| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.11.2012, 18:51
| #1 |
| |  TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Hallo, bin neu hier. Habe beim Download von Orcs Must Die 2 mit Steam die Warnung von Avira bekommen, dass in \Steam\steamapps\downloading\201790\build\release\OrcsMustDie2.exe TR/ATRAPS.Gen gefunden wurde. Habe mir diesen Thread durchgelesen. Hatte bisher eigentlich noch nicht viele Probleme mit sowas. Allerdings wurden auch schon Nachrichten von meinem E-Mail-Konto versendet und ich habe das Gefühl, dass meine Internet-Verbindung ab und zu langsam wird. Vielen Dank im Vorraus. |
|
28.11.2012, 21:34
| #2 | |
| /// TB-Ausbilder  | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich. Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
__________________ |
|
28.11.2012, 22:12
| #3 |
| | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden So hier sind die gewünschten Log Files
__________________defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:10 on 28/11/2012 (Dirk)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Already disabled
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-28 22:02:37
-----------------------------
22:02:37.218 OS Version: Windows x64 6.1.7601 Service Pack 1
22:02:37.218 Number of processors: 2 586 0x602
22:02:37.218 ComputerName: DIRK_**** UserName: Dirk
22:02:39.839 Initialize success
22:04:51.868 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:04:51.868 Disk 0 Vendor: WDC_WD3200BEVT-26ZCT0 12.01A12 Size: 305245MB BusType: 11
22:04:51.883 Disk 0 MBR read successfully
22:04:51.899 Disk 0 MBR scan
22:04:51.899 Disk 0 Windows 7 default MBR code
22:04:51.899 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
22:04:51.914 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 51723 MB offset 821248
22:04:51.930 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 100892 MB offset 106751925
22:04:51.946 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 152220 MB offset 313391104
22:04:51.992 Disk 0 scanning C:\Windows\system32\drivers
22:05:19.699 Service scanning
22:06:06.531 Modules scanning
22:06:06.547 Disk 0 trace - called modules:
22:06:06.578 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:06:07.093 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004adb480]
22:06:07.109 3 CLASSPNP.SYS[fffff88001b3b43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004a43680]
22:06:07.109 Scan finished successfully
22:06:21.524 Disk 0 MBR has been saved successfully to "D:\Downloads\MBR.dat"
22:06:21.524 The log file has been saved successfully to "D:\Downloads\aswMBR.txt"
Code:
ATTFilter 22:06:36.0003 8168 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:06:36.0486 8168 ============================================================
22:06:36.0486 8168 Current date / time: 2012/11/28 22:06:36.0486
22:06:36.0486 8168 SystemInfo:
22:06:36.0486 8168
22:06:36.0486 8168 OS Version: 6.1.7601 ServicePack: 1.0
22:06:36.0486 8168 Product type: Workstation
22:06:36.0486 8168 ComputerName: DIRK_****
22:06:36.0486 8168 UserName: Dirk
22:06:36.0486 8168 Windows directory: C:\Windows
22:06:36.0486 8168 System windows directory: C:\Windows
22:06:36.0486 8168 Running under WOW64
22:06:36.0486 8168 Processor architecture: Intel x64
22:06:36.0486 8168 Number of processors: 2
22:06:36.0486 8168 Page size: 0x1000
22:06:36.0486 8168 Boot type: Normal boot
22:06:36.0486 8168 ============================================================
22:06:37.0734 8168 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:06:37.0750 8168 ============================================================
22:06:37.0750 8168 \Device\Harddisk0\DR0:
22:06:37.0750 8168 MBR partitions:
22:06:37.0750 8168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x6505FB5
22:06:37.0750 8168 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x65CE7B5, BlocksNum 0xC50E4BE
22:06:37.0750 8168 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294E000
22:06:37.0750 8168 ============================================================
22:06:37.0797 8168 C: <-> \Device\Harddisk0\DR0\Partition1
22:06:37.0844 8168 D: <-> \Device\Harddisk0\DR0\Partition3
22:06:37.0890 8168 E: <-> \Device\Harddisk0\DR0\Partition2
22:06:37.0890 8168 ============================================================
22:06:37.0890 8168 Initialize success
22:06:37.0890 8168 ============================================================
22:06:47.0921 5148 ============================================================
22:06:47.0921 5148 Scan started
22:06:47.0921 5148 Mode: Manual; TDLFS;
22:06:47.0921 5148 ============================================================
22:06:48.0779 5148 ================ Scan system memory ========================
22:06:48.0779 5148 System memory - ok
22:06:48.0779 5148 ================ Scan services =============================
22:06:48.0998 5148 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:06:49.0013 5148 1394ohci - ok
22:06:49.0044 5148 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
22:06:49.0060 5148 acedrv11 - ok
22:06:49.0107 5148 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:06:49.0122 5148 ACPI - ok
22:06:49.0154 5148 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:06:49.0154 5148 AcpiPmi - ok
22:06:49.0278 5148 [ EAC4C4CB23EA3C267062F1EA0F9FFBB3 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
22:06:49.0310 5148 AcrSch2Svc - ok
22:06:49.0372 5148 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:06:49.0372 5148 Adobe LM Service - ok
22:06:49.0450 5148 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:06:49.0450 5148 AdobeARMservice - ok
22:06:49.0653 5148 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:06:49.0653 5148 AdobeFlashPlayerUpdateSvc - ok
22:06:49.0715 5148 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:06:49.0731 5148 adp94xx - ok
22:06:49.0778 5148 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:06:49.0778 5148 adpahci - ok
22:06:49.0809 5148 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:06:49.0809 5148 adpu320 - ok
22:06:49.0840 5148 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:06:49.0840 5148 AeLookupSvc - ok
22:06:49.0887 5148 [ 3426A6EAA09077F3AB946FB9CEB85D8E ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
22:06:49.0887 5148 afcdp - ok
22:06:49.0996 5148 [ 986A134B1A1770599B7AF9354CBB066F ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
22:06:50.0058 5148 afcdpsrv - ok
22:06:50.0121 5148 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:06:50.0152 5148 AFD - ok
22:06:50.0214 5148 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
22:06:50.0261 5148 AgereSoftModem - ok
22:06:50.0308 5148 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:06:50.0308 5148 agp440 - ok
22:06:50.0370 5148 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:06:50.0370 5148 ALG - ok
22:06:50.0402 5148 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:06:50.0402 5148 aliide - ok
22:06:50.0448 5148 [ 98A2774D3F18C107874C8C1163EBE484 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:06:50.0448 5148 AMD External Events Utility - ok
22:06:50.0542 5148 AMD FUEL Service - ok
22:06:50.0589 5148 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
22:06:50.0589 5148 AMD Reservation Manager - ok
22:06:50.0604 5148 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:06:50.0604 5148 amdide - ok
22:06:50.0651 5148 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
22:06:50.0651 5148 amdiox64 - ok
22:06:50.0698 5148 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:06:50.0698 5148 AmdK8 - ok
22:06:50.0729 5148 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:06:50.0729 5148 AmdPPM - ok
22:06:50.0792 5148 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:06:50.0792 5148 amdsata - ok
22:06:50.0838 5148 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:06:50.0838 5148 amdsbs - ok
22:06:50.0854 5148 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:06:50.0854 5148 amdxata - ok
22:06:50.0932 5148 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
22:06:50.0932 5148 androidusb - ok
22:06:51.0119 5148 [ 07194A09DC27C99A2474251DE27F6E17 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:06:51.0119 5148 AntiVirSchedulerService - ok
22:06:51.0166 5148 [ F0964ECD283591E7686AF912298B9F39 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:06:51.0166 5148 AntiVirService - ok
22:06:51.0244 5148 [ 7CE7D6019D0D73F9203BA4FF4BA35B6A ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
22:06:51.0244 5148 AnyDVD - ok
22:06:51.0260 5148 AODDriver4.0 - ok
22:06:51.0338 5148 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
22:06:51.0353 5148 AppHostSvc - ok
22:06:51.0400 5148 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:06:51.0400 5148 AppID - ok
22:06:51.0447 5148 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:06:51.0447 5148 AppIDSvc - ok
22:06:51.0478 5148 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:06:51.0478 5148 Appinfo - ok
22:06:51.0572 5148 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:06:51.0587 5148 Apple Mobile Device - ok
22:06:51.0634 5148 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:06:51.0634 5148 arc - ok
22:06:51.0650 5148 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:06:51.0650 5148 arcsas - ok
22:06:51.0790 5148 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:06:51.0806 5148 aspnet_state - ok
22:06:51.0852 5148 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:06:51.0852 5148 AsyncMac - ok
22:06:51.0884 5148 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:06:51.0884 5148 atapi - ok
22:06:52.0102 5148 [ 173F4C05F87085E9BDA3F7037BC9F40E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:06:52.0258 5148 atikmdag - ok
22:06:52.0398 5148 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
22:06:52.0398 5148 AtiPcie - ok
22:06:52.0476 5148 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:06:52.0492 5148 atksgt - ok
22:06:52.0539 5148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:06:52.0570 5148 AudioEndpointBuilder - ok
22:06:52.0586 5148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:06:52.0601 5148 AudioSrv - ok
22:06:52.0664 5148 [ 58AEE8F9E26595ADEB6F008FBB0D6174 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:06:52.0679 5148 avgntflt - ok
22:06:52.0742 5148 [ 37D3D3D28B107BCBC1C0137FF31AE480 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:06:52.0742 5148 avipbb - ok
22:06:52.0773 5148 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:06:52.0773 5148 avkmgr - ok
22:06:52.0820 5148 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
22:06:52.0820 5148 avmaudio - ok
22:06:52.0866 5148 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:06:52.0882 5148 AxInstSV - ok
