| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.09.2012, 18:26
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.09.2012, 09:45
| #17 |
 | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Hier die Logdatei
__________________Code:
ATTFilter 10:35:51.0375 6080 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:35:54.0367 6080 ============================================================
10:35:54.0367 6080 Current date / time: 2012/09/17 10:35:54.0367
10:35:54.0367 6080 SystemInfo:
10:35:54.0367 6080
10:35:54.0367 6080 OS Version: 6.1.7601 ServicePack: 1.0
10:35:54.0367 6080 Product type: Workstation
10:35:54.0367 6080 ComputerName: MATHIASWEHPKE
10:35:54.0367 6080 UserName: Mathias Wehpke
10:35:54.0367 6080 Windows directory: C:\Windows
10:35:54.0367 6080 System windows directory: C:\Windows
10:35:54.0367 6080 Running under WOW64
10:35:54.0367 6080 Processor architecture: Intel x64
10:35:54.0367 6080 Number of processors: 4
10:35:54.0367 6080 Page size: 0x1000
10:35:54.0367 6080 Boot type: Normal boot
10:35:54.0367 6080 ============================================================
10:35:54.0698 6080 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:35:54.0700 6080 ============================================================
10:35:54.0700 6080 \Device\Harddisk0\DR0:
10:35:54.0700 6080 MBR partitions:
10:35:54.0700 6080 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D1C3000
10:35:54.0700 6080 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D28B800, BlocksNum 0x1D0FA800
10:35:54.0700 6080 ============================================================
10:35:54.0735 6080 C: <-> \Device\Harddisk0\DR0\Partition1
10:35:54.0778 6080 D: <-> \Device\Harddisk0\DR0\Partition2
10:35:54.0779 6080 ============================================================
10:35:54.0779 6080 Initialize success
10:35:54.0779 6080 ============================================================
10:37:42.0815 1112 ============================================================
10:37:42.0815 1112 Scan started
10:37:42.0815 1112 Mode: Manual; SigCheck; TDLFS;
10:37:42.0815 1112 ============================================================
10:37:43.0080 1112 ================ Scan system memory ========================
10:37:43.0080 1112 System memory - ok
10:37:43.0080 1112 ================ Scan services =============================
10:37:43.0314 1112 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:37:43.0439 1112 1394ohci - ok
10:37:43.0595 1112 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:37:43.0797 1112 ACDaemon - ok
10:37:43.0891 1112 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:37:43.0891 1112 ACPI - ok
10:37:43.0922 1112 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:37:43.0985 1112 AcpiPmi - ok
10:37:44.0063 1112 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:37:44.0063 1112 AdobeARMservice - ok
10:37:44.0203 1112 [ F3CD7B20B27D1772C946DF993FF3635C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:37:44.0203 1112 AdobeFlashPlayerUpdateSvc - ok
10:37:44.0265 1112 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:37:44.0281 1112 adp94xx - ok
10:37:44.0328 1112 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:37:44.0343 1112 adpahci - ok
10:37:44.0375 1112 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:37:44.0375 1112 adpu320 - ok
10:37:44.0406 1112 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:37:44.0562 1112 AeLookupSvc - ok
10:37:44.0640 1112 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
10:37:44.0655 1112 Afc - ok
10:37:44.0718 1112 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:37:44.0780 1112 AFD - ok
10:37:44.0827 1112 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:37:44.0843 1112 agp440 - ok
10:37:44.0874 1112 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:37:44.0936 1112 ALG - ok
10:37:44.0983 1112 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:37:44.0983 1112 aliide - ok
10:37:44.0999 1112 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:37:44.0999 1112 amdide - ok
10:37:45.0030 1112 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:37:45.0061 1112 AmdK8 - ok
10:37:45.0077 1112 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:37:45.0123 1112 AmdPPM - ok
10:37:45.0155 1112 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:37:45.0155 1112 amdsata - ok
10:37:45.0233 1112 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:37:45.0248 1112 amdsbs - ok
10:37:45.0264 1112 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:37:45.0264 1112 amdxata - ok
10:37:45.0311 1112 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
10:37:45.0357 1112 Andbus - ok
10:37:45.0389 1112 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
10:37:45.0404 1112 AndDiag - ok
10:37:45.0451 1112 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
10:37:45.0482 1112 AndGps - ok
10:37:45.0513 1112 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
10:37:45.0545 1112 ANDModem - ok
10:37:45.0654 1112 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:37:45.0654 1112 AntiVirSchedulerService - ok
10:37:45.0701 1112 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:37:45.0701 1112 AntiVirService - ok
10:37:45.0732 1112 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:37:45.0857 1112 AppID - ok
10:37:45.0888 1112 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:37:45.0935 1112 AppIDSvc - ok
10:37:45.0981 1112 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:37:46.0028 1112 Appinfo - ok
10:37:46.0091 1112 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:37:46.0091 1112 arc - ok
10:37:46.0106 1112 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:37:46.0122 1112 arcsas - ok
10:37:46.0137 1112 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:37:46.0184 1112 AsyncMac - ok
10:37:46.0215 1112 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:37:46.0231 1112 atapi - ok
10:37:46.0262 1112 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:37:46.0309 1112 AudioEndpointBuilder - ok
10:37:46.0325 1112 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:37:46.0356 1112 AudioSrv - ok
10:37:46.0403 1112 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:37:46.0403 1112 avgntflt - ok
10:37:46.0481 1112 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
10:37:46.0496 1112 avgtp - ok
10:37:46.0543 1112 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:37:46.0543 1112 avipbb - ok
10:37:46.0574 1112 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:37:46.0574 1112 avkmgr - ok
10:37:46.0621 1112 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:37:46.0683 1112 AxInstSV - ok
10:37:46.0746 1112 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:37:46.0793 1112 b06bdrv - ok
10:37:46.0824 1112 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:37:46.0871 1112 b57nd60a - ok
10:37:46.0917 1112 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:37:46.0949 1112 BDESVC - ok
10:37:46.0980 1112 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:37:47.0042 1112 Beep - ok
10:37:47.0105 1112 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:37:47.0167 1112 BFE - ok
10:37:47.0214 1112 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:37:47.0307 1112 BITS - ok
