| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malewarebytes, Trojaner.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.12.2012, 19:48
| #16 |
 |  Malewarebytes, Trojaner. Anhang 47248 Ich konnte es jetzt nur hochladen, weil ich es gezipt habe. Hatte es nochmal durchlaufen lassen u. es war wieder so. |
|
06.12.2012, 09:38
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malewarebytes, Trojaner. Die MBR.DAT ist NICHT das Logfile sondern eine Kopie des MBR!
__________________Du solltest den Inhalt der aswMBR.txt posten
__________________ |
|
19.12.2012, 15:08
| #18 |
| | Malewarebytes, Trojaner. Ich bin zurück!!!
__________________Und nun auch wieder etwas klarer im Gehirn. Hier mein Log. Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-03 21:32:03
-----------------------------
21:32:03.596 OS Version: Windows x64 6.1.7601 Service Pack 1
21:32:03.596 Number of processors: 2 586 0x200
21:32:03.596 ComputerName: HEIKE-TOSH UserName: Heike
21:32:08.105 Initialize success
21:58:39.153 AVAST engine defs: 12120300
22:03:32.574 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
22:03:32.574 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11
22:03:32.605 Disk 0 MBR read successfully
22:03:32.621 Disk 0 MBR scan
22:03:32.746 Disk 0 Windows 7 default MBR code
22:03:32.777 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
22:03:32.808 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
22:03:32.839 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
22:03:32.980 Disk 0 scanning C:\Windows\system32\drivers
22:04:15.084 Service scanning
22:05:20.682 Modules scanning
22:05:20.698 Disk 0 trace - called modules:
22:05:20.760 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
22:05:20.838 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80023f7330]
22:05:20.854 3 CLASSPNP.SYS[fffff880019b043f] -> nt!IofCallDriver -> [0xfffffa80022c7040]
22:05:20.885 5 amd_xata.sys[fffff880010808b4] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8001de77e0]
22:05:23.100 AVAST engine scan C:\Windows
22:05:26.423 AVAST engine scan C:\Windows\system32
22:10:22.387 AVAST engine scan C:\Windows\system32\drivers
22:10:40.779 AVAST engine scan C:\Users\Heike
22:16:06.196 File: C:\Users\Heike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\33a155c1-2268aa0f **INFECTED** Win32:Rootkit-gen [Rtk]
22:21:43.843 AVAST engine scan C:\ProgramData
22:23:38.565 Scan finished successfully
22:24:55.661 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
22:24:55.661 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-03 21:32:03
-----------------------------
21:32:03.596 OS Version: Windows x64 6.1.7601 Service Pack 1
21:32:03.596 Number of processors: 2 586 0x200
21:32:03.596 ComputerName: HEIKE-TOSH UserName: Heike
21:32:08.105 Initialize success
21:58:39.153 AVAST engine defs: 12120300
22:03:32.574 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
22:03:32.574 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11
22:03:32.605 Disk 0 MBR read successfully
22:03:32.621 Disk 0 MBR scan
22:03:32.746 Disk 0 Windows 7 default MBR code
22:03:32.777 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
22:03:32.808 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
22:03:32.839 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
22:03:32.980 Disk 0 scanning C:\Windows\system32\drivers
22:04:15.084 Service scanning
22:05:20.682 Modules scanning
22:05:20.698 Disk 0 trace - called modules:
22:05:20.760 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
22:05:20.838 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80023f7330]
22:05:20.854 3 CLASSPNP.SYS[fffff880019b043f] -> nt!IofCallDriver -> [0xfffffa80022c7040]
22:05:20.885 5 amd_xata.sys[fffff880010808b4] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8001de77e0]
22:05:23.100 AVAST engine scan C:\Windows
22:05:26.423 AVAST engine scan C:\Windows\system32
22:10:22.387 AVAST engine scan C:\Windows\system32\drivers
22:10:40.779 AVAST engine scan C:\Users\Heike
22:16:06.196 File: C:\Users\Heike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\33a155c1-2268aa0f **INFECTED** Win32:Rootkit-gen [Rtk]
22:21:43.843 AVAST engine scan C:\ProgramData
22:23:38.565 Scan finished successfully
22:24:55.661 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
22:24:55.661 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
22:28:59.135 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
22:28:59.150 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-05 17:36:03
-----------------------------