22:06:52.0929 5148 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:06:52.0944 5148 b06bdrv - ok
22:06:52.0991 5148 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:06:52.0991 5148 b57nd60a - ok
22:06:53.0038 5148 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:06:53.0038 5148 BDESVC - ok
22:06:53.0054 5148 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:06:53.0054 5148 Beep - ok
22:06:53.0116 5148 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:06:53.0147 5148 BFE - ok
22:06:53.0194 5148 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:06:53.0272 5148 BITS - ok
22:06:53.0303 5148 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:06:53.0303 5148 blbdrive - ok
22:06:53.0334 5148 BlueletAudio - ok
22:06:53.0334 5148 BlueletSCOAudio - ok
22:06:53.0412 5148 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:06:53.0412 5148 Bonjour Service - ok
22:06:53.0459 5148 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:06:53.0459 5148 bowser - ok
22:06:53.0522 5148 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:06:53.0522 5148 BrFiltLo - ok
22:06:53.0537 5148 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:06:53.0537 5148 BrFiltUp - ok
22:06:53.0553 5148 [ 5C2F352A4E961D72518261257AAE204B ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
22:06:53.0553 5148 Bridge - ok
22:06:53.0568 5148 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:06:53.0568 5148 BridgeMP - ok
22:06:53.0615 5148 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:06:53.0615 5148 Browser - ok
22:06:53.0662 5148 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:06:53.0662 5148 Brserid - ok
22:06:53.0678 5148 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:06:53.0678 5148 BrSerWdm - ok
22:06:53.0709 5148 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:06:53.0709 5148 BrUsbMdm - ok
22:06:53.0724 5148 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:06:53.0724 5148 BrUsbSer - ok
22:06:53.0740 5148 BT - ok
22:06:53.0756 5148 BTCOM - ok
22:06:53.0771 5148 BTCOMBUS - ok
22:06:53.0787 5148 Btcsrusb - ok
22:06:53.0818 5148 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:06:53.0818 5148 BthEnum - ok
22:06:53.0849 5148 [ 0E7FEF42F9E86A41ACFC41EAEBDA65F4 ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
22:06:53.0849 5148 BtHidBus - ok
22:06:53.0849 5148 BTHidEnum - ok
22:06:53.0849 5148 BTHidMgr - ok
22:06:53.0880 5148 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:06:53.0880 5148 BTHMODEM - ok
22:06:53.0912 5148 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:06:53.0912 5148 BthPan - ok
22:06:53.0958 5148 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:06:53.0958 5148 BTHPORT - ok
22:06:54.0005 5148 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:06:54.0005 5148 bthserv - ok
22:06:54.0036 5148 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:06:54.0036 5148 BTHUSB - ok
22:06:54.0068 5148 [ C0D50877BB7EC88A953A2A56CEF170FA ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
22:06:54.0068 5148 btnetBUs - ok
22:06:54.0099 5148 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:06:54.0099 5148 cdfs - ok
22:06:54.0161 5148 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:06:54.0161 5148 cdrom - ok
22:06:54.0208 5148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:06:54.0208 5148 CertPropSvc - ok
22:06:54.0302 5148 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
22:06:54.0317 5148 cfWiMAXService - ok
22:06:54.0333 5148 CHIPDRIVE USB SmartCardReader - ok
22:06:54.0364 5148 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:06:54.0364 5148 circlass - ok
22:06:54.0411 5148 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:06:54.0411 5148 CLFS - ok
22:06:54.0504 5148 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:06:54.0504 5148 clr_optimization_v2.0.50727_32 - ok
22:06:54.0551 5148 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:06:54.0551 5148 clr_optimization_v2.0.50727_64 - ok
22:06:54.0645 5148 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:06:54.0692 5148 clr_optimization_v4.0.30319_32 - ok
22:06:54.0723 5148 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:06:54.0754 5148 clr_optimization_v4.0.30319_64 - ok
22:06:54.0785 5148 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:06:54.0785 5148 CmBatt - ok
22:06:54.0832 5148 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:06:54.0832 5148 cmdide - ok
22:06:54.0863 5148 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
22:06:54.0863 5148 CNG - ok
22:06:54.0894 5148 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:06:54.0894 5148 Compbatt - ok
22:06:54.0926 5148 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:06:54.0926 5148 CompositeBus - ok
22:06:54.0957 5148 COMSysApp - ok
22:06:54.0988 5148 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
22:06:54.0988 5148 ConfigFree Gadget Service - ok
22:06:55.0019 5148 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
22:06:55.0019 5148 ConfigFree Service - ok
22:06:55.0050 5148 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:06:55.0050 5148 crcdisk - ok
22:06:55.0097 5148 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:06:55.0097 5148 CryptSvc - ok
22:06:55.0238 5148 [ BD989CFC6E296373A7EA59514E17A199 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
22:06:55.0331 5148 DBService - ok
22:06:55.0378 5148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:06:55.0394 5148 DcomLaunch - ok
22:06:55.0440 5148 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:06:55.0456 5148 defragsvc - ok
22:06:55.0487 5148 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:06:55.0503 5148 DfsC - ok
22:06:55.0550 5148 [ CFBB4907C7542180B5E0282301240006 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
22:06:55.0550 5148 DgiVecp - ok
22:06:55.0596 5148 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:06:55.0596 5148 Dhcp - ok
22:06:55.0628 5148 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:06:55.0628 5148 discache - ok
22:06:55.0674 5148 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:06:55.0674 5148 Disk - ok
22:06:55.0737 5148 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:06:55.0737 5148 Dnscache - ok
22:06:55.0799 5148 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:06:55.0815 5148 dot3svc - ok
22:06:55.0862 5148 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:06:55.0877 5148 DPS - ok
22:06:55.0893 5148 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:06:55.0893 5148 drmkaud - ok
22:06:55.0955 5148 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:06:55.0971 5148 dtsoftbus01 - ok
22:06:56.0049 5148 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:06:56.0080 5148 DXGKrnl - ok
22:06:56.0111 5148 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:06:56.0127 5148 EapHost - ok
22:06:56.0252 5148 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:06:56.0345 5148 ebdrv - ok
22:06:56.0376 5148 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:06:56.0376 5148 EFS - ok
22:06:56.0454 5148 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:06:56.0486 5148 ehRecvr - ok
22:06:56.0517 5148 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:06:56.0532 5148 ehSched - ok
22:06:56.0579 5148 [ 9387A484D31209D7FC3F795A787294DB ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
22:06:56.0579 5148 ElbyCDFL - ok
22:06:56.0642 5148 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
22:06:56.0642 5148 ElbyCDIO - ok
22:06:56.0720 5148 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:06:56.0735 5148 elxstor - ok
22:06:56.0860 5148 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
22:06:56.0860 5148 EPSON_PM_RPCV4_01 - ok
22:06:56.0891 5148 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:06:56.0891 5148 ErrDev - ok
22:06:56.0954 5148 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:06:56.0969 5148 EventSystem - ok
22:06:56.0985 5148 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:06:56.0985 5148 exfat - ok
22:06:57.0016 5148 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:06:57.0016 5148 fastfat - ok
22:06:57.0078 5148 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:06:57.0094 5148 Fax - ok
22:06:57.0125 5148 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:06:57.0125 5148 fdc - ok
22:06:57.0141 5148 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:06:57.0141 5148 fdPHost - ok
22:06:57.0156 5148 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:06:57.0156 5148 FDResPub - ok
22:06:57.0156 5148 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:06:57.0172 5148 FileInfo - ok
22:06:57.0172 5148 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:06:57.0188 5148 Filetrace - ok
22:06:57.0234 5148 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:06:57.0250 5148 FLEXnet Licensing Service - ok
22:06:57.0266 5148 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:06:57.0266 5148 flpydisk - ok
22:06:57.0312 5148 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:06:57.0312 5148 FltMgr - ok
22:06:57.0375 5148 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:06:57.0406 5148 FontCache - ok
22:06:57.0468 5148 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:06:57.0468 5148 FontCache3.0.0.0 - ok
22:06:57.0500 5148 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:06:57.0500 5148 FsDepends - ok
22:06:57.0546 5148 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:06:57.0546 5148 Fs_Rec - ok
22:06:57.0593 5148 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:06:57.0593 5148 fvevol - ok
22:06:57.0624 5148 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:06:57.0624 5148 gagp30kx - ok
22:06:57.0687 5148 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:06:57.0687 5148 GEARAspiWDM - ok
22:06:57.0734 5148 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:06:57.0749 5148 gpsvc - ok
22:06:57.0843 5148 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:06:57.0843 5148 gupdate - ok
22:06:57.0858 5148 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:06:57.0858 5148 gupdatem - ok
22:06:57.0905 5148 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:06:57.0905 5148 gusvc - ok
22:06:57.0936 5148 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:06:57.0936 5148 hcw85cir - ok
22:06:57.0999 5148 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:06:57.0999 5148 HdAudAddService - ok
22:06:58.0030 5148 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:06:58.0030 5148 HDAudBus - ok
22:06:58.0046 5148 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:06:58.0046 5148 HidBatt - ok
22:06:58.0061 5148 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:06:58.0061 5148 HidBth - ok
22:06:58.0077 5148 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:06:58.0077 5148 HidIr - ok
