ok
10:14:50.0919 4484 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:14:50.0922 4484 Browser - ok
10:14:50.0950 4484 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:14:50.0953 4484 Brserid - ok
10:14:50.0986 4484 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:14:50.0988 4484 BrSerWdm - ok
10:14:51.0013 4484 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:14:51.0014 4484 BrUsbMdm - ok
10:14:51.0037 4484 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:14:51.0038 4484 BrUsbSer - ok
10:14:51.0070 4484 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:14:51.0072 4484 BTHMODEM - ok
10:14:51.0131 4484 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:14:51.0134 4484 cdfs - ok
10:14:51.0192 4484 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:14:51.0193 4484 cdrom - ok
10:14:51.0253 4484 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:14:51.0254 4484 CertPropSvc - ok
10:14:51.0278 4484 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:14:51.0279 4484 circlass - ok
10:14:51.0395 4484 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:14:51.0402 4484 CLFS - ok
10:14:51.0488 4484 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:14:51.0491 4484 clr_optimization_v2.0.50727_32 - ok
10:14:51.0635 4484 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:14:51.0639 4484 clr_optimization_v4.0.30319_32 - ok
10:14:51.0707 4484 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:14:51.0708 4484 CmBatt - ok
10:14:51.0731 4484 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:14:51.0732 4484 cmdide - ok
10:14:51.0759 4484 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:14:51.0760 4484 Compbatt - ok
10:14:51.0767 4484 COMSysApp - ok
10:14:51.0877 4484 ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:14:51.0879 4484 ConfigFree Service - ok
10:14:51.0891 4484 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:14:51.0892 4484 crcdisk - ok
10:14:51.0927 4484 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:14:51.0929 4484 Crusoe - ok
10:14:51.0985 4484 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
10:14:51.0986 4484 CryptSvc - ok
10:14:52.0111 4484 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:14:52.0124 4484 DcomLaunch - ok
10:14:52.0168 4484 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:14:52.0171 4484 DfsC - ok
10:14:52.0448 4484 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:14:52.0504 4484 DFSR - ok
10:14:52.0716 4484 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:14:52.0720 4484 Dhcp - ok
10:14:52.0799 4484 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:14:52.0801 4484 disk - ok
10:14:52.0888 4484 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:14:52.0890 4484 Dnscache - ok
10:14:52.0954 4484 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:14:52.0959 4484 dot3svc - ok
10:14:53.0012 4484 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:14:53.0014 4484 DPS - ok
10:14:53.0081 4484 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:14:53.0083 4484 drmkaud - ok
10:14:53.0194 4484 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:14:53.0209 4484 DXGKrnl - ok
10:14:53.0247 4484 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:14:53.0251 4484 E1G60 - ok
10:14:53.0286 4484 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:14:53.0288 4484 EapHost - ok
10:14:53.0369 4484 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:14:53.0374 4484 Ecache - ok
10:14:53.0463 4484 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:14:53.0472 4484 elxstor - ok
10:14:53.0580 4484 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:14:53.0592 4484 EMDMgmt - ok
10:14:53.0626 4484 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:14:53.0627 4484 ErrDev - ok
10:14:53.0705 4484 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:14:53.0711 4484 EventSystem - ok
10:14:53.0772 4484 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:14:53.0776 4484 exfat - ok
10:14:53.0837 4484 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:14:53.0842 4484 fastfat - ok
10:14:53.0913 4484 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:14:53.0914 4484 fdc - ok
10:14:53.0957 4484 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:14:53.0959 4484 fdPHost - ok
10:14:53.0972 4484 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:14:53.0973 4484 FDResPub - ok
10:14:53.0998 4484 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:14:54.0001 4484 FileInfo - ok
10:14:54.0021 4484 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:14:54.0023 4484 Filetrace - ok
10:14:54.0349 4484 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
10:14:54.0391 4484 FirebirdServerMAGIXInstance - ok
10:14:54.0570 4484 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:14:54.0572 4484 flpydisk - ok
10:14:54.0632 4484 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:14:54.0636 4484 FltMgr - ok
10:14:54.0790 4484 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:14:54.0798 4484 FontCache - ok
10:14:54.0936 4484 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:14:54.0938 4484 FontCache3.0.0.0 - ok
10:14:54.0986 4484 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
10:14:54.0988 4484 Fs_Rec - ok
10:14:55.0028 4484 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
10:14:55.0029 4484 FwLnk - ok
10:14:55.0059 4484 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:14:55.0061 4484 gagp30kx - ok
10:14:55.0112 4484 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:14:55.0114 4484 GEARAspiWDM - ok
10:14:55.0293 4484 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:14:55.0294 4484 GoogleDesktopManager-051210-111108 - ok
10:14:55.0419 4484 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:14:55.0433 4484 gpsvc - ok
10:14:55.0482 4484 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:14:55.0486 4484 gupdate - ok
10:14:55.0527 4484 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:14:55.0529 4484 gupdatem - ok
10:14:55.0601 4484 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:14:55.0605 4484 gusvc - ok
10:14:55.0683 4484 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:14:55.0690 4484 HdAudAddService - ok
10:14:55.0791 4484 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:14:55.0802 4484 HDAudBus - ok
10:14:55.0820 4484 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:14:55.0823 4484 HidBth - ok
10:14:55.0846 4484 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:14:55.0848 4484 HidIr - ok
10:14:55.0886 4484 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:14:55.0888 4484 hidserv - ok
10:14:55.0940 4484 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:14:55.0941 4484 HidUsb - ok
10:14:55.0975 4484 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:14:55.0977 4484 hkmsvc - ok
10:14:56.0011 4484 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:14:56.0013 4484 HpCISSs - ok
10:14:56.0082 4484 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:14:56.0088 4484 HSFHWAZL - ok
10:14:56.0256 4484 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:14:56.0282 4484 HSF_DPV - ok
10:14:56.0379 4484 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:14:56.0385 4484 HSXHWAZL - ok
10:14:56.0461 4484 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:14:56.0473 4484 HTTP - ok
10:14:56.0532 4484 hwdatacard (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:14:56.0533 4484 hwdatacard - ok
10:14:56.0579 4484 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:14:56.0581 4484 i2omp - ok
10:14:56.0639 4484 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:14:56.0642 4484 i8042prt - ok
10:14:56.0721 4484 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
10:14:56.0724 4484 iaStor - ok
10:14:56.0779 4484 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:14:56.0786 4484 iaStorV - ok
10:14:56.0965 4484 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:14:56.0969 4484 IDriverT - ok
10:14:57.0154 4484 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:14:57.0180 4484 idsvc - ok
10:14:57.0458 4484 igfx (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:14:57.0501 4484 igfx - ok
10:14:57.0756 4484 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:14:57.0758 4484 iirsp - ok
10:14:57.0847 4484 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:14:57.0857 4484 IKEEXT - ok
10:14:58.0144 4484 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
10:14:58.0193 4484 IntcAzAudAddService - ok
10:14:58.0381 4484 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:14:58.0383 4484 intelide - ok
10:14:58.0448 4484 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:14:58.0450 4484 intelppm - ok
10:14:58.0493 4484 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:14:58.0498 4484 IPBusEnum - ok
10:14:58.0531 4484 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:14:58.0533 4484 IpFilterDriver - ok
10:14:58.0596 4484 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
10:14:58.0600 4484 iphlpsvc - ok
10:14:58.0607 4484 IpInIp - ok
10:14:58.0650 4484 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:14:58.0653 4484 IPMIDRV - ok
10:14:58.0691 4484 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:14:58.0695 4484 IPNAT - ok
10:14:58.0872 4484 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
10:14:58.0896 4484 iPod Service - ok
10:14:59.0062 4484 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:14:59.0064 4484 IRENUM - ok
10:14:59.0109 4484 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:14:59.0111 4484 isapnp - ok
10:14:59.0179 4484 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:14:59.0185 4484 iScsiPrt - ok
10:14:59.0208 4484 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:14:59.0209 4484 iteatapi - ok
10:14:59.0233 4484 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:14:59.0235 4484 iteraid - ok
10:14:59.0256 4484 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:14:59.0259 4484 kbdclass - ok
10:14:59.0325 4484 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:14:59.0326 4484 kbdhid - ok
10:14:59.0365 4484 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:14:59.0366 4484 KeyIso - ok
10:14:59.0463 4484 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
10:14:59.0475 4484 KSecDD - ok
10:14:59.0597 4484 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:14:59.0608 4484 KtmRm - ok