10:37:47.0339 1112 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:37:47.0370 1112 blbdrive - ok
10:37:47.0432 1112 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:37:47.0479 1112 bowser - ok
10:37:47.0495 1112 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:37:47.0541 1112 BrFiltLo - ok
10:37:47.0557 1112 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:37:47.0573 1112 BrFiltUp - ok
10:37:47.0619 1112 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:37:47.0651 1112 BridgeMP - ok
10:37:47.0697 1112 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:37:47.0729 1112 Browser - ok
10:37:47.0760 1112 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:37:47.0791 1112 Brserid - ok
10:37:47.0807 1112 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:37:47.0822 1112 BrSerWdm - ok
10:37:47.0853 1112 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:37:47.0869 1112 BrUsbMdm - ok
10:37:47.0900 1112 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:37:47.0916 1112 BrUsbSer - ok
10:37:47.0947 1112 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:37:47.0963 1112 BTHMODEM - ok
10:37:48.0009 1112 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:37:48.0025 1112 bthserv - ok
10:37:48.0041 1112 catchme - ok
10:37:48.0056 1112 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:37:48.0103 1112 cdfs - ok
10:37:48.0134 1112 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:37:48.0197 1112 cdrom - ok
10:37:48.0259 1112 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\Windows\system32\DRIVERS\CeKbFilter.sys
10:37:48.0275 1112 CeKbFilter - ok
10:37:48.0306 1112 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:37:48.0368 1112 CertPropSvc - ok
10:37:48.0446 1112 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
10:37:48.0462 1112 cfWiMAXService - ok
10:37:48.0477 1112 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:37:48.0509 1112 circlass - ok
10:37:48.0540 1112 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:37:48.0555 1112 CLFS - ok
10:37:48.0633 1112 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:37:48.0633 1112 clr_optimization_v2.0.50727_32 - ok
10:37:48.0665 1112 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:37:48.0680 1112 clr_optimization_v2.0.50727_64 - ok
10:37:48.0727 1112 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:37:48.0743 1112 clr_optimization_v4.0.30319_32 - ok
10:37:48.0774 1112 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:37:48.0789 1112 clr_optimization_v4.0.30319_64 - ok
10:37:48.0805 1112 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:37:48.0821 1112 CmBatt - ok
10:37:48.0867 1112 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:37:48.0867 1112 cmdide - ok
10:37:48.0899 1112 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:37:48.0930 1112 CNG - ok
10:37:48.0977 1112 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:37:48.0992 1112 Compbatt - ok
10:37:49.0008 1112 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:37:49.0039 1112 CompositeBus - ok
10:37:49.0055 1112 COMSysApp - ok
10:37:49.0101 1112 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
10:37:49.0101 1112 ConfigFree Service - ok
10:37:49.0133 1112 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:37:49.0133 1112 crcdisk - ok
10:37:49.0179 1112 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:37:49.0226 1112 CryptSvc - ok
10:37:49.0320 1112 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:37:49.0351 1112 cvhsvc - ok
10:37:49.0398 1112 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:37:49.0476 1112 DcomLaunch - ok
10:37:49.0507 1112 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:37:49.0554 1112 defragsvc - ok
10:37:49.0585 1112 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:37:49.0647 1112 DfsC - ok
10:37:49.0694 1112 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:37:49.0741 1112 Dhcp - ok
10:37:49.0772 1112 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:37:49.0819 1112 discache - ok
10:37:49.0866 1112 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:37:49.0881 1112 Disk - ok
10:37:49.0897 1112 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:37:49.0944 1112 Dnscache - ok
10:37:49.0959 1112 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:37:50.0006 1112 dot3svc - ok
10:37:50.0022 1112 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:37:50.0084 1112 DPS - ok
10:37:50.0115 1112 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:37:50.0147 1112 drmkaud - ok
10:37:50.0178 1112 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:37:50.0193 1112 DXGKrnl - ok
10:37:50.0225 1112 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:37:50.0256 1112 EapHost - ok
10:37:50.0349 1112 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:37:50.0412 1112 ebdrv - ok
10:37:50.0443 1112 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:37:50.0490 1112 EFS - ok
10:37:50.0505 1112 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:37:50.0521 1112 elxstor - ok
10:37:50.0537 1112 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:37:50.0568 1112 ErrDev - ok
10:37:50.0615 1112 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:37:50.0661 1112 EventSystem - ok
10:37:50.0693 1112 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:37:50.0739 1112 exfat - ok
10:37:50.0771 1112 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:37:50.0817 1112 fastfat - ok
10:37:50.0864 1112 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:37:50.0927 1112 Fax - ok
10:37:50.0958 1112 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:37:50.0973 1112 fdc - ok
10:37:51.0020 1112 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:37:51.0051 1112 fdPHost - ok
10:37:51.0051 1112 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:37:51.0114 1112 FDResPub - ok
10:37:51.0145 1112 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:37:51.0145 1112 FileInfo - ok
10:37:51.0192 1112 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:37:51.0254 1112 Filetrace - ok
10:37:51.0270 1112 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:37:51.0270 1112 flpydisk - ok
10:37:51.0301 1112 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:37:51.0301 1112 FltMgr - ok
10:37:51.0348 1112 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:37:51.0410 1112 FontCache - ok
10:37:51.0457 1112 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:37:51.0473 1112 FontCache3.0.0.0 - ok
10:37:51.0473 1112 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:37:51.0488 1112 FsDepends - ok
10:37:51.0504 1112 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:37:51.0519 1112 Fs_Rec - ok
10:37:51.0551 1112 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:37:51.0566 1112 fvevol - ok
10:37:51.0582 1112 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:37:51.0582 1112 gagp30kx - ok
10:37:51.0629 1112 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:37:51.0660 1112 gpsvc - ok
10:37:51.0675 1112 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:37:51.0707 1112 hcw85cir - ok
10:37:51.0769 1112 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:37:51.0800 1112 HdAudAddService - ok