22:06:58.0124 5148 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:06:58.0124 5148 hidserv - ok
22:06:58.0155 5148 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:06:58.0155 5148 HidUsb - ok
22:06:58.0186 5148 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:06:58.0186 5148 hkmsvc - ok
22:06:58.0217 5148 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:06:58.0217 5148 HomeGroupListener - ok
22:06:58.0264 5148 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:06:58.0264 5148 HomeGroupProvider - ok
22:06:58.0326 5148 [ F1F359F2DE372D1850A61382EBABC868 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
22:06:58.0326 5148 hotcore3 - ok
22:06:58.0342 5148 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:06:58.0342 5148 HpSAMD - ok
22:06:58.0420 5148 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:06:58.0436 5148 HTTP - ok
22:06:58.0467 5148 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:06:58.0467 5148 hwpolicy - ok
22:06:58.0514 5148 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:06:58.0514 5148 i8042prt - ok
22:06:58.0560 5148 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:06:58.0560 5148 iaStorV - ok
22:06:58.0670 5148 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:06:58.0685 5148 IDriverT - ok
22:06:58.0748 5148 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:06:58.0763 5148 idsvc - ok
22:06:58.0794 5148 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:06:58.0794 5148 iirsp - ok
22:06:58.0857 5148 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:06:58.0872 5148 IKEEXT - ok
22:06:58.0997 5148 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:06:59.0044 5148 IntcAzAudAddService - ok
22:06:59.0075 5148 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:06:59.0075 5148 intelide - ok
22:06:59.0138 5148 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:06:59.0138 5148 intelppm - ok
22:06:59.0153 5148 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:06:59.0153 5148 IPBusEnum - ok
22:06:59.0200 5148 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:06:59.0200 5148 IpFilterDriver - ok
22:06:59.0247 5148 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:06:59.0262 5148 iphlpsvc - ok
22:06:59.0309 5148 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:06:59.0309 5148 IPMIDRV - ok
22:06:59.0340 5148 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:06:59.0340 5148 IPNAT - ok
22:06:59.0418 5148 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:06:59.0434 5148 iPod Service - ok
22:06:59.0465 5148 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:06:59.0465 5148 IRENUM - ok
22:06:59.0481 5148 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:06:59.0481 5148 isapnp - ok
22:06:59.0512 5148 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:06:59.0528 5148 iScsiPrt - ok
22:06:59.0606 5148 [ 1152F8BEB568F2F72F1C5C32A1F4E529 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
22:06:59.0606 5148 ISWKL - ok
22:06:59.0715 5148 [ EF46EF3A790C42BBA9B5AFA2586448DB ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
22:06:59.0730 5148 IswSvc - ok
22:06:59.0762 5148 [ C7B6BE6BF2B5766648E232077E86B6A0 ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
22:06:59.0762 5148 IvtBtBUs - ok
22:06:59.0793 5148 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:06:59.0793 5148 kbdclass - ok
22:06:59.0840 5148 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:06:59.0840 5148 kbdhid - ok
22:06:59.0871 5148 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:06:59.0871 5148 KeyIso - ok
22:06:59.0902 5148 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:06:59.0902 5148 KSecDD - ok
22:06:59.0949 5148 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:06:59.0949 5148 KSecPkg - ok
22:06:59.0980 5148 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:06:59.0980 5148 ksthunk - ok
22:07:00.0027 5148 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:07:00.0042 5148 KtmRm - ok
22:07:00.0074 5148 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:07:00.0105 5148 LanmanServer - ok
22:07:00.0152 5148 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:07:00.0152 5148 LanmanWorkstation - ok
22:07:00.0214 5148 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:07:00.0214 5148 lirsgt - ok
22:07:00.0261 5148 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:07:00.0261 5148 lltdio - ok
22:07:00.0292 5148 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:07:00.0292 5148 lltdsvc - ok
22:07:00.0308 5148 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:07:00.0323 5148 lmhosts - ok
22:07:00.0370 5148 [ 16679269303613C4CE7C8FF03413410F ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
22:07:00.0370 5148 LPCFilter - ok
22:07:00.0417 5148 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:07:00.0417 5148 LSI_FC - ok
22:07:00.0432 5148 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:07:00.0432 5148 LSI_SAS - ok
22:07:00.0464 5148 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:07:00.0464 5148 LSI_SAS2 - ok
22:07:00.0479 5148 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:07:00.0495 5148 LSI_SCSI - ok
22:07:00.0526 5148 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:07:00.0526 5148 luafv - ok
22:07:00.0588 5148 [ 17F118A3123A566A538341A62E4D8D35 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
22:07:00.0620 5148 MatSvc - ok
22:07:00.0666 5148 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:07:00.0666 5148 Mcx2Svc - ok
22:07:00.0682 5148 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:07:00.0682 5148 megasas - ok
22:07:00.0713 5148 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:07:00.0713 5148 MegaSR - ok
22:07:00.0760 5148 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:07:00.0760 5148 MMCSS - ok
22:07:00.0776 5148 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:07:00.0776 5148 Modem - ok
22:07:00.0807 5148 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:07:00.0807 5148 monitor - ok
22:07:00.0869 5148 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:07:00.0869 5148 mouclass - ok
22:07:00.0900 5148 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:07:00.0900 5148 mouhid - ok
22:07:00.0947 5148 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:07:00.0947 5148 mountmgr - ok
22:07:00.0978 5148 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:07:00.0978 5148 mpio - ok
22:07:00.0994 5148 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:07:01.0010 5148 mpsdrv - ok
22:07:01.0056 5148 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:07:01.0072 5148 MpsSvc - ok
22:07:01.0119 5148 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:07:01.0119 5148 MRxDAV - ok
22:07:01.0150 5148 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:07:01.0166 5148 mrxsmb - ok
22:07:01.0197 5148 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:07:01.0197 5148 mrxsmb10 - ok
22:07:01.0244 5148 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:07:01.0244 5148 mrxsmb20 - ok
22:07:01.0275 5148 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:07:01.0275 5148 msahci - ok
22:07:01.0306 5148 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:07:01.0306 5148 msdsm - ok
22:07:01.0322 5148 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:07:01.0322 5148 MSDTC - ok
22:07:01.0368 5148 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:07:01.0368 5148 Msfs - ok
22:07:01.0384 5148 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:07:01.0384 5148 mshidkmdf - ok
22:07:01.0415 5148 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:07:01.0415 5148 msisadrv - ok
22:07:01.0462 5148 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:07:01.0462 5148 MSiSCSI - ok
22:07:01.0462 5148 msiserver - ok
22:07:01.0509 5148 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:07:01.0509 5148 MSKSSRV - ok
22:07:01.0540 5148 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:07:01.0540 5148 MSPCLOCK - ok
22:07:01.0556 5148 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:07:01.0556 5148 MSPQM - ok
22:07:01.0602 5148 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:07:01.0602 5148 MsRPC - ok
22:07:01.0634 5148 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:07:01.0634 5148 mssmbios - ok
22:07:01.0649 5148 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:07:01.0649 5148 MSTEE - ok
22:07:01.0665 5148 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:07:01.0665 5148 MTConfig - ok
22:07:01.0680 5148 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:07:01.0680 5148 Mup - ok
22:07:01.0727 5148 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:07:01.0727 5148 napagent - ok
22:07:01.0758 5148 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:07:01.0774 5148 NativeWifiP - ok
22:07:01.0821 5148 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:07:01.0852 5148 NDIS - ok
22:07:01.0883 5148 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:07:01.0883 5148 NdisCap - ok
22:07:01.0899 5148 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:07:01.0899 5148 NdisTapi - ok
22:07:01.0946 5148 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:07:01.0946 5148 Ndisuio - ok
22:07:01.0977 5148 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:07:01.0977 5148 NdisWan - ok
22:07:02.0024 5148 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:07:02.0024 5148 NDProxy - ok
22:07:02.0039 5148 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:07:02.0039 5148 NetBIOS - ok
22:07:02.0102 5148 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:07:02.0117 5148 NetBT - ok
22:07:02.0117 5148 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:07:02.0117 5148 Netlogon - ok
22:07:02.0164 5148 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:07:02.0180 5148 Netman - ok
22:07:02.0226 5148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:07:02.0226 5148 NetMsmqActivator - ok
22:07:02.0258 5148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:07:02.0258 5148 NetPipeActivator - ok
22:07:02.0273 5148 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:07:02.0304 5148 netprofm - ok
22:07:02.0320 5148 netr7364 - ok
22:07:02.0336 5148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:07:02.0336 5148 NetTcpActivator - ok
22:07:02.0351 5148 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:07:02.0351 5148 NetTcpPortSharing - ok
22:07:02.0382 5148 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:07:02.0382 5148 nfrd960 - ok
22:07:02.0523 5148 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:07:02.0554 5148 NlaSvc - ok
22:07:02.0632 5148 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:07:02.0632 5148 Npfs - ok
22:07:02.0694 5148 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:07:02.0694 5148 nsi - ok