10:14:59.0722 4484 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
10:14:59.0726 4484 LanmanServer - ok
10:14:59.0940 4484 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:14:59.0945 4484 LanmanWorkstation - ok
10:15:00.0070 4484 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:15:00.0072 4484 lltdio - ok
10:15:00.0195 4484 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:15:00.0201 4484 lltdsvc - ok
10:15:00.0232 4484 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:15:00.0235 4484 lmhosts - ok
10:15:00.0304 4484 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:15:00.0308 4484 LSI_FC - ok
10:15:00.0356 4484 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:15:00.0361 4484 LSI_SAS - ok
10:15:00.0425 4484 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:15:00.0429 4484 LSI_SCSI - ok
10:15:00.0475 4484 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:15:00.0478 4484 luafv - ok
10:15:00.0541 4484 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:15:00.0543 4484 MBAMProtector - ok
10:15:00.0667 4484 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:15:00.0672 4484 MBAMService - ok
10:15:00.0795 4484 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
10:15:00.0802 4484 McComponentHostService - ok
10:15:00.0834 4484 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:15:00.0836 4484 mdmxsdk - ok
10:15:00.0910 4484 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:15:00.0912 4484 megasas - ok
10:15:01.0027 4484 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:15:01.0037 4484 MegaSR - ok
10:15:01.0080 4484 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:15:01.0082 4484 MMCSS - ok
10:15:01.0106 4484 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:15:01.0108 4484 Modem - ok
10:15:01.0136 4484 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:15:01.0137 4484 monitor - ok
10:15:01.0152 4484 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:15:01.0153 4484 mouclass - ok
10:15:01.0169 4484 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:15:01.0170 4484 mouhid - ok
10:15:01.0190 4484 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:15:01.0192 4484 MountMgr - ok
10:15:01.0279 4484 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:15:01.0283 4484 MozillaMaintenance - ok
10:15:01.0346 4484 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:15:01.0350 4484 mpio - ok
10:15:01.0383 4484 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:15:01.0385 4484 mpsdrv - ok
10:15:01.0492 4484 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:15:01.0500 4484 MpsSvc - ok
10:15:01.0545 4484 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:15:01.0547 4484 Mraid35x - ok
10:15:01.0598 4484 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:15:01.0602 4484 MRxDAV - ok
10:15:01.0650 4484 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:15:01.0654 4484 mrxsmb - ok
10:15:01.0727 4484 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:15:01.0734 4484 mrxsmb10 - ok
10:15:01.0755 4484 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:15:01.0759 4484 mrxsmb20 - ok
10:15:01.0824 4484 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:15:01.0827 4484 msahci - ok
10:15:01.0867 4484 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:15:01.0872 4484 msdsm - ok
10:15:01.0950 4484 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:15:01.0956 4484 MSDTC - ok
10:15:01.0999 4484 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:15:02.0001 4484 Msfs - ok
10:15:02.0048 4484 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:15:02.0049 4484 msisadrv - ok
10:15:02.0077 4484 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:15:02.0082 4484 MSiSCSI - ok
10:15:02.0089 4484 msiserver - ok
10:15:02.0128 4484 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:15:02.0129 4484 MSKSSRV - ok
10:15:02.0168 4484 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:15:02.0169 4484 MSPCLOCK - ok
10:15:02.0198 4484 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:15:02.0200 4484 MSPQM - ok
10:15:02.0247 4484 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:15:02.0251 4484 MsRPC - ok
10:15:02.0276 4484 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:15:02.0277 4484 mssmbios - ok
10:15:02.0293 4484 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:15:02.0294 4484 MSTEE - ok
10:15:02.0335 4484 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:15:02.0337 4484 Mup - ok
10:15:02.0404 4484 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:15:02.0410 4484 napagent - ok
10:15:02.0474 4484 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:15:02.0478 4484 NativeWifiP - ok
10:15:02.0591 4484 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:15:02.0605 4484 NDIS - ok
10:15:02.0644 4484 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:15:02.0645 4484 NdisTapi - ok
10:15:02.0669 4484 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:15:02.0671 4484 Ndisuio - ok
10:15:02.0709 4484 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:15:02.0712 4484 NdisWan - ok
10:15:02.0746 4484 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:15:02.0748 4484 NDProxy - ok
10:15:02.0773 4484 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:15:02.0775 4484 NetBIOS - ok
10:15:02.0840 4484 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:15:02.0846 4484 netbt - ok
10:15:02.0936 4484 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:15:02.0939 4484 Netlogon - ok
10:15:03.0014 4484 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:15:03.0037 4484 Netman - ok
10:15:03.0135 4484 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:15:03.0149 4484 netprofm - ok
10:15:03.0250 4484 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:15:03.0253 4484 NetTcpPortSharing - ok
10:15:03.0637 4484 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
10:15:03.0692 4484 NETw3v32 - ok
10:15:03.0947 4484 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:15:03.0950 4484 nfrd960 - ok
10:15:04.0015 4484 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:15:04.0019 4484 NlaSvc - ok
10:15:04.0066 4484 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys
10:15:04.0068 4484 nmwcd - ok
10:15:04.0125 4484 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys
10:15:04.0127 4484 nmwcdc - ok
10:15:04.0171 4484 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:15:04.0173 4484 Npfs - ok
10:15:04.0192 4484 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:15:04.0195 4484 nsi - ok
10:15:04.0217 4484 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:15:04.0220 4484 nsiproxy - ok
10:15:04.0425 4484 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:15:04.0467 4484 Ntfs - ok
10:15:04.0505 4484 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:15:04.0516 4484 ntrigdigi - ok
10:15:04.0564 4484 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:15:04.0566 4484 Null - ok
10:15:04.0631 4484 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:15:04.0636 4484 nvraid - ok
10:15:04.0684 4484 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:15:04.0686 4484 nvstor - ok
10:15:04.0722 4484 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:15:04.0726 4484 nv_agp - ok
10:15:04.0733 4484 NwlnkFlt - ok
10:15:04.0742 4484 NwlnkFwd - ok
10:15:04.0943 4484 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:15:04.0955 4484 odserv - ok
10:15:05.0056 4484 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:15:05.0058 4484 ohci1394 - ok
10:15:05.0122 4484 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:15:05.0126 4484 ose - ok
10:15:05.0248 4484 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:05.0271 4484 p2pimsvc - ok
10:15:05.0286 4484 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:05.0309 4484 p2psvc - ok
10:15:05.0406 4484 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:15:05.0409 4484 Parport - ok
10:15:05.0462 4484 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
10:15:05.0464 4484 partmgr - ok
10:15:05.0484 4484 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:15:05.0485 4484 Parvdm - ok
10:15:05.0530 4484 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:15:05.0534 4484 PcaSvc - ok
10:15:05.0598 4484 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:15:05.0600 4484 pccsmcfd - ok
10:15:05.0660 4484 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:15:05.0662 4484 pci - ok
10:15:05.0714 4484 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
10:15:05.0715 4484 pciide - ok
10:15:05.0758 4484 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:15:05.0763 4484 pcmcia - ok
10:15:05.0930 4484 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:15:05.0971 4484 PEAUTH - ok
10:15:06.0193 4484 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:15:06.0230 4484 pla - ok
10:15:06.0460 4484 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:15:06.0467 4484 PlugPlay - ok
10:15:06.0577 4484 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:06.0596 4484 PNRPAutoReg - ok
10:15:06.0608 4484 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:15:06.0616 4484 PNRPsvc - ok
10:15:06.0707 4484 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:15:06.0715 4484 PolicyAgent - ok
10:15:06.0787 4484 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:15:06.0789 4484 PptpMiniport - ok
10:15:06.0825 4484 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:15:06.0827 4484 Processor - ok
10:15:07.0076 4484 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:15:07.0083 4484 ProfSvc - ok
10:15:07.0124 4484 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:15:07.0127 4484 ProtectedStorage - ok
10:15:07.0199 4484 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:15:07.0207 4484 PSched - ok
10:15:07.0241 4484 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
10:15:07.0244 4484 PxHelp20 - ok
10:15:07.0550 4484 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:15:07.0593 4484 ql2300 - ok
10:15:07.0624 4484 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:15:07.0627 4484 ql40xx - ok
10:15:07.0675 4484 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:15:07.0685 4484 QWAVE - ok
10:15:07.0733 4484 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:15:07.0735 4484 QWAVEdrv - ok
10:15:07.0830 4484 RapiMgr (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
10:15:07.0836 4484 RapiMgr - ok