10:37:51.0831 1112 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:37:51.0878 1112 HDAudBus - ok
10:37:51.0909 1112 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:37:51.0941 1112 HidBatt - ok
10:37:51.0956 1112 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:37:51.0972 1112 HidBth - ok
10:37:52.0019 1112 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:37:52.0034 1112 HidIr - ok
10:37:52.0050 1112 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:37:52.0097 1112 hidserv - ok
10:37:52.0143 1112 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:37:52.0143 1112 HidUsb - ok
10:37:52.0175 1112 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:37:52.0221 1112 hkmsvc - ok
10:37:52.0253 1112 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:37:52.0299 1112 HomeGroupListener - ok
10:37:52.0331 1112 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:37:52.0362 1112 HomeGroupProvider - ok
10:37:52.0377 1112 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:37:52.0393 1112 HpSAMD - ok
10:37:52.0424 1112 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:37:52.0487 1112 HTTP - ok
10:37:52.0518 1112 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:37:52.0518 1112 hwpolicy - ok
10:37:52.0533 1112 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:37:52.0549 1112 i8042prt - ok
10:37:52.0580 1112 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:37:52.0596 1112 iaStor - ok
10:37:52.0627 1112 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:37:52.0643 1112 iaStorV - ok
10:37:52.0736 1112 [ DABFBE88774A3C1A8CEA198348E02740 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
10:37:52.0783 1112 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
10:37:52.0783 1112 IconMan_R - detected UnsignedFile.Multi.Generic (1)
10:37:52.0814 1112 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:37:52.0845 1112 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:37:52.0845 1112 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:37:52.0908 1112 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:37:52.0923 1112 idsvc - ok
10:37:52.0939 1112 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:37:52.0939 1112 iirsp - ok
10:37:52.0986 1112 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:37:53.0033 1112 IKEEXT - ok
10:37:53.0126 1112 [ 2CC2F7C5990BB76767038F4B16D17A56 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:37:53.0173 1112 IntcAzAudAddService - ok
10:37:53.0204 1112 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:37:53.0204 1112 intelide - ok
10:37:53.0220 1112 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:37:53.0251 1112 intelppm - ok
10:37:53.0282 1112 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:37:53.0313 1112 IPBusEnum - ok
10:37:53.0345 1112 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:37:53.0376 1112 IpFilterDriver - ok
10:37:53.0407 1112 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:37:53.0454 1112 iphlpsvc - ok
10:37:53.0485 1112 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:37:53.0516 1112 IPMIDRV - ok
10:37:53.0532 1112 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:37:53.0579 1112 IPNAT - ok
10:37:53.0610 1112 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:37:53.0641 1112 IRENUM - ok
10:37:53.0657 1112 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:37:53.0672 1112 isapnp - ok
10:37:53.0703 1112 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:37:53.0719 1112 iScsiPrt - ok
10:37:53.0735 1112 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:37:53.0750 1112 kbdclass - ok
10:37:53.0766 1112 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:37:53.0797 1112 kbdhid - ok
10:37:53.0813 1112 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:37:53.0813 1112 KeyIso - ok
10:37:53.0828 1112 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:37:53.0828 1112 KSecDD - ok
10:37:53.0844 1112 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:37:53.0859 1112 KSecPkg - ok
10:37:53.0891 1112 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:37:53.0937 1112 ksthunk - ok
10:37:53.0969 1112 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:37:54.0031 1112 KtmRm - ok
10:37:54.0078 1112 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:37:54.0125 1112 LanmanServer - ok
10:37:54.0156 1112 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:37:54.0203 1112 LanmanWorkstation - ok
10:37:54.0234 1112 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:37:54.0281 1112 lltdio - ok
10:37:54.0312 1112 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:37:54.0359 1112 lltdsvc - ok
10:37:54.0374 1112 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:37:54.0421 1112 lmhosts - ok
10:37:54.0483 1112 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:37:54.0499 1112 LMS - ok
10:37:54.0546 1112 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
10:37:54.0546 1112 LPCFilter - ok
10:37:54.0593 1112 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:37:54.0593 1112 LSI_FC - ok
10:37:54.0624 1112 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:37:54.0624 1112 LSI_SAS - ok
10:37:54.0639 1112 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:37:54.0655 1112 LSI_SAS2 - ok
10:37:54.0671 1112 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:37:54.0671 1112 LSI_SCSI - ok
10:37:54.0702 1112 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:37:54.0733 1112 luafv - ok
10:37:54.0780 1112 McAWFwk - ok
10:37:54.0795 1112 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:37:54.0795 1112 megasas - ok
10:37:54.0811 1112 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:37:54.0827 1112 MegaSR - ok
10:37:54.0873 1112 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:37:54.0873 1112 MEIx64 - ok
10:37:54.0889 1112 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:37:54.0936 1112 MMCSS - ok
10:37:54.0967 1112 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:37:55.0014 1112 Modem - ok
10:37:55.0029 1112 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:37:55.0061 1112 monitor - ok
10:37:55.0092 1112 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:37:55.0092 1112 mouclass - ok
10:37:55.0123 1112 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:37:55.0123 1112 mouhid - ok
10:37:55.0154 1112 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:37:55.0154 1112 mountmgr - ok
10:37:55.0170 1112 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:37:55.0185 1112 mpio - ok
10:37:55.0201 1112 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:37:55.0248 1112 mpsdrv - ok
10:37:55.0295 1112 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:37:55.0341 1112 MpsSvc - ok
10:37:55.0357 1112 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:37:55.0388 1112 MRxDAV - ok
10:37:55.0404 1112 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:37:55.0451 1112 mrxsmb - ok
10:37:55.0482 1112 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:37:55.0513 1112 mrxsmb10 - ok
10:37:55.0529 1112 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:37:55.0560 1112 mrxsmb20 - ok
10:37:55.0575 1112 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