22:07:02.0710 5148 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:07:02.0710 5148 nsiproxy - ok
22:07:02.0772 5148 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:07:02.0819 5148 Ntfs - ok
22:07:02.0850 5148 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:07:02.0850 5148 Null - ok
22:07:02.0882 5148 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:07:02.0882 5148 nvraid - ok
22:07:02.0913 5148 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:07:02.0928 5148 nvstor - ok
22:07:02.0960 5148 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:07:02.0975 5148 nv_agp - ok
22:07:03.0006 5148 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:07:03.0006 5148 ohci1394 - ok
22:07:03.0100 5148 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:07:03.0100 5148 ose - ok
22:07:03.0162 5148 [ 5F79934084DF6DC0635578864376CE54 ] OV550I C:\Windows\system32\Drivers\ov550ivx.sys
22:07:03.0162 5148 OV550I - ok
22:07:03.0194 5148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:07:03.0194 5148 p2pimsvc - ok
22:07:03.0225 5148 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:07:03.0240 5148 p2psvc - ok
22:07:03.0272 5148 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:07:03.0272 5148 Parport - ok
22:07:03.0303 5148 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:07:03.0303 5148 partmgr - ok
22:07:03.0318 5148 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:07:03.0334 5148 PcaSvc - ok
22:07:03.0381 5148 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:07:03.0381 5148 pccsmcfd - ok
22:07:03.0412 5148 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:07:03.0412 5148 pci - ok
22:07:03.0428 5148 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:07:03.0428 5148 pciide - ok
22:07:03.0459 5148 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:07:03.0459 5148 pcmcia - ok
22:07:03.0474 5148 PCTINDIS4 - ok
22:07:03.0490 5148 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:07:03.0490 5148 pcw - ok
22:07:03.0506 5148 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:07:03.0537 5148 PEAUTH - ok
22:07:03.0630 5148 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:07:03.0630 5148 PerfHost - ok
22:07:03.0677 5148 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
22:07:03.0677 5148 PGEffect - ok
22:07:03.0740 5148 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:07:03.0771 5148 pla - ok
22:07:03.0818 5148 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:07:03.0833 5148 PlugPlay - ok
22:07:03.0849 5148 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:07:03.0849 5148 PNRPAutoReg - ok
22:07:03.0880 5148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:07:03.0880 5148 PNRPsvc - ok
22:07:03.0896 5148 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:07:03.0911 5148 PolicyAgent - ok
22:07:03.0942 5148 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:07:03.0942 5148 Power - ok
22:07:04.0005 5148 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:07:04.0005 5148 PptpMiniport - ok
22:07:04.0036 5148 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:07:04.0036 5148 Processor - ok
22:07:04.0083 5148 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:07:04.0083 5148 ProfSvc - ok
22:07:04.0098 5148 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:07:04.0098 5148 ProtectedStorage - ok
22:07:04.0161 5148 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:07:04.0161 5148 Psched - ok
22:07:04.0208 5148 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:07:04.0239 5148 ql2300 - ok
22:07:04.0254 5148 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:07:04.0254 5148 ql40xx - ok
22:07:04.0286 5148 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:07:04.0301 5148 QWAVE - ok
22:07:04.0317 5148 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:07:04.0317 5148 QWAVEdrv - ok
22:07:04.0379 5148 [ E155E09229624C69A1A6609C0CB3641F ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
22:07:04.0379 5148 RalinkRegistryWriter - ok
22:07:04.0426 5148 [ 42A952CA5F9DE8FCEC25307B19570BB9 ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
22:07:04.0426 5148 RalinkRegistryWriter64 - ok
22:07:04.0488 5148 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
22:07:04.0488 5148 RapiMgr - ok
22:07:04.0520 5148 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:07:04.0520 5148 RasAcd - ok
22:07:04.0551 5148 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:07:04.0551 5148 RasAgileVpn - ok
22:07:04.0582 5148 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:07:04.0598 5148 RasAuto - ok
22:07:04.0629 5148 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:07:04.0629 5148 Rasl2tp - ok
22:07:04.0660 5148 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:07:04.0676 5148 RasMan - ok
22:07:04.0707 5148 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:07:04.0707 5148 RasPppoe - ok
22:07:04.0722 5148 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:07:04.0722 5148 RasSstp - ok
22:07:04.0769 5148 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:07:04.0769 5148 rdbss - ok
22:07:04.0785 5148 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:07:04.0785 5148 rdpbus - ok
22:07:04.0800 5148 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:07:04.0800 5148 RDPCDD - ok
22:07:04.0832 5148 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:07:04.0832 5148 RDPENCDD - ok
22:07:04.0847 5148 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:07:04.0863 5148 RDPREFMP - ok
22:07:04.0910 5148 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:07:04.0910 5148 RdpVideoMiniport - ok
22:07:04.0941 5148 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:07:04.0956 5148 RDPWD - ok
22:07:05.0003 5148 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:07:05.0003 5148 rdyboost - ok
22:07:05.0034 5148 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:07:05.0034 5148 RemoteAccess - ok
22:07:05.0066 5148 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:07:05.0081 5148 RemoteRegistry - ok
22:07:05.0128 5148 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:07:05.0128 5148 RFCOMM - ok
22:07:05.0175 5148 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
22:07:05.0175 5148 ROOTMODEM - ok
22:07:05.0206 5148 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:07:05.0206 5148 RpcEptMapper - ok
22:07:05.0237 5148 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:07:05.0237 5148 RpcLocator - ok
22:07:05.0284 5148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:07:05.0284 5148 RpcSs - ok
22:07:05.0315 5148 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:07:05.0315 5148 rspndr - ok
22:07:05.0362 5148 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:07:05.0362 5148 RSUSBSTOR - ok
22:07:05.0409 5148 [ 483C537E69FA97C77F7FE0E2E1C1F102 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
22:07:05.0424 5148 RTHDMIAzAudService - ok
22:07:05.0471 5148 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:07:05.0471 5148 RTL8167 - ok
22:07:05.0502 5148 [ 3EC7911ED886DC5D8A9F70129254679C ] RTL8187Se C:\Windows\system32\DRIVERS\RTL8187Se.sys
22:07:05.0518 5148 RTL8187Se - ok
22:07:05.0565 5148 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
22:07:05.0612 5148 rtl8192se - ok
22:07:05.0627 5148 RtsUIR - ok
22:07:05.0658 5148 [ 345B48DB687BE09E6B0A4A1349F300F4 ] S332x64 C:\Windows\system32\DRIVERS\S332x64.sys
22:07:05.0658 5148 S332x64 - ok
22:07:05.0674 5148 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:07:05.0674 5148 SamSs - ok
22:07:05.0892 5148 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA D:\Programme\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys
22:07:05.0908 5148 SANDRA - ok
22:07:05.0955 5148 [ 6858620E6EF1DF704366ACD45A317AD2 ] SandraAgentSrv D:\Programme\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe
22:07:05.0955 5148 SandraAgentSrv - ok
22:07:05.0986 5148 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:07:05.0986 5148 sbp2port - ok
22:07:06.0033 5148 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:07:06.0033 5148 SCardSvr - ok
22:07:06.0064 5148 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:07:06.0064 5148 scfilter - ok
22:07:06.0126 5148 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:07:06.0158 5148 Schedule - ok
22:07:06.0189 5148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:07:06.0189 5148 SCPolicySvc - ok
22:07:06.0220 5148 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:07:06.0236 5148 SDRSVC - ok
22:07:06.0267 5148 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:07:06.0267 5148 secdrv - ok
22:07:06.0298 5148 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:07:06.0298 5148 seclogon - ok
22:07:06.0329 5148 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:07:06.0329 5148 SENS - ok
22:07:06.0345 5148 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:07:06.0345 5148 SensrSvc - ok
22:07:06.0376 5148 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:07:06.0376 5148 Serenum - ok
22:07:06.0392 5148 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:07:06.0392 5148 Serial - ok
22:07:06.0423 5148 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:07:06.0423 5148 sermouse - ok
22:07:06.0516 5148 [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:07:06.0532 5148 ServiceLayer - ok
22:07:06.0579 5148 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:07:06.0579 5148 SessionEnv - ok
22:07:06.0610 5148 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:07:06.0610 5148 sffdisk - ok
22:07:06.0626 5148 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:07:06.0626 5148 sffp_mmc - ok
22:07:06.0641 5148 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:07:06.0641 5148 sffp_sd - ok
22:07:06.0657 5148 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:07:06.0657 5148 sfloppy - ok
22:07:06.0688 5148 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:07:06.0704 5148 SharedAccess - ok
22:07:06.0735 5148 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:07:06.0750 5148 ShellHWDetection - ok
22:07:06.0782 5148 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:07:06.0782 5148 SiSRaid2 - ok
22:07:06.0797 5148 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:07:06.0797 5148 SiSRaid4 - ok
22:07:06.0875 5148 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:07:06.0875 5148 SkypeUpdate - ok
22:07:06.0906 5148 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:07:06.0906 5148 Smb - ok
22:07:06.0953 5148 [ 446EB38CE4A6D040F548B2F547CA96FF ] snapman C:\Windows\system32\DRIVERS\snapman.sys
22:07:06.0953 5148 snapman - ok
22:07:07.0000 5148 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:07:07.0000 5148 SNMPTRAP - ok
22:07:07.0062 5148 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