10:15:07.0849 4484 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:15:07.0851 4484 RasAcd - ok
10:15:07.0898 4484 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:15:07.0905 4484 RasAuto - ok
10:15:07.0951 4484 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:15:07.0955 4484 Rasl2tp - ok
10:15:08.0022 4484 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:15:08.0029 4484 RasMan - ok
10:15:08.0074 4484 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:15:08.0077 4484 RasPppoe - ok
10:15:08.0101 4484 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:15:08.0103 4484 RasSstp - ok
10:15:08.0169 4484 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:15:08.0176 4484 rdbss - ok
10:15:08.0215 4484 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:15:08.0217 4484 RDPCDD - ok
10:15:08.0275 4484 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:15:08.0282 4484 rdpdr - ok
10:15:08.0303 4484 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:15:08.0305 4484 RDPENCDD - ok
10:15:08.0385 4484 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
10:15:08.0391 4484 RDPWD - ok
10:15:08.0450 4484 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:15:08.0455 4484 RemoteAccess - ok
10:15:08.0510 4484 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:15:08.0516 4484 RemoteRegistry - ok
10:15:08.0551 4484 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:15:08.0555 4484 RpcLocator - ok
10:15:08.0664 4484 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:15:08.0673 4484 RpcSs - ok
10:15:08.0744 4484 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:15:08.0746 4484 rspndr - ok
10:15:08.0804 4484 RTL8169 (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:15:08.0806 4484 RTL8169 - ok
10:15:08.0892 4484 RTL8187B (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
10:15:08.0895 4484 RTL8187B - ok
10:15:08.0951 4484 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
10:15:08.0953 4484 RtlProt - ok
10:15:08.0975 4484 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:15:08.0978 4484 SamSs - ok
10:15:09.0032 4484 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:15:09.0035 4484 sbp2port - ok
10:15:09.0121 4484 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:15:09.0127 4484 SCardSvr - ok
10:15:09.0248 4484 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:15:09.0267 4484 Schedule - ok
10:15:09.0310 4484 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:15:09.0311 4484 SCPolicySvc - ok
10:15:09.0379 4484 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:15:09.0386 4484 SDRSVC - ok
10:15:09.0410 4484 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:15:09.0411 4484 secdrv - ok
10:15:09.0436 4484 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:15:09.0440 4484 seclogon - ok
10:15:09.0462 4484 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:15:09.0466 4484 SENS - ok
10:15:09.0514 4484 Sentinel (3e7ff2405bcc1384d946dc45edc7ed61) C:\Windows\System32\Drivers\SENTINEL.SYS
10:15:09.0517 4484 Sentinel - ok
10:15:09.0578 4484 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:15:09.0580 4484 Serenum - ok
10:15:09.0621 4484 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:15:09.0626 4484 Serial - ok
10:15:09.0659 4484 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:15:09.0661 4484 sermouse - ok
10:15:09.0910 4484 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:15:09.0927 4484 ServiceLayer - ok
10:15:10.0010 4484 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:15:10.0015 4484 SessionEnv - ok
10:15:10.0068 4484 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:15:10.0070 4484 sffdisk - ok
10:15:10.0096 4484 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:15:10.0098 4484 sffp_mmc - ok
10:15:10.0121 4484 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:15:10.0122 4484 sffp_sd - ok
10:15:10.0143 4484 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:15:10.0145 4484 sfloppy - ok
10:15:10.0209 4484 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:15:10.0218 4484 SharedAccess - ok
10:15:10.0290 4484 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:15:10.0299 4484 ShellHWDetection - ok
10:15:10.0399 4484 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:15:10.0401 4484 sisagp - ok
10:15:10.0421 4484 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:15:10.0423 4484 SiSRaid2 - ok
10:15:10.0455 4484 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:15:10.0458 4484 SiSRaid4 - ok
10:15:10.0887 4484 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:15:11.0024 4484 slsvc - ok
10:15:11.0213 4484 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:15:11.0218 4484 SLUINotify - ok
10:15:11.0302 4484 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:15:11.0304 4484 Smb - ok
10:15:11.0346 4484 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:15:11.0349 4484 SNMPTRAP - ok
10:15:11.0410 4484 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:15:11.0412 4484 spldr - ok
10:15:11.0478 4484 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:15:11.0484 4484 Spooler - ok
10:15:11.0564 4484 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:15:11.0573 4484 srv - ok
10:15:11.0639 4484 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:15:11.0644 4484 srv2 - ok
10:15:11.0675 4484 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:15:11.0678 4484 srvnet - ok
10:15:11.0719 4484 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:15:11.0723 4484 SSDPSRV - ok
10:15:11.0775 4484 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:15:11.0775 4484 ssmdrv - ok
10:15:11.0833 4484 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:15:11.0837 4484 SstpSvc - ok
10:15:11.0900 4484 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:15:11.0902 4484 StillCam - ok
10:15:11.0982 4484 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:15:11.0994 4484 stisvc - ok
10:15:12.0023 4484 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:15:12.0025 4484 swenum - ok
10:15:12.0096 4484 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:15:12.0107 4484 swprv - ok
10:15:12.0132 4484 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:15:12.0134 4484 Symc8xx - ok
10:15:12.0163 4484 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:15:12.0166 4484 Sym_hi - ok
10:15:12.0192 4484 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:15:12.0194 4484 Sym_u3 - ok
10:15:12.0254 4484 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
10:15:12.0260 4484 SynTP - ok
10:15:12.0372 4484 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:15:12.0382 4484 SysMain - ok
10:15:12.0415 4484 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:15:12.0419 4484 TabletInputService - ok
10:15:12.0487 4484 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:15:12.0493 4484 TapiSrv - ok
10:15:12.0538 4484 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:15:12.0542 4484 TBS - ok
10:15:12.0671 4484 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
10:15:12.0696 4484 Tcpip - ok
10:15:12.0723 4484 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
10:15:12.0732 4484 Tcpip6 - ok
10:15:12.0774 4484 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:15:12.0776 4484 tcpipreg - ok
10:15:12.0822 4484 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:15:12.0824 4484 tdcmdpst - ok
10:15:12.0866 4484 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:15:12.0868 4484 TDPIPE - ok
10:15:12.0910 4484 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:15:12.0912 4484 TDTCP - ok
10:15:12.0968 4484 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:15:12.0972 4484 tdx - ok
10:15:13.0044 4484 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:15:13.0047 4484 TermDD - ok
10:15:13.0144 4484 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:15:13.0156 4484 TermService - ok
10:15:13.0234 4484 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:15:13.0244 4484 Themes - ok
10:15:13.0293 4484 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:15:13.0297 4484 THREADORDER - ok
10:15:13.0451 4484 TNaviSrv (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
10:15:13.0453 4484 TNaviSrv - ok
10:15:13.0527 4484 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
10:15:13.0531 4484 TODDSrv - ok
10:15:13.0651 4484 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:15:13.0662 4484 TosCoSrv - ok
10:15:13.0699 4484 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
10:15:13.0700 4484 TOSHIBA SMART Log Service - ok
10:15:13.0827 4484 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
10:15:13.0836 4484 tos_sps32 - ok
10:15:13.0935 4484 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:15:13.0939 4484 TrkWks - ok
10:15:13.0997 4484 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:15:13.0999 4484 TrustedInstaller - ok
10:15:14.0048 4484 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:15:14.0050 4484 tssecsrv - ok
10:15:14.0105 4484 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:15:14.0107 4484 tunmp - ok
10:15:14.0138 4484 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:15:14.0140 4484 tunnel - ok
10:15:14.0183 4484 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:15:14.0185 4484 TVALZ - ok
10:15:14.0227 4484 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:15:14.0230 4484 uagp35 - ok
10:15:14.0295 4484 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:15:14.0301 4484 udfs - ok
10:15:14.0371 4484 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:15:14.0376 4484 UI0Detect - ok
10:15:14.0490 4484 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:15:14.0493 4484 UleadBurningHelper - ok
10:15:14.0559 4484 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:15:14.0562 4484 uliagpkx - ok
10:15:14.0640 4484 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:15:14.0655 4484 uliahci - ok
10:15:14.0688 4484 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:15:14.0692 4484 UlSata - ok
10:15:14.0726 4484 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:15:14.0731 4484 ulsata2 - ok
10:15:14.0748 4484 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:15:14.0750 4484 umbus - ok
10:15:14.0809 4484 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:15:14.0820 4484 upnphost - ok
10:15:14.0941 4484 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
10:15:14.0943 4484 upperdev - ok