10:37:55.0591 1112 msahci - ok
10:37:55.0607 1112 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:37:55.0607 1112 msdsm - ok
10:37:55.0638 1112 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:37:55.0653 1112 MSDTC - ok
10:37:55.0685 1112 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:37:55.0731 1112 Msfs - ok
10:37:55.0763 1112 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:37:55.0809 1112 mshidkmdf - ok
10:37:55.0841 1112 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:37:55.0841 1112 msisadrv - ok
10:37:55.0872 1112 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:37:55.0903 1112 MSiSCSI - ok
10:37:55.0903 1112 msiserver - ok
10:37:55.0934 1112 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:37:55.0950 1112 MSKSSRV - ok
10:37:55.0981 1112 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:37:56.0012 1112 MSPCLOCK - ok
10:37:56.0028 1112 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:37:56.0075 1112 MSPQM - ok
10:37:56.0106 1112 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:37:56.0106 1112 MsRPC - ok
10:37:56.0121 1112 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:37:56.0121 1112 mssmbios - ok
10:37:56.0168 1112 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:37:56.0199 1112 MSTEE - ok
10:37:56.0231 1112 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:37:56.0262 1112 MTConfig - ok
10:37:56.0293 1112 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:37:56.0309 1112 Mup - ok
10:37:56.0340 1112 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:37:56.0387 1112 napagent - ok
10:37:56.0449 1112 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:37:56.0480 1112 NativeWifiP - ok
10:37:56.0543 1112 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:37:56.0558 1112 NDIS - ok
10:37:56.0589 1112 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:37:56.0636 1112 NdisCap - ok
10:37:56.0652 1112 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:37:56.0683 1112 NdisTapi - ok
10:37:56.0714 1112 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:37:56.0730 1112 Ndisuio - ok
10:37:56.0761 1112 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:37:56.0808 1112 NdisWan - ok
10:37:56.0823 1112 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:37:56.0870 1112 NDProxy - ok
10:37:56.0901 1112 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:37:56.0948 1112 NetBIOS - ok
10:37:56.0964 1112 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:37:57.0011 1112 NetBT - ok
10:37:57.0026 1112 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:37:57.0042 1112 Netlogon - ok
10:37:57.0073 1112 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:37:57.0120 1112 Netman - ok
10:37:57.0151 1112 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:37:57.0198 1112 netprofm - ok
10:37:57.0229 1112 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:37:57.0245 1112 NetTcpPortSharing - ok
10:37:57.0276 1112 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:37:57.0291 1112 nfrd960 - ok
10:37:57.0479 1112 [ 7C272C9E8696A63A58D3A835FD446212 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
10:37:57.0635 1112 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
10:37:57.0635 1112 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
10:37:57.0666 1112 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:37:57.0728 1112 NlaSvc - ok
10:37:57.0759 1112 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:37:57.0791 1112 Npfs - ok
10:37:57.0806 1112 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:37:57.0853 1112 nsi - ok
10:37:57.0869 1112 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:37:57.0884 1112 nsiproxy - ok
10:37:57.0931 1112 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:37:57.0962 1112 Ntfs - ok
10:37:57.0978 1112 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:37:58.0025 1112 Null - ok
10:37:58.0071 1112 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:37:58.0087 1112 NVHDA - ok
10:37:58.0368 1112 [ FB2DC1985AC763AAC1B293441695BA34 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:37:58.0695 1112 nvlddmkm - ok
10:37:58.0727 1112 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:37:58.0742 1112 nvraid - ok
10:37:58.0758 1112 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:37:58.0773 1112 nvstor - ok
10:37:58.0820 1112 [ 0C0EE3E423AE115363E6C497D6D430E1 ] NVSvc C:\Windows\system32\nvvsvc.exe
10:37:58.0851 1112 NVSvc - ok
10:37:58.0883 1112 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:37:58.0883 1112 nv_agp - ok
10:37:58.0914 1112 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:37:58.0929 1112 ohci1394 - ok
10:37:58.0992 1112 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:37:59.0007 1112 ose - ok
10:37:59.0179 1112 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:37:59.0351 1112 osppsvc - ok
10:37:59.0382 1112 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:37:59.0429 1112 p2pimsvc - ok
10:37:59.0460 1112 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:37:59.0475 1112 p2psvc - ok
10:37:59.0507 1112 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:37:59.0538 1112 Parport - ok
10:37:59.0569 1112 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:37:59.0569 1112 partmgr - ok
10:37:59.0600 1112 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:37:59.0631 1112 PcaSvc - ok
10:37:59.0663 1112 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:37:59.0678 1112 pci - ok
10:37:59.0678 1112 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
10:37:59.0694 1112 pciide - ok
10:37:59.0709 1112 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:37:59.0709 1112 pcmcia - ok
10:37:59.0741 1112 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:37:59.0741 1112 pcw - ok
10:37:59.0772 1112 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:37:59.0819 1112 PEAUTH - ok
10:37:59.0897 1112 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:37:59.0928 1112 PerfHost - ok
10:37:59.0959 1112 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
10:37:59.0959 1112 PGEffect - ok
10:38:00.0006 1112 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:38:00.0053 1112 pla - ok
10:38:00.0084 1112 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:38:00.0131 1112 PlugPlay - ok
10:38:00.0146 1112 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:38:00.0162 1112 PNRPAutoReg - ok
10:38:00.0193 1112 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:38:00.0209 1112 PNRPsvc - ok
10:38:00.0240 1112 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:38:00.0302 1112 PolicyAgent - ok
10:38:00.0333 1112 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:38:00.0380 1112 Power - ok
10:38:00.0411 1112 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:38:00.0458 1112 PptpMiniport - ok
10:38:00.0474 1112 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:38:00.0505 1112 Processor - ok
10:38:00.0536 1112 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:38:00.0583 1112 ProfSvc - ok
10:38:00.0599 1112 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:38:00.0599 1112 ProtectedStorage - ok
10:38:00.0630 1112 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:38:00.0677 1112 Psched - ok