22:07:07.0062 5148 Sony SCSI Helper Service - ok
22:07:07.0109 5148 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:07:07.0109 5148 spldr - ok
22:07:07.0156 5148 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:07:07.0172 5148 Spooler - ok
22:07:07.0281 5148 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:07:07.0359 5148 sppsvc - ok
22:07:07.0374 5148 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:07:07.0390 5148 sppuinotify - ok
22:07:07.0421 5148 sptd - ok
22:07:07.0468 5148 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:07:07.0468 5148 srv - ok
22:07:07.0499 5148 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:07:07.0499 5148 srv2 - ok
22:07:07.0515 5148 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:07:07.0515 5148 srvnet - ok
22:07:07.0577 5148 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
22:07:07.0577 5148 ssadbus - ok
22:07:07.0624 5148 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:07:07.0624 5148 ssadmdfl - ok
22:07:07.0671 5148 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
22:07:07.0686 5148 ssadmdm - ok
22:07:07.0718 5148 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
22:07:07.0733 5148 sscdbus - ok
22:07:07.0780 5148 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:07:07.0780 5148 sscdmdfl - ok
22:07:07.0827 5148 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
22:07:07.0827 5148 sscdmdm - ok
22:07:07.0874 5148 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:07:07.0889 5148 SSDPSRV - ok
22:07:07.0952 5148 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
22:07:07.0952 5148 SSPORT - ok
22:07:07.0967 5148 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:07:07.0967 5148 SstpSvc - ok
22:07:08.0123 5148 [ E4AEA6FC64A979375149B86882CA2100 ] StarMoney 8.0 OnlineUpdate D:\Programme\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
22:07:08.0139 5148 StarMoney 8.0 OnlineUpdate - ok
22:07:08.0201 5148 Steam Client Service - ok
22:07:08.0232 5148 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:07:08.0232 5148 stexstor - ok
22:07:08.0295 5148 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:07:08.0326 5148 stisvc - ok
22:07:08.0373 5148 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:07:08.0373 5148 swenum - ok
22:07:08.0499 5148 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:07:08.0514 5148 SwitchBoard - ok
22:07:08.0577 5148 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:07:08.0592 5148 swprv - ok
22:07:08.0655 5148 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:07:08.0655 5148 SynTP - ok
22:07:08.0733 5148 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:07:08.0811 5148 SysMain - ok
22:07:08.0842 5148 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:07:08.0857 5148 TabletInputService - ok
22:07:09.0185 5148 [ 45C9720E43ADF60E31A018FBC3321608 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
22:07:09.0325 5148 TabletServicePen - ok
22:07:09.0341 5148 tandpl - ok
22:07:09.0372 5148 [ 4EF44915E522F3ECD1A3FF540AA64126 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
22:07:09.0372 5148 tap0901 - ok
22:07:09.0403 5148 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:07:09.0419 5148 TapiSrv - ok
22:07:09.0435 5148 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:07:09.0450 5148 TBS - ok
22:07:09.0529 5148 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:07:09.0560 5148 Tcpip - ok
22:07:09.0623 5148 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:07:09.0638 5148 TCPIP6 - ok
22:07:09.0670 5148 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:07:09.0670 5148 tcpipreg - ok
22:07:09.0701 5148 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:07:09.0701 5148 tdcmdpst - ok
22:07:09.0732 5148 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:07:09.0732 5148 TDPIPE - ok
22:07:09.0794 5148 [ DF9179B7BDF0C5B71F9C3D93C016BAE5 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
22:07:09.0826 5148 tdrpman251 - ok
22:07:09.0857 5148 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:07:09.0857 5148 TDTCP - ok
22:07:09.0919 5148 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:07:09.0919 5148 tdx - ok
22:07:09.0966 5148 [ 40E154B3125E17CE6F2AFAD57AFCFEB2 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
22:07:09.0982 5148 TemproMonitoringService - ok
22:07:10.0013 5148 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:07:10.0013 5148 TermDD - ok
22:07:10.0075 5148 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:07:10.0106 5148 TermService - ok
22:07:10.0153 5148 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:07:10.0153 5148 Themes - ok
22:07:10.0200 5148 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:07:10.0200 5148 THREADORDER - ok
22:07:10.0262 5148 [ F7546EAD58CC3000AC02CF9529B9934E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
22:07:10.0294 5148 timounter - ok
22:07:10.0372 5148 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:07:10.0372 5148 TMachInfo - ok
22:07:10.0496 5148 [ C1D654B513557998F64897B7B38C3BA8 ] TMPService D:\Programme\NetStat4Win\TMPacketServiceInit.exe
22:07:10.0513 5148 TMPService - ok
22:07:10.0575 5148 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
22:07:10.0591 5148 TODDSrv - ok
22:07:10.0685 5148 [ 4DB8C79BCEA76063B83B13410366A1F7 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
22:07:10.0700 5148 TosCoSrv - ok
22:07:10.0778 5148 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
22:07:10.0778 5148 TOSHIBA Bluetooth Service - ok
22:07:10.0841 5148 [ 707800855AFBD7648375EFB1519B8D6D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
22:07:10.0841 5148 TOSHIBA eco Utility Service - ok
22:07:10.0887 5148 [ DD58E1250F604CBBADDA04575E5E2376 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
22:07:10.0903 5148 TOSHIBA HDD SSD Alert Service - ok
22:07:10.0934 5148 [ 755E5CA34D6186FC0E1430CD47E6E97C ] toshidpt C:\Windows\system32\drivers\Toshidpt.sys
22:07:10.0934 5148 toshidpt - ok
22:07:10.0997 5148 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
22:07:10.0997 5148 tosporte - ok
22:07:11.0043 5148 [ 0ADC36861F0D11A916EF78995272FDB7 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
22:07:11.0043 5148 tosrfbd - ok
22:07:11.0059 5148 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
22:07:11.0059 5148 tosrfbnp - ok
22:07:11.0075 5148 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
22:07:11.0075 5148 Tosrfcom - ok
22:07:11.0106 5148 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
22:07:11.0106 5148 Tosrfhid - ok
22:07:11.0121 5148 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
22:07:11.0121 5148 tosrfnds - ok
22:07:11.0153 5148 [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
22:07:11.0153 5148 TosRfSnd - ok
22:07:11.0184 5148 [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
22:07:11.0184 5148 Tosrfusb - ok
22:07:11.0246 5148 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
22:07:11.0246 5148 tos_sps64 - ok
22:07:11.0309 5148 [ B623380AA85A84C836C395B873D6D20C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
22:07:11.0324 5148 TouchServicePen - ok
22:07:11.0402 5148 [ DE64C52BD0671165CF2EEBF2A728A3E2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
22:07:11.0433 5148 TPCHSrv - ok
22:07:11.0480 5148 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:07:11.0480 5148 TrkWks - ok
22:07:11.0544 5148 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:07:11.0544 5148 TrustedInstaller - ok
22:07:11.0606 5148 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:07:11.0606 5148 tssecsrv - ok
22:07:11.0668 5148 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:07:11.0668 5148 TsUsbFlt - ok
22:07:11.0731 5148 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:07:11.0746 5148 tunnel - ok
22:07:11.0778 5148 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:07:11.0778 5148 TVALZ - ok
22:07:11.0824 5148 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\Windows\system32\DRIVERS\TVALZFL.sys
22:07:11.0824 5148 TVALZFL - ok
22:07:11.0840 5148 TwkMs - ok
22:07:11.0856 5148 TWKSER2K - ok
22:07:11.0918 5148 [ A30CFF6B2B64FFE538E93B99E3B0CEC2 ] U6000ALL C:\Windows\system32\DRIVERS\U6000ALL.sys
22:07:11.0918 5148 U6000ALL - ok
22:07:11.0949 5148 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:07:11.0949 5148 uagp35 - ok
22:07:11.0996 5148 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:07:11.0996 5148 udfs - ok
22:07:12.0043 5148 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:07:12.0043 5148 UI0Detect - ok
22:07:12.0090 5148 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:07:12.0105 5148 uliagpkx - ok
22:07:12.0152 5148 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:07:12.0152 5148 umbus - ok
22:07:12.0183 5148 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:07:12.0183 5148 UmPass - ok
22:07:12.0214 5148 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:07:12.0230 5148 upnphost - ok
22:07:12.0292 5148 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:07:12.0292 5148 USBAAPL64 - ok
22:07:12.0324 5148 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:07:12.0324 5148 usbaudio - ok
22:07:12.0370 5148 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:07:12.0370 5148 usbccgp - ok
22:07:12.0386 5148 USBCCID - ok
22:07:12.0433 5148 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:07:12.0433 5148 usbcir - ok
22:07:12.0464 5148 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:07:12.0464 5148 usbehci - ok
22:07:12.0511 5148 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:07:12.0526 5148 usbhub - ok
22:07:12.0558 5148 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:07:12.0558 5148 usbohci - ok
22:07:12.0604 5148 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:07:12.0604 5148 usbprint - ok
22:07:12.0636 5148 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:07:12.0636 5148 usbscan - ok
22:07:12.0698 5148 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:07:12.0698 5148 USBSTOR - ok
22:07:12.0714 5148 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:07:12.0714 5148 usbuhci - ok
22:07:12.0948 5148 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:07:12.0948 5148 usbvideo - ok
22:07:12.0994 5148 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:07:12.0994 5148 UxSms - ok
22:07:13.0026 5148 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:07:13.0026 5148 VaultSvc - ok
22:07:13.0197 5148 [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:07:13.0197 5148 VBoxNetAdp - ok
22:07:13.0244 5148 VBoxNetFlt - ok
22:07:13.0291 5148 [ 20B10BCF909CD3711A2CF9CD704845A2 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
22:07:13.0291 5148 VBoxUSB - ok
22:07:13.0338 5148 [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys
22:07:13.0338 5148 vcd10bus - ok