10:15:14.0983 4484 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
10:15:14.0986 4484 USBAAPL - ok
10:15:15.0041 4484 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:15:15.0044 4484 usbccgp - ok
10:15:15.0195 4484 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:15:15.0198 4484 usbcir - ok
10:15:15.0233 4484 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:15:15.0234 4484 usbehci - ok
10:15:15.0318 4484 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:15:15.0320 4484 usbhub - ok
10:15:15.0394 4484 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:15:15.0396 4484 usbohci - ok
10:15:15.0445 4484 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:15:15.0447 4484 usbprint - ok
10:15:15.0494 4484 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
10:15:15.0496 4484 usbser - ok
10:15:15.0547 4484 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
10:15:15.0549 4484 UsbserFilt - ok
10:15:15.0600 4484 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:15:15.0602 4484 USBSTOR - ok
10:15:15.0626 4484 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:15:15.0627 4484 usbuhci - ok
10:15:15.0674 4484 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:15:15.0679 4484 usbvideo - ok
10:15:15.0723 4484 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:15:15.0727 4484 UxSms - ok
10:15:15.0958 4484 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:15:15.0988 4484 vds - ok
10:15:16.0058 4484 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:15:16.0060 4484 vga - ok
10:15:16.0093 4484 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:15:16.0095 4484 VgaSave - ok
10:15:16.0128 4484 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:15:16.0131 4484 viaagp - ok
10:15:16.0164 4484 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:15:16.0166 4484 ViaC7 - ok
10:15:16.0206 4484 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:15:16.0208 4484 viaide - ok
10:15:16.0246 4484 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:15:16.0249 4484 volmgr - ok
10:15:16.0333 4484 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:15:16.0343 4484 volmgrx - ok
10:15:16.0544 4484 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:15:16.0551 4484 volsnap - ok
10:15:16.0631 4484 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:15:16.0636 4484 vsmraid - ok
10:15:16.0833 4484 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:15:16.0878 4484 VSS - ok
10:15:16.0958 4484 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:15:16.0965 4484 W32Time - ok
10:15:17.0060 4484 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:15:17.0062 4484 WacomPen - ok
10:15:17.0099 4484 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:15:17.0102 4484 Wanarp - ok
10:15:17.0109 4484 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:15:17.0110 4484 Wanarpv6 - ok
10:15:17.0292 4484 WcesComm (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
10:15:17.0295 4484 WcesComm - ok
10:15:17.0455 4484 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:15:17.0463 4484 wcncsvc - ok
10:15:17.0505 4484 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:15:17.0510 4484 WcsPlugInService - ok
10:15:17.0561 4484 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:15:17.0563 4484 Wd - ok
10:15:17.0653 4484 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:15:17.0717 4484 Wdf01000 - ok
10:15:17.0753 4484 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:15:17.0758 4484 WdiServiceHost - ok
10:15:17.0764 4484 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:15:17.0769 4484 WdiSystemHost - ok
10:15:17.0838 4484 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:15:17.0844 4484 WebClient - ok
10:15:17.0936 4484 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:15:17.0942 4484 Wecsvc - ok
10:15:17.0973 4484 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:15:17.0977 4484 wercplsupport - ok
10:15:18.0040 4484 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:15:18.0046 4484 WerSvc - ok
10:15:18.0173 4484 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:15:18.0194 4484 winachsf - ok
10:15:18.0331 4484 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:15:18.0340 4484 WinDefend - ok
10:15:18.0351 4484 WinHttpAutoProxySvc - ok
10:15:18.0475 4484 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:15:18.0480 4484 Winmgmt - ok
10:15:18.0663 4484 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:15:18.0750 4484 WinRM - ok
10:15:18.0836 4484 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
10:15:18.0838 4484 winusb - ok
10:15:18.0972 4484 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:15:18.0986 4484 Wlansvc - ok
10:15:19.0020 4484 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
10:15:19.0021 4484 WmiAcpi - ok
10:15:19.0123 4484 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:15:19.0127 4484 wmiApSrv - ok
10:15:19.0305 4484 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:15:19.0330 4484 WMPNetworkSvc - ok
10:15:19.0375 4484 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:15:19.0383 4484 WPCSvc - ok
10:15:19.0429 4484 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:15:19.0434 4484 WPDBusEnum - ok
10:15:19.0523 4484 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:15:19.0525 4484 WpdUsb - ok
10:15:19.0772 4484 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:15:19.0786 4484 WPFFontCache_v0400 - ok
10:15:19.0832 4484 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:15:19.0834 4484 ws2ifsl - ok
10:15:19.0886 4484 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:15:19.0890 4484 wscsvc - ok
10:15:19.0896 4484 WSearch - ok
10:15:20.0189 4484 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
10:15:20.0239 4484 wuauserv - ok
10:15:20.0469 4484 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:15:20.0473 4484 WUDFRd - ok
10:15:20.0514 4484 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:15:20.0520 4484 wudfsvc - ok
10:15:20.0565 4484 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
10:15:20.0567 4484 XAudio - ok
10:15:20.0626 4484 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
10:15:20.0636 4484 XAudioService - ok
10:15:20.0662 4484 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:15:21.0273 4484 \Device\Harddisk0\DR0 - ok
10:15:21.0301 4484 Boot (0x1200) (5b866a4e6efaa7e6d1850002eab3cd36) \Device\Harddisk0\DR0\Partition0
10:15:21.0303 4484 \Device\Harddisk0\DR0\Partition0 - ok
10:15:21.0345 4484 Boot (0x1200) (818809706242e615ac0accde8c6aab08) \Device\Harddisk0\DR0\Partition1
10:15:21.0347 4484 \Device\Harddisk0\DR0\Partition1 - ok
10:15:21.0348 4484 ============================================================
10:15:21.0348 4484 Scan finished
10:15:21.0348 4484 ============================================================
10:15:21.0370 4880 Detected object count: 0
10:15:21.0370 4880 Actual detected object count: 0
10:20:45.0878 5872 ============================================================
10:20:45.0878 5872 Scan started
10:20:45.0878 5872 Mode: Manual; SigCheck; TDLFS;
10:20:45.0878 5872 ============================================================
10:20:46.0107 5872 ACEDRV06 (44010948bde6ade50dd1386657c73e83) C:\Windows\system32\drivers\ACEDRV06.sys
10:20:46.0267 5872 ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
10:20:46.0268 5872 ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
10:20:46.0330 5872 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:20:46.0402 5872 ACPI - ok
10:20:46.0507 5872 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:20:46.0523 5872 AdobeFlashPlayerUpdateSvc - ok
10:20:46.0604 5872 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:20:46.0632 5872 adp94xx - ok
10:20:46.0693 5872 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:20:46.0712 5872 adpahci - ok
10:20:46.0751 5872 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:20:46.0768 5872 adpu160m - ok
10:20:46.0812 5872 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:20:46.0829 5872 adpu320 - ok
10:20:46.0884 5872 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:20:47.0069 5872 AeLookupSvc - ok
10:20:47.0155 5872 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:20:47.0248 5872 AFD - ok
10:20:47.0291 5872 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:20:47.0310 5872 agp440 - ok
10:20:47.0343 5872 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:20:47.0364 5872 aic78xx - ok
10:20:47.0424 5872 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:20:47.0671 5872 ALG - ok
10:20:47.0698 5872 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:20:47.0722 5872 aliide - ok
10:20:47.0779 5872 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:20:47.0793 5872 amdagp - ok
10:20:47.0822 5872 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:20:47.0838 5872 amdide - ok
10:20:47.0862 5872 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:20:47.0911 5872 AmdK7 - ok
10:20:47.0934 5872 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:20:47.0983 5872 AmdK8 - ok
10:20:48.0142 5872 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:20:48.0169 5872 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
10:20:48.0169 5872 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
10:20:48.0219 5872 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:20:48.0242 5872 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
10:20:48.0243 5872 AntiVirService - detected UnsignedFile.Multi.Generic (1)
10:20:48.0288 5872 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:20:48.0354 5872 Appinfo - ok
10:20:48.0523 5872 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:20:48.0539 5872 Apple Mobile Device - ok
10:20:48.0573 5872 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:20:48.0593 5872 arc - ok
10:20:48.0629 5872 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:20:48.0646 5872 arcsas - ok
10:20:48.0661 5872 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:20:48.0712 5872 AsyncMac - ok
10:20:48.0750 5872 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:20:48.0766 5872 atapi - ok
10:20:48.0844 5872 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:20:48.0889 5872 AudioEndpointBuilder - ok
10:20:48.0898 5872 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:20:48.0925 5872 Audiosrv - ok
10:20:48.0954 5872 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