10:38:00.0723 1112 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:38:00.0770 1112 ql2300 - ok
10:38:00.0786 1112 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:38:00.0801 1112 ql40xx - ok
10:38:00.0833 1112 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:38:00.0833 1112 QWAVE - ok
10:38:00.0848 1112 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:38:00.0879 1112 QWAVEdrv - ok
10:38:00.0895 1112 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:38:00.0911 1112 RasAcd - ok
10:38:00.0957 1112 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:38:01.0004 1112 RasAgileVpn - ok
10:38:01.0035 1112 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:38:01.0082 1112 RasAuto - ok
10:38:01.0098 1112 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:38:01.0145 1112 Rasl2tp - ok
10:38:01.0176 1112 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:38:01.0207 1112 RasMan - ok
10:38:01.0223 1112 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:38:01.0269 1112 RasPppoe - ok
10:38:01.0285 1112 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:38:01.0332 1112 RasSstp - ok
10:38:01.0363 1112 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:38:01.0410 1112 rdbss - ok
10:38:01.0425 1112 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:38:01.0457 1112 rdpbus - ok
10:38:01.0472 1112 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:38:01.0519 1112 RDPCDD - ok
10:38:01.0550 1112 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:38:01.0566 1112 RDPENCDD - ok
10:38:01.0581 1112 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:38:01.0613 1112 RDPREFMP - ok
10:38:01.0628 1112 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:38:01.0691 1112 RDPWD - ok
10:38:01.0706 1112 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:38:01.0722 1112 rdyboost - ok
10:38:01.0737 1112 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:38:01.0769 1112 RemoteAccess - ok
10:38:01.0800 1112 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:38:01.0847 1112 RemoteRegistry - ok
10:38:01.0878 1112 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:38:01.0925 1112 RpcEptMapper - ok
10:38:01.0956 1112 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:38:01.0956 1112 RpcLocator - ok
10:38:01.0987 1112 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:38:02.0018 1112 RpcSs - ok
10:38:02.0034 1112 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:38:02.0081 1112 rspndr - ok
10:38:02.0143 1112 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
10:38:02.0159 1112 RSUSBSTOR - ok
10:38:02.0190 1112 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:38:02.0205 1112 RTL8167 - ok
10:38:02.0268 1112 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
10:38:02.0283 1112 RTL8192Ce - ok
10:38:02.0299 1112 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:38:02.0299 1112 SamSs - ok
10:38:02.0330 1112 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:38:02.0346 1112 sbp2port - ok
10:38:02.0377 1112 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:38:02.0408 1112 SCardSvr - ok
10:38:02.0439 1112 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:38:02.0486 1112 scfilter - ok
10:38:02.0533 1112 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:38:02.0580 1112 Schedule - ok
10:38:02.0611 1112 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:38:02.0642 1112 SCPolicySvc - ok
10:38:02.0658 1112 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:38:02.0705 1112 SDRSVC - ok
10:38:02.0736 1112 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:38:02.0767 1112 secdrv - ok
10:38:02.0783 1112 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:38:02.0814 1112 seclogon - ok
10:38:02.0814 1112 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:38:02.0861 1112 SENS - ok
10:38:02.0892 1112 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:38:02.0939 1112 SensrSvc - ok
10:38:02.0970 1112 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:38:02.0985 1112 Serenum - ok
10:38:03.0032 1112 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:38:03.0063 1112 Serial - ok
10:38:03.0079 1112 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:38:03.0110 1112 sermouse - ok
10:38:03.0126 1112 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:38:03.0157 1112 SessionEnv - ok
10:38:03.0173 1112 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:38:03.0204 1112 sffdisk - ok
10:38:03.0235 1112 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:38:03.0266 1112 sffp_mmc - ok
10:38:03.0266 1112 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:38:03.0282 1112 sffp_sd - ok
10:38:03.0297 1112 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:38:03.0329 1112 sfloppy - ok
10:38:03.0360 1112 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:38:03.0375 1112 Sftfs - ok
10:38:03.0422 1112 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:38:03.0438 1112 sftlist - ok
10:38:03.0453 1112 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:38:03.0453 1112 Sftplay - ok
10:38:03.0469 1112 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:38:03.0485 1112 Sftredir - ok
10:38:03.0485 1112 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:38:03.0485 1112 Sftvol - ok
10:38:03.0500 1112 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:38:03.0516 1112 sftvsa - ok
10:38:03.0563 1112 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:38:03.0609 1112 SharedAccess - ok
10:38:03.0641 1112 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:38:03.0703 1112 ShellHWDetection - ok
10:38:03.0719 1112 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:38:03.0734 1112 SiSRaid2 - ok
10:38:03.0750 1112 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:38:03.0765 1112 SiSRaid4 - ok
10:38:03.0843 1112 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:38:03.0859 1112 SkypeUpdate - ok
10:38:03.0890 1112 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:38:03.0937 1112 Smb - ok
10:38:03.0984 1112 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:38:03.0999 1112 SNMPTRAP - ok
10:38:04.0031 1112 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:38:04.0046 1112 spldr - ok
10:38:04.0077 1112 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:38:04.0109 1112 Spooler - ok
10:38:04.0187 1112 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:38:04.0280 1112 sppsvc - ok
10:38:04.0296 1112 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:38:04.0343 1112 sppuinotify - ok
10:38:04.0389 1112 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:38:04.0405 1112 srv - ok
10:38:04.0436 1112 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:38:04.0467 1112 srv2 - ok
10:38:04.0499 1112 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:38:04.0514 1112 srvnet - ok
10:38:04.0561 1112 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:38:04.0592 1112 SSDPSRV - ok
10:38:04.0623 1112 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:38:04.0655 1112 SstpSvc - ok
10:38:04.0670 1112 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:38:04.0686 1112 stexstor - ok
10:38:04.0733 1112 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:38:04.0764 1112 stisvc - ok