22:07:13.0338 5148 VComm - ok
22:07:13.0353 5148 VcommMgr - ok
22:07:13.0400 5148 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:07:13.0400 5148 vdrvroot - ok
22:07:13.0462 5148 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:07:13.0494 5148 vds - ok
22:07:13.0525 5148 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:07:13.0525 5148 vga - ok
22:07:13.0556 5148 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:07:13.0556 5148 VgaSave - ok
22:07:13.0587 5148 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:07:13.0603 5148 vhdmp - ok
22:07:13.0618 5148 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:07:13.0618 5148 viaide - ok
22:07:13.0681 5148 [ F307DA7E96BC760B4628E204E234DCD0 ] Virtual Router D:\Programme\Virtual Router\VirtualRouterService.exe
22:07:13.0681 5148 Virtual Router - ok
22:07:13.0712 5148 VMnetAdapter - ok
22:07:13.0743 5148 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:07:13.0759 5148 volmgr - ok
22:07:13.0806 5148 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:07:13.0806 5148 volmgrx - ok
22:07:13.0837 5148 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:07:13.0852 5148 volsnap - ok
22:07:13.0899 5148 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
22:07:13.0899 5148 vpcbus - ok
22:07:13.0962 5148 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
22:07:13.0962 5148 vpcnfltr - ok
22:07:13.0993 5148 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
22:07:13.0993 5148 vpcusb - ok
22:07:14.0024 5148 [ 63F4E10873BEB4124028C6D1A66B0968 ] vpcuxd C:\Windows\system32\DRIVERS\vpcuxd.sys
22:07:14.0024 5148 vpcuxd - ok
22:07:14.0086 5148 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
22:07:14.0102 5148 vpcvmm - ok
22:07:14.0149 5148 vpnva - ok
22:07:14.0180 5148 [ 239D8D72730226CD460BDC8CA0A23D43 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
22:07:14.0196 5148 Vsdatant - ok
22:07:14.0242 5148 vsmon - ok
22:07:14.0289 5148 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:07:14.0305 5148 vsmraid - ok
22:07:14.0367 5148 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:07:14.0414 5148 VSS - ok
22:07:14.0445 5148 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:07:14.0445 5148 vwifibus - ok
22:07:14.0461 5148 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:07:14.0461 5148 vwififlt - ok
22:07:14.0492 5148 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:07:14.0508 5148 vwifimp - ok
22:07:14.0539 5148 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:07:14.0539 5148 W32Time - ok
22:07:14.0648 5148 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
22:07:14.0679 5148 W3SVC - ok
22:07:14.0726 5148 [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
22:07:14.0726 5148 wacmoumonitor - ok
22:07:14.0773 5148 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
22:07:14.0773 5148 wacommousefilter - ok
22:07:14.0804 5148 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:07:14.0804 5148 WacomPen - ok
22:07:14.0866 5148 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
22:07:14.0866 5148 wacomvhid - ok
22:07:14.0913 5148 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:07:14.0913 5148 WANARP - ok
22:07:14.0944 5148 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:07:14.0944 5148 Wanarpv6 - ok
22:07:14.0976 5148 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
22:07:14.0976 5148 WAS - ok
22:07:15.0038 5148 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:07:15.0069 5148 WatAdminSvc - ok
22:07:15.0147 5148 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:07:15.0178 5148 wbengine - ok
22:07:15.0210 5148 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:07:15.0225 5148 WbioSrvc - ok
22:07:15.0288 5148 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
22:07:15.0303 5148 WcesComm - ok
22:07:15.0366 5148 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:07:15.0381 5148 wcncsvc - ok
22:07:15.0397 5148 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:07:15.0412 5148 WcsPlugInService - ok
22:07:15.0444 5148 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:07:15.0444 5148 Wd - ok
22:07:15.0506 5148 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:07:15.0537 5148 Wdf01000 - ok
22:07:15.0553 5148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:07:15.0568 5148 WdiServiceHost - ok
22:07:15.0568 5148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:07:15.0568 5148 WdiSystemHost - ok
22:07:15.0615 5148 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:07:15.0615 5148 WebClient - ok
22:07:15.0646 5148 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:07:15.0662 5148 Wecsvc - ok
22:07:15.0678 5148 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:07:15.0678 5148 wercplsupport - ok
22:07:15.0724 5148 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:07:15.0724 5148 WerSvc - ok
22:07:15.0756 5148 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:07:15.0756 5148 WfpLwf - ok
22:07:15.0802 5148 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
22:07:15.0802 5148 WimFltr - ok
22:07:15.0834 5148 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:07:15.0849 5148 WIMMount - ok
22:07:15.0865 5148 WinDefend - ok
22:07:15.0880 5148 WinHttpAutoProxySvc - ok
22:07:15.0943 5148 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:07:15.0958 5148 Winmgmt - ok
22:07:16.0052 5148 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:07:16.0114 5148 WinRM - ok
22:07:16.0146 5148 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:07:16.0146 5148 WinUsb - ok
22:07:16.0192 5148 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:07:16.0208 5148 Wlansvc - ok
22:07:16.0348 5148 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:07:16.0426 5148 wlidsvc - ok
22:07:16.0458 5148 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:07:16.0458 5148 WmiAcpi - ok
22:07:16.0489 5148 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:07:16.0489 5148 wmiApSrv - ok
22:07:16.0520 5148 WMPNetworkSvc - ok
22:07:16.0551 5148 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:07:16.0567 5148 WPCSvc - ok
22:07:16.0599 5148 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:07:16.0599 5148 WPDBusEnum - ok
22:07:16.0615 5148 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:07:16.0615 5148 ws2ifsl - ok
22:07:16.0630 5148 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:07:16.0630 5148 wscsvc - ok
22:07:16.0646 5148 WSearch - ok
22:07:16.0755 5148 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:07:16.0817 5148 wuauserv - ok
22:07:16.0833 5148 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:07:16.0849 5148 WudfPf - ok
22:07:16.0880 5148 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:07:16.0880 5148 WUDFRd - ok
22:07:16.0911 5148 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:07:16.0927 5148 wudfsvc - ok
22:07:16.0958 5148 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:07:16.0989 5148 WwanSvc - ok
22:07:17.0020 5148 [ 5AA532BBAC7E34186EDFF24F72BCD61B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
22:07:17.0036 5148 xusb21 - ok
22:07:17.0098 5148 ================ Scan global ===============================
22:07:17.0129 5148 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:07:17.0145 5148 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:07:17.0161 5148 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:07:17.0192 5148 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:07:17.0223 5148 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:07:17.0239 5148 [Global] - ok
22:07:17.0239 5148 ================ Scan MBR ==================================
22:07:17.0239 5148 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:07:17.0770 5148 \Device\Harddisk0\DR0 - ok
22:07:17.0770 5148 ================ Scan VBR ==================================
22:07:17.0801 5148 [ 3911DAF43E2BA4E3D49ACA7F02A1FEB7 ] \Device\Harddisk0\DR0\Partition1
22:07:17.0801 5148 \Device\Harddisk0\DR0\Partition1 - ok
22:07:17.0832 5148 [ 57963ACC5901AF100AC9E29AAA4C7265 ] \Device\Harddisk0\DR0\Partition2
22:07:17.0832 5148 \Device\Harddisk0\DR0\Partition2 - ok
22:07:17.0848 5148 [ C6D0F51EDCA4FBB6A0ABA14377D50839 ] \Device\Harddisk0\DR0\Partition3
22:07:17.0848 5148 \Device\Harddisk0\DR0\Partition3 - ok
22:07:17.0848 5148 ============================================================
22:07:17.0848 5148 Scan finished
22:07:17.0848 5148 ============================================================
22:07:17.0879 4660 Detected object count: 0
22:07:17.0879 4660 Actual detected object count: 0
|
|
28.11.2012, 22:32
| #4 | ||
| /// TB-Ausbilder | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Dann bitte Combofix ausführen: Scan mit Combofix
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.11.2012, 12:15
| #5 |
| | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden So habe ComboFix durchlaufen lassen. Musste aber einmal vorzeitig abbrechen, weil Avira sich beschwert hat. Hatte vergessen den Haken bei Überwachen der Registry zu entfernen. Hoffe das war nicht schlimm. Code:
ATTFilter ComboFix 12-11-28.02 - Dirk 28.11.2012 23:24:34.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4094.1837 [GMT 1:00]
ausgeführt von:: c:\users\Dirk\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\program files (x86)\Vision Objects\Bamboo Scribe\BambooScribe.exe
c:\programdata\1&1
c:\programdata\1&1\1&1 SoftPhone\ContextMenuHandler.html
c:\programdata\1&1\1&1 SoftPhone\que\notifyq.dqueue
c:\programdata\1&1\1&1 SoftPhone\que\notifyq.lqueue
c:\programdata\1&1\1&1 SoftPhone\SipClientSettings.xml
c:\programdata\47BDCAD994.sys
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Dirk\AppData\Local\assembly\tmp
c:\users\Dirk\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\users\Dirk\AppData\Local\TempDIR
c:\users\Dirk\AppData\Local\TempDIR\WindowsXP-KB893357-v2-x86-DEU.exe
c:\users\Dirk\AppData\Local\TempDIR\WindowsXP-KB917021-v3-x86-DEU.exe
c:\users\Dirk\AppData\Roaming\1&1
c:\users\Dirk\AppData\Roaming\1&1\1&1 SoftPhone\CurrentLog.txt
c:\users\Dirk\AppData\Roaming\1&1\1&1 SoftPhone\QuickDial.xml
c:\users\Dirk\AppData\Roaming\1&1\1&1 SoftPhone\SipClientHistory.xml
c:\users\Dirk\AppData\Roaming\1&1\1&1 SoftPhone\SipClientSettings.xml
c:\users\Dirk\AppData\Roaming\1&1\1&1 SoftPhone\SipLog.cdb
c:\users\Dirk\AppData\Roaming\1&1\1&1 SoftPhone\SipLog.lck
c:\users\Dirk\AppData\Roaming\1&1\Common\Contacts.cdb
c:\users\Dirk\AppData\Roaming\1&1\Common\Contacts.lck
c:\users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\users\Dirk\WINDOWS
c:\windows\IsUn0407.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
d:\programme\phonostar-Player\phonostarTimer.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-10-28 bis 2012-11-28 ))))))))))))))))))))))))))))))
.