10:20:48.0973 5872 avgio - ok
10:20:49.0027 5872 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
10:20:49.0061 5872 avgntflt - ok
10:20:49.0095 5872 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys
10:20:49.0106 5872 avipbb - ok
10:20:49.0132 5872 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:20:49.0213 5872 Beep - ok
10:20:49.0284 5872 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:20:49.0354 5872 BFE - ok
10:20:49.0470 5872 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:20:49.0567 5872 BITS - ok
10:20:49.0608 5872 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:20:49.0655 5872 blbdrive - ok
10:20:49.0800 5872 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:20:49.0833 5872 Bonjour Service - ok
10:20:49.0897 5872 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:20:49.0986 5872 bowser - ok
10:20:50.0033 5872 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:20:50.0087 5872 BrFiltLo - ok
10:20:50.0102 5872 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:20:50.0150 5872 BrFiltUp - ok
10:20:50.0219 5872 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:20:50.0269 5872 Browser - ok
10:20:50.0295 5872 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:20:50.0557 5872 Brserid - ok
10:20:50.0616 5872 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:20:50.0683 5872 BrSerWdm - ok
10:20:50.0714 5872 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:20:50.0786 5872 BrUsbMdm - ok
10:20:50.0868 5872 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:20:50.0977 5872 BrUsbSer - ok
10:20:51.0015 5872 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:20:51.0094 5872 BTHMODEM - ok
10:20:51.0136 5872 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:20:51.0182 5872 cdfs - ok
10:20:51.0223 5872 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:20:51.0246 5872 cdrom - ok
10:20:51.0298 5872 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:20:51.0386 5872 CertPropSvc - ok
10:20:51.0408 5872 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:20:51.0458 5872 circlass - ok
10:20:51.0525 5872 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:20:51.0548 5872 CLFS - ok
10:20:51.0633 5872 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:20:51.0649 5872 clr_optimization_v2.0.50727_32 - ok
10:20:51.0771 5872 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:20:51.0794 5872 clr_optimization_v4.0.30319_32 - ok
10:20:51.0911 5872 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:20:52.0005 5872 CmBatt - ok
10:20:52.0090 5872 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:20:52.0118 5872 cmdide - ok
10:20:52.0147 5872 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:20:52.0162 5872 Compbatt - ok
10:20:52.0172 5872 COMSysApp - ok
10:20:52.0364 5872 ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:20:52.0405 5872 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
10:20:52.0405 5872 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
10:20:52.0440 5872 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:20:52.0454 5872 crcdisk - ok
10:20:52.0514 5872 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:20:52.0573 5872 Crusoe - ok
10:20:52.0643 5872 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
10:20:52.0725 5872 CryptSvc - ok
10:20:52.0850 5872 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:20:52.0921 5872 DcomLaunch - ok
10:20:52.0971 5872 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:20:53.0031 5872 DfsC - ok
10:20:53.0298 5872 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:20:53.0443 5872 DFSR - ok
10:20:53.0617 5872 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:20:53.0661 5872 Dhcp - ok
10:20:53.0729 5872 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:20:53.0751 5872 disk - ok
10:20:53.0818 5872 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:20:53.0867 5872 Dnscache - ok
10:20:53.0929 5872 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:20:54.0017 5872 dot3svc - ok
10:20:54.0086 5872 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:20:54.0116 5872 DPS - ok
10:20:54.0154 5872 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:20:54.0176 5872 drmkaud - ok
10:20:54.0282 5872 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:20:54.0315 5872 DXGKrnl - ok
10:20:54.0349 5872 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:20:54.0427 5872 E1G60 - ok
10:20:54.0459 5872 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:20:54.0511 5872 EapHost - ok
10:20:54.0557 5872 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:20:54.0576 5872 Ecache - ok
10:20:54.0651 5872 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:20:54.0678 5872 elxstor - ok
10:20:54.0781 5872 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:20:54.0861 5872 EMDMgmt - ok
10:20:54.0885 5872 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:20:54.0923 5872 ErrDev - ok
10:20:55.0015 5872 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:20:55.0063 5872 EventSystem - ok
10:20:55.0115 5872 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:20:55.0202 5872 exfat - ok
10:20:55.0254 5872 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:20:55.0296 5872 fastfat - ok
10:20:55.0331 5872 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:20:55.0404 5872 fdc - ok
10:20:55.0515 5872 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:20:55.0550 5872 fdPHost - ok
10:20:55.0573 5872 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:20:55.0639 5872 FDResPub - ok
10:20:55.0686 5872 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:20:55.0706 5872 FileInfo - ok
10:20:55.0738 5872 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:20:55.0818 5872 Filetrace - ok
10:20:56.0172 5872 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
10:20:56.0365 5872 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
10:20:56.0366 5872 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
10:20:56.0687 5872 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:20:56.0753 5872 flpydisk - ok
10:20:56.0819 5872 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:20:56.0842 5872 FltMgr - ok
10:20:56.0992 5872 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:20:57.0125 5872 FontCache - ok
10:20:57.0252 5872 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:20:57.0266 5872 FontCache3.0.0.0 - ok
10:20:57.0317 5872 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
10:20:57.0367 5872 Fs_Rec - ok
10:20:57.0401 5872 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
10:20:57.0483 5872 FwLnk - ok
10:20:57.0518 5872 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:20:57.0538 5872 gagp30kx - ok
10:20:57.0586 5872 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:20:57.0601 5872 GEARAspiWDM - ok
10:20:57.0751 5872 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:20:57.0762 5872 GoogleDesktopManager-051210-111108 - ok
10:20:57.0879 5872 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:20:57.0951 5872 gpsvc - ok
10:20:58.0012 5872 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:20:58.0047 5872 gupdate - ok
10:20:58.0059 5872 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
10:20:58.0075 5872 gupdatem - ok
10:20:58.0146 5872 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:20:58.0162 5872 gusvc - ok
10:20:58.0227 5872 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:20:58.0299 5872 HdAudAddService - ok
10:20:58.0405 5872 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:20:58.0489 5872 HDAudBus - ok
10:20:58.0535 5872 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:20:58.0618 5872 HidBth - ok
10:20:58.0662 5872 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:20:58.0715 5872 HidIr - ok
10:20:58.0804 5872 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:20:58.0858 5872 hidserv - ok
10:20:58.0913 5872 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:20:58.0947 5872 HidUsb - ok
10:20:59.0034 5872 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:20:59.0103 5872 hkmsvc - ok
10:20:59.0156 5872 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:20:59.0171 5872 HpCISSs - ok
10:20:59.0400 5872 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:20:59.0465 5872 HSFHWAZL - ok
10:20:59.0642 5872 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:20:59.0832 5872 HSF_DPV - ok
10:20:59.0938 5872 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:20:59.0973 5872 HSXHWAZL - ok
10:21:00.0180 5872 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:21:00.0312 5872 HTTP - ok
10:21:00.0376 5872 hwdatacard (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:21:00.0437 5872 hwdatacard - ok
10:21:00.0469 5872 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:21:00.0488 5872 i2omp - ok
10:21:00.0513 5872 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:21:00.0556 5872 i8042prt - ok
10:21:00.0622 5872 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
10:21:00.0640 5872 iaStor - ok
10:21:00.0709 5872 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:21:00.0727 5872 iaStorV - ok
10:21:00.0910 5872 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:21:00.0960 5872 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:21:00.0960 5872 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:21:01.0317 5872 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:21:01.0364 5872 idsvc - ok
10:21:01.0663 5872 igfx (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:21:02.0116 5872 igfx - ok
10:21:02.0461 5872 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:21:02.0477 5872 iirsp - ok
10:21:02.0575 5872 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:21:02.0751 5872 IKEEXT - ok
10:21:03.0137 5872 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
10:21:03.0239 5872 IntcAzAudAddService - ok
10:21:03.0811 5872 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:21:03.0828 5872 intelide - ok
10:21:03.0867 5872 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:21:03.0952 5872 intelppm - ok
10:21:04.0024 5872 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:21:04.0064 5872 IPBusEnum - ok
10:21:04.0175 5872 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:21:04.0258 5872 IpFilterDriver - ok
10:21:04.0325 5872 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
10:21:04.0389 5872 iphlpsvc - ok