10:38:04.0779 1112 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:38:04.0779 1112 swenum - ok
10:38:04.0826 1112 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:38:04.0873 1112 swprv - ok
10:38:04.0935 1112 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:38:04.0967 1112 SynTP - ok
10:38:05.0029 1112 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:38:05.0076 1112 SysMain - ok
10:38:05.0091 1112 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:38:05.0107 1112 TabletInputService - ok
10:38:05.0138 1112 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:38:05.0185 1112 TapiSrv - ok
10:38:05.0201 1112 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:38:05.0232 1112 TBS - ok
10:38:05.0310 1112 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:38:05.0357 1112 Tcpip - ok
10:38:05.0388 1112 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:38:05.0419 1112 TCPIP6 - ok
10:38:05.0435 1112 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:38:05.0481 1112 tcpipreg - ok
10:38:05.0544 1112 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:38:05.0544 1112 tdcmdpst - ok
10:38:05.0559 1112 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:38:05.0591 1112 TDPIPE - ok
10:38:05.0622 1112 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:38:05.0637 1112 TDTCP - ok
10:38:05.0669 1112 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:38:05.0715 1112 tdx - ok
10:38:05.0778 1112 [ 1B709733A04DCC41A63F9CD1F76A4EBE ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
10:38:05.0778 1112 TemproMonitoringService - ok
10:38:05.0809 1112 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:38:05.0809 1112 TermDD - ok
10:38:05.0856 1112 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:38:05.0903 1112 TermService - ok
10:38:05.0918 1112 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:38:05.0949 1112 Themes - ok
10:38:05.0965 1112 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:38:05.0981 1112 THREADORDER - ok
10:38:06.0043 1112 [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
10:38:06.0059 1112 TMachInfo - ok
10:38:06.0074 1112 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
10:38:06.0090 1112 TODDSrv - ok
10:38:06.0168 1112 [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:38:06.0183 1112 TosCoSrv - ok
10:38:06.0215 1112 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
10:38:06.0215 1112 TOSHIBA HDD SSD Alert Service - ok
10:38:06.0246 1112 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:38:06.0277 1112 TrkWks - ok
10:38:06.0324 1112 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:38:06.0371 1112 TrustedInstaller - ok
10:38:06.0402 1112 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:38:06.0433 1112 tssecsrv - ok
10:38:06.0464 1112 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:38:06.0495 1112 TsUsbFlt - ok
10:38:06.0527 1112 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:38:06.0542 1112 TsUsbGD - ok
10:38:06.0573 1112 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:38:06.0589 1112 tunnel - ok
10:38:06.0636 1112 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:38:06.0651 1112 TVALZ - ok
10:38:06.0651 1112 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:38:06.0667 1112 uagp35 - ok
10:38:06.0683 1112 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:38:06.0729 1112 udfs - ok
10:38:06.0776 1112 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:38:06.0776 1112 UI0Detect - ok
10:38:06.0807 1112 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:38:06.0823 1112 uliagpkx - ok
10:38:06.0839 1112 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:38:06.0870 1112 umbus - ok
10:38:06.0885 1112 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:38:06.0917 1112 UmPass - ok
10:38:07.0010 1112 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:38:07.0057 1112 UNS - ok
10:38:07.0088 1112 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:38:07.0135 1112 upnphost - ok
10:38:07.0182 1112 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:38:07.0197 1112 usbaudio - ok
10:38:07.0229 1112 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:38:07.0260 1112 usbccgp - ok
10:38:07.0291 1112 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:38:07.0307 1112 usbcir - ok
10:38:07.0322 1112 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:38:07.0353 1112 usbehci - ok
10:38:07.0416 1112 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
10:38:07.0431 1112 usbhub - ok
10:38:07.0447 1112 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:38:07.0478 1112 usbohci - ok
10:38:07.0478 1112 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:38:07.0494 1112 usbprint - ok
10:38:07.0509 1112 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:38:07.0556 1112 USBSTOR - ok
10:38:07.0587 1112 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:38:07.0603 1112 usbuhci - ok
10:38:07.0650 1112 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:38:07.0681 1112 usbvideo - ok
10:38:07.0697 1112 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:38:07.0743 1112 UxSms - ok
10:38:07.0759 1112 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:38:07.0775 1112 VaultSvc - ok
10:38:07.0806 1112 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:38:07.0806 1112 vdrvroot - ok
10:38:07.0837 1112 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:38:07.0868 1112 vds - ok
10:38:07.0915 1112 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:38:07.0915 1112 vga - ok
10:38:07.0931 1112 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:38:07.0977 1112 VgaSave - ok
10:38:07.0993 1112 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:38:08.0009 1112 vhdmp - ok
10:38:08.0024 1112 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:38:08.0040 1112 viaide - ok
10:38:08.0055 1112 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:38:08.0071 1112 volmgr - ok
10:38:08.0087 1112 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:38:08.0087 1112 volmgrx - ok
10:38:08.0118 1112 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:38:08.0118 1112 volsnap - ok
10:38:08.0133 1112 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:38:08.0149 1112 vsmraid - ok
10:38:08.0196 1112 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:38:08.0243 1112 VSS - ok
10:38:08.0336 1112 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
10:38:08.0352 1112 vToolbarUpdater12.2.0 - ok
10:38:08.0383 1112 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:38:08.0414 1112 vwifibus - ok
10:38:08.0461 1112 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:38:08.0477 1112 vwififlt - ok
10:38:08.0508 1112 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:38:08.0523 1112 vwifimp - ok
10:38:08.0555 1112 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:38:08.0586 1112 W32Time - ok
10:38:08.0617 1112 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:38:08.0648 1112 WacomPen - ok
10:38:08.0679 1112 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:38:08.0695 1112 WANARP - ok
10:38:08.0695 1112 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:38:08.0726 1112 Wanarpv6 - ok