.
2012-11-27 15:32 . 2012-10-26 18:01 237400 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-11-27 15:32 . 2012-10-26 17:59 119640 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-11-21 20:50 . 2012-11-23 19:34 -------- d-----w- c:\users\Dirk\AppData\Roaming\Media Player Classic
2012-11-21 20:33 . 2012-11-21 20:33 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-21 20:33 . 2012-11-21 20:33 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-11-17 20:06 . 2012-11-17 20:06 -------- d-----w- c:\users\Dirk\AppData\Roaming\MusE
2012-11-17 20:06 . 2012-11-17 20:06 -------- d-----w- c:\users\Dirk\AppData\Local\MusE
2012-11-15 17:04 . 2012-11-15 17:13 -------- d-----w- c:\users\Dirk\AppData\Roaming\Skype
2012-11-15 17:04 . 2012-11-15 17:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-15 17:04 . 2012-11-15 17:04 -------- d-----r- c:\program files (x86)\Skype
2012-11-15 17:04 . 2012-11-15 17:04 -------- d-----w- c:\programdata\Skype
2012-11-14 14:39 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-14 14:39 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 14:39 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 14:39 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 14:25 . 2012-10-08 11:13 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 14:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 14:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 14:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 14:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 14:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 14:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 14:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 14:14 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 14:14 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-11-10 11:23 . 2012-11-10 11:23 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-11-10 11:23 . 2012-11-10 11:23 -------- d-----w- c:\program files (x86)\QuickTime
2012-11-06 15:31 . 2012-11-06 15:31 -------- d-----w- c:\users\Dirk\AppData\Local\Black_Tree_Gaming
2012-11-02 10:49 . 2012-11-06 20:50 -------- d-----w- c:\users\Dirk\AppData\Local\Skyrim
2012-10-31 20:56 . 2012-10-31 20:56 -------- d-----w- c:\program files (x86)\Common Files\Wrye Bash
2012-10-30 20:21 . 2005-04-03 22:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-10-30 20:21 . 2005-04-03 22:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-10-30 20:21 . 2005-04-03 22:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-10-30 20:21 . 2005-04-03 22:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-10-30 20:21 . 2005-04-03 21:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-10-30 20:21 . 2005-04-03 22:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-10-30 20:21 . 2012-10-30 20:21 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-10-30 20:21 . 2012-10-30 20:21 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 14:19 . 2010-03-20 20:13 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-13 15:29 . 2012-10-16 13:47 98888 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-13 15:29 . 2012-10-16 13:47 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-11-12 18:02 . 2012-04-24 15:39 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-12 18:02 . 2011-05-19 16:27 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 18:00 . 2012-10-26 18:00 131416 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-09-29 18:54 . 2011-07-25 19:47 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 21:16 . 2012-10-22 15:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-24 07:58 . 2012-10-16 13:47 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-09-19 15:57 . 2012-09-19 15:57 17896 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2012-09-14 19:19 . 2012-10-11 08:52 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-11 08:52 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-06 14:48 . 2012-03-16 12:10 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-06 14:48 . 2011-07-17 18:44 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 18:19 . 2012-10-11 08:51 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-03 09:16 175400 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{C9EE92B7-EDD5-4ad9-8029-2EC6818E653A}]
2012-08-10 09:59 3100288 ----a-w- d:\programme\AusweisApp\siqeCardClient.ols
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 16:17 222712 ----a-w- c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 16:17 222712 ----a-w- c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 16:17 222712 ----a-w- c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\Dirk\AppData\Local\Apps\2.0\HW2HGARV.XEZ\3MDA28PK.PWM\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [2011-02-23 147456]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-11 39408]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"Ubuntu One"="c:\program files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe" [2012-08-15 47304]
"Ubuntu One Icon"="c:\program files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe" [2012-08-15 40136]
"SkyDrive"="c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-11-16 255992]
"Wallpaper4U"="d:\programme\Wallpaper4U\Wallpaper4U.exe" [2007-05-05 1167360]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-09 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-09-12 5082488]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-02-27 552960]
"3170 Scan2PC"="c:\windows\Twain_32\Samsung\CLX3170\Scan2pc.exe" [2009-01-30 503808]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-08 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2010-06-17 370176]
"CloneCDTray"="d:\programme\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"CherryConfigDlg"="c:\program files (x86)\Cherry\SmartDevice\ConfigDlg.exe" [2008-07-14 606208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"ZoneAlarm"="d:\programme\CheckPoint\ZoneAlarm\zatray.exe" [2012-06-01 73392]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Reader Application Helper"="d:\programme\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2012-07-12 892928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-11-28 384800]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"TkBellExe"="d:\programme\real player\Update\realsched.exe" [2012-11-21 296096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Wallpaper4U.lnk - d:\programme\Wallpaper4U\Wallpaper4U.exe [2007-5-5 1167360]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk.disabled [2011-9-7 956]
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 30088]
R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 27016]
R3 MatSvc;Microsoft Fix it Supportcenter;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-11-15 343856]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys [x]
R3 OV550I;OVT Scanner;c:\windows\system32\Drivers\ov550ivx.sys [2010-11-12 196992]
R3 PCTINDIS4;PCTINDIS4 NDIS Protocol Driver;c:\windows\system32\PCTINDIS4.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 S332x64;SPRx3x USB SmartCard Reader;c:\windows\system32\DRIVERS\S332x64.sys [2011-08-11 77952]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;d:\programme\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe [2009-06-13 68760]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [x]
R3 U6000ALL;U6000 TV Box(ALL);c:\windows\system32\DRIVERS\U6000ALL.sys [2010-01-14 276480]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2010-10-08 43792]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys [2008-06-17 40464]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-05 18288]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-06 1255736]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2011-07-27 24456]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2009-04-08 37392]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2010-03-21 1455648]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-07 283200]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-21 2326920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-08 365568]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-28 85280]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2010-05-28 2650112]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-04-30 33672]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-04-30 827520]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [2009-07-14 211232]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-10-22 11576]
S2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;d:\programme\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [2012-06-28 692432]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-13 5790064]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
S2 TMPService;TrafficMonitor Packettreiber Initialisierung;d:\programme\NetStat4Win\TMPacketServiceInit.exe [2010-01-04 692808]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-27 251760]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-13 487280]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
S2 Virtual Router;VirtualRouterService;d:\programme\Virtual Router\VirtualRouterService.exe [2009-11-18 12288]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-03-21 250400]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2010-03-20 116096]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 18:02]
.
2012-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 16:50]
.
2012-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 16:50]
.
2012-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-263986277-1405207633-1788618665-1001Core.job
- c:\users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-17 09:49]
.