10:21:04.0396 5872 IpInIp - ok
10:21:04.0451 5872 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:21:04.0503 5872 IPMIDRV - ok
10:21:04.0545 5872 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:21:04.0582 5872 IPNAT - ok
10:21:04.0803 5872 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
10:21:04.0898 5872 iPod Service - ok
10:21:04.0978 5872 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:21:05.0040 5872 IRENUM - ok
10:21:05.0068 5872 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:21:05.0089 5872 isapnp - ok
10:21:05.0291 5872 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:21:05.0309 5872 iScsiPrt - ok
10:21:05.0381 5872 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:21:05.0396 5872 iteatapi - ok
10:21:05.0465 5872 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:21:05.0479 5872 iteraid - ok
10:21:05.0529 5872 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:21:05.0545 5872 kbdclass - ok
10:21:05.0584 5872 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:21:05.0621 5872 kbdhid - ok
10:21:05.0666 5872 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:05.0752 5872 KeyIso - ok
10:21:05.0851 5872 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
10:21:05.0892 5872 KSecDD - ok
10:21:05.0969 5872 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:21:06.0088 5872 KtmRm - ok
10:21:06.0152 5872 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
10:21:06.0248 5872 LanmanServer - ok
10:21:06.0296 5872 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:21:06.0369 5872 LanmanWorkstation - ok
10:21:06.0400 5872 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:21:06.0453 5872 lltdio - ok
10:21:06.0511 5872 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:21:06.0568 5872 lltdsvc - ok
10:21:06.0589 5872 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:21:06.0667 5872 lmhosts - ok
10:21:06.0700 5872 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:21:06.0718 5872 LSI_FC - ok
10:21:06.0800 5872 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:21:06.0818 5872 LSI_SAS - ok
10:21:06.0856 5872 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:21:06.0873 5872 LSI_SCSI - ok
10:21:06.0906 5872 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:21:06.0950 5872 luafv - ok
10:21:06.0986 5872 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:21:07.0008 5872 MBAMProtector - ok
10:21:07.0176 5872 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:21:07.0222 5872 MBAMService - ok
10:21:07.0354 5872 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
10:21:07.0376 5872 McComponentHostService - ok
10:21:07.0422 5872 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:21:07.0458 5872 mdmxsdk - ok
10:21:07.0497 5872 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:21:07.0519 5872 megasas - ok
10:21:07.0589 5872 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:21:07.0627 5872 MegaSR - ok
10:21:07.0684 5872 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:21:07.0743 5872 MMCSS - ok
10:21:07.0767 5872 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:21:07.0827 5872 Modem - ok
10:21:07.0852 5872 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:21:07.0896 5872 monitor - ok
10:21:07.0939 5872 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:21:07.0954 5872 mouclass - ok
10:21:07.0970 5872 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:21:08.0009 5872 mouhid - ok
10:21:08.0035 5872 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:21:08.0051 5872 MountMgr - ok
10:21:08.0110 5872 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:21:08.0127 5872 MozillaMaintenance - ok
10:21:08.0163 5872 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:21:08.0180 5872 mpio - ok
10:21:08.0213 5872 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:21:08.0238 5872 mpsdrv - ok
10:21:08.0323 5872 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:21:08.0383 5872 MpsSvc - ok
10:21:08.0447 5872 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:21:08.0464 5872 Mraid35x - ok
10:21:08.0530 5872 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:21:08.0582 5872 MRxDAV - ok
10:21:08.0638 5872 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:21:08.0697 5872 mrxsmb - ok
10:21:08.0755 5872 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:21:08.0793 5872 mrxsmb10 - ok
10:21:08.0815 5872 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:21:08.0836 5872 mrxsmb20 - ok
10:21:08.0869 5872 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:21:08.0887 5872 msahci - ok
10:21:08.0926 5872 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:21:08.0946 5872 msdsm - ok
10:21:09.0025 5872 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:21:09.0087 5872 MSDTC - ok
10:21:09.0130 5872 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:21:09.0183 5872 Msfs - ok
10:21:09.0206 5872 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:21:09.0227 5872 msisadrv - ok
10:21:09.0263 5872 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:21:09.0324 5872 MSiSCSI - ok
10:21:09.0331 5872 msiserver - ok
10:21:09.0373 5872 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:21:09.0429 5872 MSKSSRV - ok
10:21:09.0455 5872 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:21:09.0509 5872 MSPCLOCK - ok
10:21:09.0529 5872 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:21:09.0591 5872 MSPQM - ok
10:21:09.0650 5872 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:21:09.0678 5872 MsRPC - ok
10:21:09.0707 5872 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:21:09.0730 5872 mssmbios - ok
10:21:09.0752 5872 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:21:09.0815 5872 MSTEE - ok
10:21:09.0839 5872 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:21:09.0861 5872 Mup - ok
10:21:09.0935 5872 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:21:09.0963 5872 napagent - ok
10:21:10.0038 5872 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:21:10.0103 5872 NativeWifiP - ok
10:21:10.0206 5872 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:21:10.0277 5872 NDIS - ok
10:21:10.0360 5872 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:21:10.0403 5872 NdisTapi - ok
10:21:10.0428 5872 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:21:10.0477 5872 Ndisuio - ok
10:21:10.0539 5872 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:21:10.0566 5872 NdisWan - ok
10:21:10.0590 5872 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:21:10.0634 5872 NDProxy - ok
10:21:10.0660 5872 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:21:10.0690 5872 NetBIOS - ok
10:21:10.0757 5872 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:21:10.0802 5872 netbt - ok
10:21:10.0852 5872 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:10.0867 5872 Netlogon - ok
10:21:10.0925 5872 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:21:10.0968 5872 Netman - ok
10:21:11.0034 5872 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:21:11.0073 5872 netprofm - ok
10:21:11.0168 5872 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:21:11.0187 5872 NetTcpPortSharing - ok
10:21:11.0495 5872 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
10:21:11.0768 5872 NETw3v32 - ok
10:21:11.0947 5872 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:21:11.0970 5872 nfrd960 - ok
10:21:12.0035 5872 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:21:12.0091 5872 NlaSvc - ok
10:21:12.0126 5872 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys
10:21:12.0195 5872 nmwcd - ok
10:21:12.0241 5872 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys
10:21:12.0294 5872 nmwcdc - ok
10:21:12.0344 5872 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:21:12.0367 5872 Npfs - ok
10:21:12.0394 5872 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:21:12.0440 5872 nsi - ok
10:21:12.0464 5872 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:21:12.0507 5872 nsiproxy - ok
10:21:12.0677 5872 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:21:12.0821 5872 Ntfs - ok
10:21:12.0878 5872 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:21:12.0956 5872 ntrigdigi - ok
10:21:12.0973 5872 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:21:13.0043 5872 Null - ok
10:21:13.0094 5872 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:21:13.0112 5872 nvraid - ok
10:21:13.0143 5872 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:21:13.0159 5872 nvstor - ok
10:21:13.0195 5872 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:21:13.0214 5872 nv_agp - ok
10:21:13.0225 5872 NwlnkFlt - ok
10:21:13.0234 5872 NwlnkFwd - ok
10:21:13.0407 5872 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:21:13.0439 5872 odserv - ok
10:21:13.0486 5872 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:21:13.0553 5872 ohci1394 - ok
10:21:13.0623 5872 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:21:13.0640 5872 ose - ok
10:21:13.0763 5872 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:13.0988 5872 p2pimsvc - ok
10:21:14.0002 5872 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:14.0062 5872 p2psvc - ok
10:21:14.0122 5872 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:21:14.0204 5872 Parport - ok
10:21:14.0252 5872 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
10:21:14.0271 5872 partmgr - ok
10:21:14.0301 5872 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:21:14.0377 5872 Parvdm - ok
10:21:14.0418 5872 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:21:14.0485 5872 PcaSvc - ok
10:21:14.0528 5872 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
10:21:14.0586 5872 pccsmcfd - ok
10:21:14.0634 5872 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:21:14.0660 5872 pci - ok
10:21:14.0715 5872 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
10:21:14.0735 5872 pciide - ok
10:21:14.0773 5872 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:21:14.0793 5872 pcmcia - ok
10:21:14.0920 5872 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:21:15.0097 5872 PEAUTH - ok
10:21:15.0354 5872 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:21:15.0443 5872 pla - ok
10:21:15.0634 5872 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:21:15.0682 5872 PlugPlay - ok
10:21:15.0791 5872 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:15.0863 5872 PNRPAutoReg - ok