10:38:08.0773 1112 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:38:08.0804 1112 WatAdminSvc - ok
10:38:08.0851 1112 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:38:08.0898 1112 wbengine - ok
10:38:08.0913 1112 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:38:08.0929 1112 WbioSrvc - ok
10:38:08.0945 1112 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:38:08.0991 1112 wcncsvc - ok
10:38:09.0007 1112 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:38:09.0054 1112 WcsPlugInService - ok
10:38:09.0085 1112 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:38:09.0085 1112 Wd - ok
10:38:09.0116 1112 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:38:09.0132 1112 Wdf01000 - ok
10:38:09.0147 1112 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:38:09.0225 1112 WdiServiceHost - ok
10:38:09.0225 1112 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:38:09.0241 1112 WdiSystemHost - ok
10:38:09.0272 1112 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:38:09.0303 1112 WebClient - ok
10:38:09.0335 1112 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:38:09.0381 1112 Wecsvc - ok
10:38:09.0397 1112 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:38:09.0428 1112 wercplsupport - ok
10:38:09.0459 1112 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:38:09.0506 1112 WerSvc - ok
10:38:09.0537 1112 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:38:09.0569 1112 WfpLwf - ok
10:38:09.0584 1112 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:38:09.0584 1112 WIMMount - ok
10:38:09.0600 1112 WinDefend - ok
10:38:09.0615 1112 WinHttpAutoProxySvc - ok
10:38:09.0647 1112 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:38:09.0678 1112 Winmgmt - ok
10:38:09.0725 1112 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:38:09.0771 1112 WinRM - ok
10:38:09.0834 1112 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:38:09.0881 1112 Wlansvc - ok
10:38:09.0943 1112 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:38:09.0959 1112 wlcrasvc - ok
10:38:10.0037 1112 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:38:10.0083 1112 wlidsvc - ok
10:38:10.0099 1112 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:38:10.0130 1112 WmiAcpi - ok
10:38:10.0161 1112 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:38:10.0177 1112 wmiApSrv - ok
10:38:10.0193 1112 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:38:10.0208 1112 WPCSvc - ok
10:38:10.0224 1112 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:38:10.0255 1112 WPDBusEnum - ok
10:38:10.0271 1112 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:38:10.0302 1112 ws2ifsl - ok
10:38:10.0317 1112 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:38:10.0317 1112 wscsvc - ok
10:38:10.0333 1112 WSearch - ok
10:38:10.0380 1112 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:38:10.0442 1112 wuauserv - ok
10:38:10.0458 1112 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:38:10.0473 1112 WudfPf - ok
10:38:10.0505 1112 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:38:10.0551 1112 WUDFRd - ok
10:38:10.0567 1112 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:38:10.0598 1112 wudfsvc - ok
10:38:10.0614 1112 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:38:10.0661 1112 WwanSvc - ok
10:38:10.0692 1112 ================ Scan global ===============================
10:38:10.0707 1112 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:38:10.0754 1112 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:38:10.0754 1112 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:38:10.0785 1112 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:38:10.0801 1112 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:38:10.0817 1112 [Global] - ok
10:38:10.0817 1112 ================ Scan MBR ==================================
10:38:10.0832 1112 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:38:11.0004 1112 \Device\Harddisk0\DR0 - ok
10:38:11.0004 1112 ================ Scan VBR ==================================
10:38:11.0035 1112 [ 663C0542B6BE61042B4CE6E9991F1A8E ] \Device\Harddisk0\DR0\Partition1
10:38:11.0051 1112 \Device\Harddisk0\DR0\Partition1 - ok
10:38:11.0066 1112 [ 1FE4519FF92FC205B30D159120755FC2 ] \Device\Harddisk0\DR0\Partition2
10:38:11.0066 1112 \Device\Harddisk0\DR0\Partition2 - ok
10:38:11.0066 1112 ============================================================
10:38:11.0066 1112 Scan finished
10:38:11.0066 1112 ============================================================
10:38:11.0066 3620 Detected object count: 3
10:38:11.0066 3620 Actual detected object count: 3
10:38:45.0776 3620 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
10:38:45.0776 3620 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:38:45.0776 3620 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:38:45.0776 3620 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:38:45.0776 3620 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
10:38:45.0776 3620 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:40:41.0903 3064 Deinitialize success
|
|
17.09.2012, 12:16
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
18.09.2012, 12:32
| #19 |
| | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Hier der Combo Fix Bericht. Da der Bericht zu groß ist habe ich mir 7 zip runtergeladen.Danach hat sich My Start als Browser eingeschlichen habe dan 7 zip wieder gelöcht und alles was ich an My Start auf mein Rechner finden konnte.Inzwichen geht der standart Browser.Doch wenn ich einen neuen Tap öffne und nicht Rechzeitig auf das Haus oben rechts klicke dan öffnet sich wieder My Start.Dazu kommt das der Volume Regler in der Task Leiste auch wieder Verschwunden ist.Kann ich jetzt nach den Combo Fix Scan eine Systemwiederherstellung Starten? Um das mit den Volume Regler und My Start zu beenden.grüße matzepeng |
|
19.09.2012, 08:43
| #20 |
| | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! wollte noch schnell bescheid geben das jetzt wieder der Volume regler in der Taskleiste Funktioniert! |
|
19.09.2012, 16:01
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! |
|
20.09.2012, 21:24
| #22 |
| | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Den GMER Log in der Zwichenablage konnte ich nicht finden.Ich glaube das funktioniert anders als bei meinen alte XP. Hier die anderen beiden Logs # AdwCleaner v2.001 - Datei am 09/13/2012 um 18:51:53 erstellt # Aktualisiert am 09/09/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Mathias Wehpke - MATHIASWEHPKE # Bootmodus : Normal # Ausgeführt unter : C:\Users\Mathias Wehpke\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml Datei Gelöscht : C:\Users\Mathias Wehpke\AppData\Local\funmoods.crx Datei Gelöscht : C:\Users\Mathias Wehpke\AppData\Local\funmoods-speeddial.crx Datei Gelöscht : C:\Users\Mathias Wehpke\AppData\Roaming\Mozilla\Firefox\Profiles\hrc7l44c.default\searchplugins\search.xml Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\AVG Secure Search Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search Ordner Gelöscht : C:\ProgramData\AVG Secure Search Ordner Gelöscht : C:\ProgramData\Partner Ordner Gelöscht : C:\Users\Mathias Wehpke\AppData\Local\AVG Secure Search Ordner Gelöscht : C:\Users\Mathias Wehpke\AppData\Roaming\Mozilla\Firefox\Profiles\hrc7l44c.default\extensions\ffxtlbr@funmoods.com ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gelöscht : HKCU\Software\AVG Secure Search Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gelöscht : HKLM\Software\AVG Secure Search Schlüssel Gelöscht : HKLM\Software\Babylon Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Schlüssel Gelöscht : HKLM\SOFTWARE\Software Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16421 Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={A97FE354-88CA-4DAB-B169-C58B3D963240}&mid=af3a64d909244ed8b19557c2ffd64935-e7ea363af7b30adb67d08055fac976fd6a6a4ae0&lang=de&ds=hk011&pr=sa&d=2012-08-17 12:21:31&v=12.2.0.5&sap=hp --> hxxp://www.google.com -\\ Mozilla Firefox v15.0.1 (de) Profilname : default Datei : C:\Users\Mathias Wehpke\AppData\Roaming\Mozilla\Firefox\Profiles\hrc7l44c.default\prefs.js Gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.1,{972ce4c6-7e08-4474-a285-3208198ce[...] ************************* AdwCleaner[R1].txt - [6678 octets] - [13/09/2012 09:56:33] AdwCleaner[R2].txt - [6738 octets] - [13/09/2012 09:59:21] AdwCleaner[S1].txt - [7266 octets] - [13/09/2012 18:51:53] ########## EOF - C:\AdwCleaner[S1].txt - [7326 octets] ########## OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 18:40:04 on 20.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avgtp" (avgtp) - "AVG Technologies" - C:\Windows\system32\drivers\avgtpx64.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\SysWOW64\drivers\Afc.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {3EF5086B-5478-4598-A054-786C45D75692} "application/x-mfe-ipt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {5513F07E-936B-4E52-9B00-067394E91CC5} "dssrequest" - ? - (File not found | COM-object registry key not found) {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {5513F07E-936B-4E52-9B00-067394E91CC5} "sacore" - ? - (File not found | COM-object registry key not found) {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - ? - C:\Program Files (x86)\7-Zip\7-zip.dll (File not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} "@C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229" - "TODO: <会社名>" - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll "PokerStars.net" - "PokerStars" - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {F3C88694-EFFA-4d78-B409-54B7B2535B14} "TOSHIBA Media Controller Plug-in" - "<TOSHIBA>" - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll {336D0C35-8A85-403a-B9D2-65C292C39087} "Web Assistant" - ? - C:\Program Files\Web Assistant\Extension32.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Mathias Wehpke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "TOPI.EXE" - "TOSHIBA" - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUP -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ArcSoft Connection Service" - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "HWSetup" - "TOSHIBA Electronics, Inc." - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP "KeNotify" - "TOSHIBA CORPORATION" - "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM "SVPWUTIL" - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "ConfigFree Service" (ConfigFree Service) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe "ConfigFree WiMAX Service" (cfWiMAXService) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe "IconMan_R" (IconMan_R) - "Realsil Microelectronics Inc." - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "McAfee Activation Service" (McAWFwk) - ? - c:\PROGRA~1\mcafee\msc\mcawfwk.exe (File not found) "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "NIHardwareService" (NIHardwareService) - "Native Instruments GmbH" - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe "Notebook Performance Tuning Service (TEMPRO)" (TemproMonitoringService) - "Toshiba Europe GmbH" - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe "NVIDIA Driver Helper Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "TMachInfo" (TMachInfo) - "TOSHIBA Corporation" - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe "TOSHIBA HDD SSD Alert Service" (TOSHIBA HDD SSD Alert Service) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe "TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe "TOSHIBA Power Saver" (TosCoSrv) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe "vToolbarUpdater12.2.0" (vToolbarUpdater12.2.0) - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe "Web Assistant Updater" (Web Assistant Updater) - ? - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (File found, but it contains no detailed information) "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru grüße matzeatze |
|
21.09.2012, 13:47
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Das aswMBR Log fehlt, dafür steht da ein nicht angefordertes Log vom adwCleaner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.09.2012, 17:34
| #24 |
| | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-09-20 21:05:47 ----------------------------- 21:05:47.418 OS Version: Windows x64 6.1.7601 Service Pack 1 21:05:47.418 Number of processors: 4 586 0x2A07 21:05:47.418 ComputerName: MATHIASWEHPKE UserName: 21:05:48.120 Initialize success 21:05:54.001 AVAST engine defs: 12092000 21:06:39.600 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 21:06:39.615 Disk 0 Vendor: TOSHIBA_ GT00 Size: 476940MB BusType: 3 21:06:39.631 Disk 0 MBR read successfully 21:06:39.631 Disk 0 MBR scan 21:06:39.662 Disk 0 Windows 7 default MBR code 21:06:39.678 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048 21:06:39.693 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238470 MB offset 821248 21:06:39.725 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 238069 MB offset 489207808 21:06:39.771 Disk 0 scanning C:\Windows\system32\drivers 21:06:52.518 Service scanning 21:07:27.559 Modules scanning 21:07:27.574 Disk 0 trace - called modules: 21:07:27.605 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 21:07:28.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800634e060] 21:07:28.136 3 CLASSPNP.SYS[fffff880013cb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800455d050] 21:07:28.151 Scan finished successfully 21:08:48.929 Disk 0 MBR has been saved successfully to "C:\Users\Public\Documents\MBR.dat" 21:08:48.929 The log file has been saved successfully to "C:\Users\Public\Documents\aswMBR.txt" grüße matzeatze |
|
23.09.2012, 19:16
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! Bitte CODE-Tags für die Logs verwenden! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Der Volume Regler und die Akku Anzeige von der Taskleiste verschwunden - Trojaner Fund! |
| 4d36e972-e325-11ce-bfc1-08002be10318, adware/yontoo.e.1, avg secure search, avg security toolbar, avira, bho, browser, cid, converter, datei gelöscht, desktop, downloader, firefox, flash player, google, home, langs, lanmanworkstation, launch, logfile, malewarbytes, mp3, nodrives, plug-in, realtek, registry, scan, secure search, security, server, software, teredo, trojaner, trojaner board, usb, usb 2.0, verweise, viren, virus, vtoolbarupdater, windows |
Linear-Darstellung