2012-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-263986277-1405207633-1788618665-1001UA.job
- c:\users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-17 09:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 16:17 261624 ----a-w- c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 16:17 261624 ----a-w- c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 16:17 261624 ----a-w- c:\users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-09-12 357800]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-27 855608]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-04-30 1126528]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1
uInternet Settings,ProxyServer = 24.123.195.115:3128
IE: Alles mit FDM herunterladen - file://d:\programme\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://d:\programme\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://d:\programme\Free Download Manager\dllink.htm
IE: In 1&&1 SoftPhone wählen - c:\programdata\1&1\1&1 SoftPhone\ContextMenuHandler.html
IE: SmarThru4 Als HTML speichern - c:\program files (x86)\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Auswahl erfassen - c:\program files (x86)\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Capture Selection - c:\program files (x86)\SmarThru 4\x64\WebCapture.dll2.htm
IE: SmarThru4 Markierten Text speichern - c:\program files (x86)\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Save as HTML - c:\program files (x86)\SmarThru 4\x64\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files (x86)\SmarThru 4\x64\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files (x86)\SmarThru 4\WebCapture.dll
IE: Videos mit FDM herunterladen - file://d:\programme\Free Download Manager\dlfvideo.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\b8faeuto.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ig?hl=de&source=iglk
FF - prefs.js: network.proxy.ftp - 71.239.103.253
FF - prefs.js: network.proxy.ftp_port - 34056
FF - prefs.js: network.proxy.http - 178.18.17.250
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 71.239.103.253
FF - prefs.js: network.proxy.socks_port - 34056
FF - prefs.js: network.proxy.ssl - 71.239.103.253
FF - prefs.js: network.proxy.ssl_port - 34056
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-11-22 20:23; admin@proxy-listen.de; c:\users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\b8faeuto.default\extensions\admin@proxy-listen.de.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - (no file)
Wow6432Node-HKCU-Run-phonostarTimer - d:\programme\phonostar-Player\phonostarTimer.exe
Wow6432Node-HKCU-Run-myscriptstylus.exe - c:\program files (x86)\Vision Objects\Bamboo Scribe\BambooScribe.exe
Wow6432Node-HKCU-Run-BambooScribe.exe - c:\program files (x86)\Vision Objects\Bamboo Scribe\BambooScribe.exe
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-KiesHelper - c:\program files (x86)\Samsung\Kies\KiesHelper.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-phonostar-PlayerTimer - d:\programme\phonostar-Player\phonostarTimer.exe
Wow6432Node-HKLM-Run-BambooCore - e:\programme\Bamboo Dock\BambooCore.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-ksupmgr
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
AddRemove-BTmod - d:\programme\Steam\steamapps\common\Oblivion\Data\BTmod-Uninstall.exe
AddRemove-Kalender - c:\windows\Uninstall_tkexe -kalender
AddRemove-Oblivion mod manager_is1 - d:\programme\Steam\steamapps\common\Oblivion\obmm\uninstall\unins000.exe
AddRemove-pcsx2-r4600 - j:\spiele\Emulatoren\PS2\Uninst-pcsx2-r4600.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-Simon3D - c:\windows\IsUn0407.exe
AddRemove-Unofficial Oblivion Patch_is1 - d:\programme\Steam\steamapps\common\Oblivion\Unofficial Oblivion Patch\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*#ŠGo\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*F*e*i*e*r*èv•m\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*K*o*e*r*p*e*
u•m\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*u*n*g*l*a*‡ïó[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*cu•m]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*cu•m\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*cu•m]
"0"=hex:66,69,6c,65,3a,2f,2f,2f,48,3a,2f,46,69,6c,6d,65,2f,41,76,61,74,61,72,
2f,41,76,61,74,61,72,32,2f,31,37,25,32,30,2d,25,32,30,44,65,72,25,32,30,4c,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{15AE2FBA-B4B6-4E80-D917-D1C5EF8D7DBC}*]
@Allowed: (Read) (RestrictedCode)
"iammidhgfdgbabbgpd"=hex:6b,61,69,70,64,63,6b,64,61,61,6b,6d,6d,6d,6c,6c,70,61,
61,6a,6e,69,00,00
"haglocgghajckglb"=hex:6b,61,69,70,64,63,6b,64,61,61,6b,6d,6d,6d,6c,6c,70,61,
61,6a,6e,69,00,00
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:89,34,78,ec,7f,3a,46,cc,27,b1,82,75,f3,af,61,ad,a6,5e,33,45,e1,a3,22,
36,2f,9e,da,72,bd,84,ae,be,11,f6,2b,ee,b8,1e,7b,e1,96,b0,4d,38,53,35,f0,49,\
"??"=hex:f5,54,f1,23,dd,6b,80,35,ad,30,d9,73,4f,71,de,4f
.
[HKEY_USERS\S-1-5-21-263986277-1405207633-1788618665-1001\Software\SecuROM\License information*]
"datasecu"=hex:b2,25,45,99,c2,fb,23,bf,a9,bb,ed,22,cf,a1,35,f7,e7,51,95,4e,7f,
71,54,2e,2d,0e,40,1d,f9,62,91,35,ed,cb,bd,76,d9,d3,ec,00,21,00,3c,a4,cc,ed,\
"rkeysecu"=hex:20,a6,c3,91,25,1e,04,0d,32,b3,52,41,82,43,5e,25
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Ralink\Common\RaRegistry.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-11-28 23:49:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-11-28 22:49
.
Vor Suchlauf: 1.662.050.304 Bytes frei
Nach Suchlauf: 1.624.862.720 Bytes frei
.
- - End Of File - - 64CF7E2725B0ECD1729F6AD73F4085C2
|
|
29.11.2012, 12:25
| #6 | |
| /// TB-Ausbilder | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Schritt 1: ZoneAlarm inklusive Toolbar deinstallieren und Reste hiermit entfernen Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen Schritt 3: Kannst du dir erklären wo diese Proxyeinträge herkommen? Zitat:
__________________ --> TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden |
|
29.11.2012, 13:14
| #7 |
| | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Habe ZoneAlarm installiert. Hat zwar eine Verknüpfung auf dem Desktop hinterlassen zum Installieren, hab ich aber gelöscht. AdwCleaner ist durchgelaufen und hat ein Logfile erstellt. Zu den Proxyeinträgen: Ich habe in letzter Zeit öfter Proxy-Server benutzt um eine Amerikanische IP zu erhalten. Wahrscheinlich hat das damit zu tun. |
|
29.11.2012, 13:15
| #8 | |
| /// TB-Ausbilder | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Dann sollte alles okay sein. Schritt 1: Quick-Scan mit Malwarebytes Schritt 2: ESET Online Scanner Zitat:
Schritt 3: Scan mit SecurityCheck Downloade Dir bitte SecurityCheck
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.11.2012, 20:11
| #9 |
| | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden So, nachdem ESET endlich durchgelaufen ist hier die Logs. Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.29.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Dirk :: DIRK_**** [Administrator] 29.11.2012 13:21:30 mbam-log-2012-11-29 (13-21-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 241606 Laufzeit: 6 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter D:\Downloads\img_1559.rar Archbomb.RAR trojan
D:\Downloads\uiso9_pe.exe a variant of Win32/InstallShare.A application
D:\Programme\AnyDVD\ElbyCDIO.dll a variant of Win32/Packed.Enigma.AAF trojan
D:\Programme\SuperOneClick\Exploits\psneuter Android/Exploit.Lotoor.AK trojan
D:\Programme\SuperOneClick\Exploits\zergRush Android/Exploit.Lotoor.AN trojan
D:\Spiele\Sonstige Spiele\DS\myZoomSoft.exe probably a variant of Win32/Agent.CLDLOFD trojan
D:\Spiele\Sonstige Spiele\DS\Anfänger\Löschen\MYZOOMSOFT.EXE probably a variant of Win32/Agent.CLDLOFD trojan
D:\Spiele\Sonstige Spiele\SEGA Saturn\Cassini_4.exe probably a variant of Win32/Agent.HYZZFRQ trojan
Code:
ATTFilter Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.65.1.1000 JavaFX 2.1.1 Java(TM) 6 Update 29 Java(TM) 6 Update 33 Java 7 Update 9 Java-Editor 10.4s, 2010.12.17 Adobe Flash Player 11.5.502.110 Mozilla Firefox 4.0b6 Firefox out of Date! Mozilla Thunderbird (3.0.3) Thunderbird out of Date! Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 Google Chrome 23.0.1271.91 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avguard.exe StarMoney 8.0 S-Edition ouservice StarMoneyOnlineUpdate.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
29.11.2012, 20:24
| #10 |
| /// TB-Ausbilder | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Schritt 1: Superone deinstallieren und Finger weg von so einem Mist! Schritt 2: Avira Update. Schritt 3: Deinstalliere Java 6 U29/33 Schritt 4: Update: Firefox, Addons und Plugins Schritt 5: Thunderbird Update analog! Schritt 6: Scan mit SecurityCheck Downloade Dir bitte SecurityCheck
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.11.2012, 21:34
| #11 |
| | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Habe alles so gemacht. Avira und Thunderbird waren auf dem neuesten Stand. Java 6 Update 29 wurde unter Programme und Funktionen nicht aufgeführt, nur 33. Habe mal JavaRa durchlaufen lassen. SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.65.1.1000 JavaFX 2.1.1 Java(TM) 6 Update 29 Java 7 Update 9 Java-Editor 10.4s, 2010.12.17 Adobe Flash Player 11.5.502.110 Adobe Reader XI Mozilla Firefox 4.0b6 Firefox out of Date! Mozilla Thunderbird (3.0.3) Thunderbird out of Date! Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 Google Chrome 23.0.1271.91 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe StarMoney 8.0 S-Edition ouservice StarMoneyOnlineUpdate.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
29.11.2012, 21:37
| #12 | ||||
| /// TB-Ausbilder | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Hm dann bitte Firefox und Thunderbird von der Webseite herunterladen und drüber installieren. Ansonsten .... Prima!  Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Schritt 1: Tools deinstallieren
Schritt 2: ESET deinstallieren (Optional) Abschließend noch Tipps zu folgenden Themen:
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.11.2012, 21:55
| #13 |
| | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden So habe alles deinstalliert. Ich wollte noch fragen, ob die Windows Firewall ausreicht, weil ich ja ZoneAlarm deinstalliert habe. Vielen Dank. |
|
29.11.2012, 22:50
| #14 |
| /// TB-Ausbilder | TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden Du solltest sie genau aus dem Grund deinstallieren, weil die normale ausreichend ist  Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu TR/ATRAPS.Gen mit Avira in OrcsMustDie2.exe gefunden |
| .exe, avira, build, download, downloading, gefunde, inter, interne, langsam, loading, nachrichten, neu, probleme, release, steam, thread, tr/atraps.gen, versendet, warnung, zu langsam |
Button.
und dann 
+ R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Linear-Darstellung