10:21:15.0876 5872 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:21:15.0920 5872 PNRPsvc - ok
10:21:15.0995 5872 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:21:16.0090 5872 PolicyAgent - ok
10:21:16.0160 5872 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:21:16.0204 5872 PptpMiniport - ok
10:21:16.0241 5872 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:21:16.0272 5872 Processor - ok
10:21:16.0333 5872 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:21:16.0377 5872 ProfSvc - ok
10:21:16.0406 5872 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:16.0424 5872 ProtectedStorage - ok
10:21:16.0472 5872 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:21:16.0504 5872 PSched - ok
10:21:16.0527 5872 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
10:21:16.0540 5872 PxHelp20 - ok
10:21:16.0699 5872 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:21:16.0862 5872 ql2300 - ok
10:21:16.0969 5872 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:21:16.0991 5872 ql40xx - ok
10:21:17.0053 5872 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:21:17.0106 5872 QWAVE - ok
10:21:17.0135 5872 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:21:17.0151 5872 QWAVEdrv - ok
10:21:17.0232 5872 RapiMgr (70dbdab246c18b78e2200d6401d038be) C:\Windows\WindowsMobile\rapimgr.dll
10:21:17.0266 5872 RapiMgr - ok
10:21:17.0279 5872 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:21:17.0331 5872 RasAcd - ok
10:21:17.0370 5872 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:21:17.0417 5872 RasAuto - ok
10:21:17.0453 5872 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:21:17.0500 5872 Rasl2tp - ok
10:21:17.0566 5872 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:21:17.0599 5872 RasMan - ok
10:21:17.0647 5872 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:21:17.0691 5872 RasPppoe - ok
10:21:17.0717 5872 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:21:17.0737 5872 RasSstp - ok
10:21:17.0799 5872 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:21:17.0849 5872 rdbss - ok
10:21:17.0888 5872 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:21:17.0920 5872 RDPCDD - ok
10:21:17.0975 5872 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:21:18.0017 5872 rdpdr - ok
10:21:18.0026 5872 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:21:18.0075 5872 RDPENCDD - ok
10:21:18.0143 5872 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
10:21:18.0213 5872 RDPWD - ok
10:21:18.0266 5872 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:21:18.0321 5872 RemoteAccess - ok
10:21:18.0369 5872 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:21:18.0425 5872 RemoteRegistry - ok
10:21:18.0467 5872 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:21:18.0547 5872 RpcLocator - ok
10:21:18.0657 5872 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:21:18.0703 5872 RpcSs - ok
10:21:18.0746 5872 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:21:18.0810 5872 rspndr - ok
10:21:18.0863 5872 RTL8169 (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:21:18.0927 5872 RTL8169 - ok
10:21:19.0032 5872 RTL8187B (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
10:21:19.0103 5872 RTL8187B - ok
10:21:19.0153 5872 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
10:21:19.0172 5872 RtlProt - ok
10:21:19.0206 5872 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:21:19.0228 5872 SamSs - ok
10:21:19.0291 5872 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:21:19.0313 5872 sbp2port - ok
10:21:19.0365 5872 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:21:19.0401 5872 SCardSvr - ok
10:21:19.0548 5872 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:21:19.0741 5872 Schedule - ok
10:21:19.0783 5872 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:21:19.0809 5872 SCPolicySvc - ok
10:21:19.0866 5872 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:21:19.0895 5872 SDRSVC - ok
10:21:19.0911 5872 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:21:19.0968 5872 secdrv - ok
10:21:20.0009 5872 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:21:20.0062 5872 seclogon - ok
10:21:20.0106 5872 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:21:20.0144 5872 SENS - ok
10:21:20.0187 5872 Sentinel (3e7ff2405bcc1384d946dc45edc7ed61) C:\Windows\System32\Drivers\SENTINEL.SYS
10:21:20.0212 5872 Sentinel ( UnsignedFile.Multi.Generic ) - warning
10:21:20.0212 5872 Sentinel - detected UnsignedFile.Multi.Generic (1)
10:21:20.0251 5872 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:21:20.0302 5872 Serenum - ok
10:21:20.0340 5872 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:21:20.0409 5872 Serial - ok
10:21:20.0446 5872 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:21:20.0475 5872 sermouse - ok
10:21:20.0651 5872 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:21:20.0771 5872 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:21:20.0771 5872 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:21:20.0825 5872 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:21:20.0863 5872 SessionEnv - ok
10:21:20.0927 5872 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:21:20.0959 5872 sffdisk - ok
10:21:20.0983 5872 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:21:21.0048 5872 sffp_mmc - ok
10:21:21.0065 5872 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:21:21.0113 5872 sffp_sd - ok
10:21:21.0130 5872 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:21:21.0181 5872 sfloppy - ok
10:21:21.0254 5872 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:21:21.0312 5872 SharedAccess - ok
10:21:21.0377 5872 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:21:21.0446 5872 ShellHWDetection - ok
10:21:21.0486 5872 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:21:21.0504 5872 sisagp - ok
10:21:21.0537 5872 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:21:21.0556 5872 SiSRaid2 - ok
10:21:21.0590 5872 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:21:21.0609 5872 SiSRaid4 - ok
10:21:22.0039 5872 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:21:22.0256 5872 slsvc - ok
10:21:22.0474 5872 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:21:22.0527 5872 SLUINotify - ok
10:21:22.0597 5872 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:21:22.0647 5872 Smb - ok
10:21:22.0689 5872 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:21:22.0710 5872 SNMPTRAP - ok
10:21:22.0754 5872 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:21:22.0774 5872 spldr - ok
10:21:22.0840 5872 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:21:22.0894 5872 Spooler - ok
10:21:22.0980 5872 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:21:23.0057 5872 srv - ok
10:21:23.0128 5872 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:21:23.0191 5872 srv2 - ok
10:21:23.0233 5872 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:21:23.0266 5872 srvnet - ok
10:21:23.0308 5872 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:21:23.0353 5872 SSDPSRV - ok
10:21:23.0391 5872 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:21:23.0402 5872 ssmdrv - ok
10:21:23.0449 5872 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:21:23.0485 5872 SstpSvc - ok
10:21:23.0516 5872 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:21:23.0541 5872 StillCam - ok
10:21:23.0618 5872 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:21:23.0669 5872 stisvc - ok
10:21:23.0710 5872 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:21:23.0727 5872 swenum - ok
10:21:23.0796 5872 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:21:23.0851 5872 swprv - ok
10:21:23.0877 5872 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:21:23.0892 5872 Symc8xx - ok
10:21:23.0922 5872 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:21:23.0936 5872 Sym_hi - ok
10:21:23.0966 5872 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:21:23.0980 5872 Sym_u3 - ok
10:21:24.0042 5872 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
10:21:24.0061 5872 SynTP - ok
10:21:24.0161 5872 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:21:24.0305 5872 SysMain - ok
10:21:24.0347 5872 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:21:24.0372 5872 TabletInputService - ok
10:21:24.0449 5872 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:21:24.0496 5872 TapiSrv - ok
10:21:24.0526 5872 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:21:24.0558 5872 TBS - ok
10:21:24.0693 5872 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
10:21:24.0842 5872 Tcpip - ok
10:21:24.0861 5872 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
10:21:25.0045 5872 Tcpip6 - ok
10:21:25.0119 5872 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:21:25.0223 5872 tcpipreg - ok
10:21:25.0266 5872 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:21:25.0301 5872 tdcmdpst - ok
10:21:25.0339 5872 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:21:25.0402 5872 TDPIPE - ok
10:21:25.0440 5872 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:21:25.0496 5872 TDTCP - ok
10:21:25.0541 5872 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:21:25.0566 5872 tdx - ok
10:21:25.0603 5872 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:21:25.0620 5872 TermDD - ok
10:21:25.0702 5872 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:21:25.0856 5872 TermService - ok
10:21:25.0920 5872 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:21:25.0941 5872 Themes - ok
10:21:25.0982 5872 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:21:26.0016 5872 THREADORDER - ok
10:21:26.0139 5872 TNaviSrv (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
10:21:26.0155 5872 TNaviSrv - ok
10:21:26.0186 5872 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
10:21:26.0205 5872 TODDSrv - ok
10:21:26.0294 5872 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:21:26.0347 5872 TosCoSrv - ok
10:21:26.0387 5872 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
10:21:26.0397 5872 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
10:21:26.0397 5872 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
10:21:26.0543 5872 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
10:21:26.0594 5872 tos_sps32 - ok
10:21:26.0651 5872 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:21:26.0713 5872 TrkWks - ok
10:21:26.0785 5872 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:21:26.0817 5872 TrustedInstaller - ok
10:21:26.0850 5872 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:21:26.0903 5872 tssecsrv - ok
10:21:26.0935 5872 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:21:26.0987 5872 tunmp - ok
10:21:27.0026 5872 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:21:27.0057 5872 tunnel - ok
10:21:27.0085 5872 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:21:27.0097 5872 TVALZ - ok
10:21:27.0128 5872 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:21:27.0145 5872 uagp35 - ok
10:21:27.0210 5872 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:21:27.0241 5872 udfs - ok
10:21:27.0301 5872 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:21:27.0378 5872 UI0Detect - ok
10:21:27.0463 5872 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:21:27.0488 5872 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
10:21:27.0488 5872 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
10:21:27.0547 5872 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:21:27.0568 5872 uliagpkx - ok
10:21:27.0650 5872 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:21:27.0686 5872 uliahci - ok
10:21:27.0718 5872 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:21:27.0739 5872 UlSata - ok
10:21:27.0785 5872 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:21:27.0807 5872 ulsata2 - ok
10:21:27.0835 5872 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:21:27.0892 5872 umbus - ok
10:21:27.0954 5872 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:21:28.0003 5872 upnphost - ok
10:21:28.0028 5872 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
10:21:28.0108 5872 upperdev - ok
10:21:28.0154 5872 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
10:21:28.0226 5872 USBAAPL - ok
10:21:28.0279 5872 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:28.0313 5872 usbccgp - ok
10:21:28.0340 5872 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:21:28.0408 5872 usbcir - ok
10:21:28.0435 5872 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:21:28.0459 5872 usbehci - ok
10:21:28.0519 5872 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:21:28.0564 5872 usbhub - ok
10:21:28.0595 5872 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:21:28.0646 5872 usbohci - ok
10:21:28.0689 5872 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:21:28.0745 5872 usbprint - ok
10:21:28.0781 5872 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
10:21:28.0839 5872 usbser - ok
10:21:28.0891 5872 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
10:21:28.0921 5872 UsbserFilt - ok
10:21:28.0957 5872 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:28.0983 5872 USBSTOR - ok
10:21:29.0028 5872 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:21:29.0068 5872 usbuhci - ok
10:21:29.0119 5872 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:21:29.0170 5872 usbvideo - ok
10:21:29.0211 5872 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:21:29.0238 5872 UxSms - ok
10:21:29.0316 5872 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:21:29.0399 5872 vds - ok
10:21:29.0445 5872 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:29.0474 5872 vga - ok
10:21:29.0508 5872 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:21:29.0538 5872 VgaSave - ok
10:21:29.0572 5872 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:21:29.0592 5872 viaagp - ok
10:21:29.0637 5872 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:21:29.0728 5872 ViaC7 - ok
10:21:29.0796 5872 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:21:29.0813 5872 viaide - ok
10:21:29.0850 5872 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:21:29.0871 5872 volmgr - ok
10:21:30.0073 5872 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:21:30.0106 5872 volmgrx - ok
10:21:30.0234 5872 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:21:30.0264 5872 volsnap - ok
10:21:30.0347 5872 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:21:30.0371 5872 vsmraid - ok
10:21:30.0575 5872 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:21:30.0660 5872 VSS - ok
10:21:30.0733 5872 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:21:30.0772 5872 W32Time - ok
10:21:30.0861 5872 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:21:30.0935 5872 WacomPen - ok
10:21:30.0957 5872 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:30.0997 5872 Wanarp - ok
10:21:31.0004 5872 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:31.0028 5872 Wanarpv6 - ok
10:21:31.0138 5872 WcesComm (779f9c90d3fe9c70b6ffd8ef035f3e83) C:\Windows\WindowsMobile\wcescomm.dll
10:21:31.0272 5872 WcesComm - ok
10:21:31.0362 5872 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:21:31.0403 5872 wcncsvc - ok
10:21:31.0450 5872 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:21:31.0529 5872 WcsPlugInService - ok
10:21:31.0577 5872 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:21:31.0597 5872 Wd - ok
10:21:31.0700 5872 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:21:31.0760 5872 Wdf01000 - ok
10:21:31.0813 5872 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:21:31.0866 5872 WdiServiceHost - ok
10:21:31.0874 5872 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:21:31.0919 5872 WdiSystemHost - ok
10:21:31.0970 5872 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:21:31.0994 5872 WebClient - ok
10:21:32.0053 5872 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:21:32.0104 5872 Wecsvc - ok
10:21:32.0131 5872 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:21:32.0168 5872 wercplsupport - ok
10:21:32.0226 5872 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:21:32.0266 5872 WerSvc - ok
10:21:32.0373 5872 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:21:32.0544 5872 winachsf - ok
10:21:32.0678 5872 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:21:32.0708 5872 WinDefend - ok
10:21:32.0722 5872 WinHttpAutoProxySvc - ok
10:21:32.0833 5872 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:21:32.0860 5872 Winmgmt - ok
10:21:33.0040 5872 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:21:33.0261 5872 WinRM - ok
10:21:33.0380 5872 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
10:21:33.0420 5872 winusb - ok
10:21:33.0533 5872 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:21:33.0615 5872 Wlansvc - ok
10:21:33.0650 5872 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
10:21:33.0693 5872 WmiAcpi - ok
10:21:33.0816 5872 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:21:33.0845 5872 wmiApSrv - ok
10:21:34.0026 5872 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:21:34.0121 5872 WMPNetworkSvc - ok
10:21:34.0179 5872 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:21:34.0223 5872 WPCSvc - ok
10:21:34.0259 5872 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:21:34.0288 5872 WPDBusEnum - ok
10:21:34.0367 5872 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:21:34.0414 5872 WpdUsb - ok
10:21:34.0635 5872 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:21:34.0687 5872 WPFFontCache_v0400 - ok
10:21:34.0719 5872 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:21:34.0764 5872 ws2ifsl - ok
10:21:34.0802 5872 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:21:34.0834 5872 wscsvc - ok
10:21:34.0841 5872 WSearch - ok
10:21:35.0110 5872 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
10:21:35.0448 5872 wuauserv - ok
10:21:35.0714 5872 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:35.0744 5872 WUDFRd - ok
10:21:35.0787 5872 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:21:35.0820 5872 wudfsvc - ok
10:21:35.0852 5872 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
10:21:35.0882 5872 XAudio - ok
10:21:35.0956 5872 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
10:21:35.0986 5872 XAudioService - ok
10:21:36.0020 5872 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:21:37.0773 5872 \Device\Harddisk0\DR0 - ok
10:21:37.0803 5872 Boot (0x1200) (5b866a4e6efaa7e6d1850002eab3cd36) \Device\Harddisk0\DR0\Partition0
10:21:37.0805 5872 \Device\Harddisk0\DR0\Partition0 - ok
10:21:37.0832 5872 Boot (0x1200) (818809706242e615ac0accde8c6aab08) \Device\Harddisk0\DR0\Partition1
10:21:37.0835 5872 \Device\Harddisk0\DR0\Partition1 - ok
10:21:37.0836 5872 ============================================================
10:21:37.0836 5872 Scan finished
10:21:37.0836 5872 ============================================================
10:21:37.0862 4028 Detected object count: 10
10:21:37.0862 4028 Actual detected object count: 10
10:22:02.0404 4028 ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0404 4028 ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0411 4028 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0411 4028 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0422 4028 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0422 4028 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0424 4028 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0424 4028 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0428 4028 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0429 4028 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0433 4028 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0433 4028 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0434 4028 Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0434 4028 Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0439 4028 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0439 4028 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0442 4028 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0442 4028 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:22:02.0445 4028 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
10:22:02.0445 4028 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu Trojaner verschickt Emails über Yahoo-Account |
| adressbuch, aktion, anleitung, antivir, appdata, datei, dateien, emails, entdeck, entdeckt, folge, folgendes, forum, programm, quarantäne, rechner, richtig, schließe, temp, thomas, troja, trojan, trojaner, unerwünschtes programm, verschickt, virus |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Hybrid-Darstellung