17:36:03.656 OS Version: Windows x64 6.1.7601 Service Pack 1
17:36:03.656 Number of processors: 2 586 0x200
17:36:03.671 ComputerName: HEIKE-TOSH UserName: Heike
17:36:06.682 Initialize success
18:52:28.519 AVAST engine defs: 12120500
19:03:56.917 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
19:03:56.917 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11
19:03:56.949 Disk 0 MBR read successfully
19:03:56.949 Disk 0 MBR scan
19:03:57.058 Disk 0 Windows 7 default MBR code
19:03:57.089 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
19:03:57.120 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
19:03:57.151 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
19:03:57.214 Disk 0 scanning C:\Windows\system32\drivers
19:04:11.301 Service scanning
19:05:11.033 Modules scanning
19:05:11.049 Disk 0 trace - called modules:
19:05:11.095 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
19:05:11.111 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80023f72d0]
19:05:11.127 3 CLASSPNP.SYS[fffff880019a243f] -> nt!IofCallDriver -> [0xfffffa80022c3ac0]
19:05:11.142 5 amd_xata.sys[fffff880010b28b4] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8001dca240]
19:05:12.375 AVAST engine scan C:\Windows
19:05:15.339 AVAST engine scan C:\Windows\system32
19:09:35.610 AVAST engine scan C:\Windows\system32\drivers
19:09:51.288 AVAST engine scan C:\Users\Heike
19:13:33.073 File: C:\Users\Heike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\33a155c1-2268aa0f **INFECTED** Win32:Rootkit-gen [Rtk]
19:17:58.461 AVAST engine scan C:\ProgramData
19:19:38.925 Scan finished successfully
19:32:52.342 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
19:32:52.374 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
Viele Grüße Heike Geändert von cosinus (19.12.2012 um 23:14 Uhr) Grund: CODE-Tags |
|
19.12.2012, 23:14
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes, Trojaner. Die Logs bitte in CODE-Tags posten!  Und was ist mit dem TDSS-Killer? Wo ist das Log dazu? 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.12.2012, 20:32
| #20 |
| | Malewarebytes, Trojaner.Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-03 21:32:03
-----------------------------
21:32:03.596 OS Version: Windows x64 6.1.7601 Service Pack 1
21:32:03.596 Number of processors: 2 586 0x200
21:32:03.596 ComputerName: HEIKE-TOSH UserName: Heike
21:32:08.105 Initialize success
21:58:39.153 AVAST engine defs: 12120300
22:03:32.574 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
22:03:32.574 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11
22:03:32.605 Disk 0 MBR read successfully
22:03:32.621 Disk 0 MBR scan
22:03:32.746 Disk 0 Windows 7 default MBR code
22:03:32.777 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
22:03:32.808 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
22:03:32.839 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
22:03:32.980 Disk 0 scanning C:\Windows\system32\drivers
22:04:15.084 Service scanning
22:05:20.682 Modules scanning
22:05:20.698 Disk 0 trace - called modules:
22:05:20.760 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
22:05:20.838 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80023f7330]
22:05:20.854 3 CLASSPNP.SYS[fffff880019b043f] -> nt!IofCallDriver -> [0xfffffa80022c7040]
22:05:20.885 5 amd_xata.sys[fffff880010808b4] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8001de77e0]
22:05:23.100 AVAST engine scan C:\Windows
22:05:26.423 AVAST engine scan C:\Windows\system32
22:10:22.387 AVAST engine scan C:\Windows\system32\drivers
22:10:40.779 AVAST engine scan C:\Users\Heike
22:16:06.196 File: C:\Users\Heike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\33a155c1-2268aa0f **INFECTED** Win32:Rootkit-gen [Rtk]
22:21:43.843 AVAST engine scan C:\ProgramData
22:23:38.565 Scan finished successfully
22:24:55.661 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
22:24:55.661 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-03 21:32:03
-----------------------------
21:32:03.596 OS Version: Windows x64 6.1.7601 Service Pack 1
21:32:03.596 Number of processors: 2 586 0x200
21:32:03.596 ComputerName: HEIKE-TOSH UserName: Heike
21:32:08.105 Initialize success
21:58:39.153 AVAST engine defs: 12120300
22:03:32.574 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
22:03:32.574 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11
22:03:32.605 Disk 0 MBR read successfully
22:03:32.621 Disk 0 MBR scan
22:03:32.746 Disk 0 Windows 7 default MBR code
22:03:32.777 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
22:03:32.808 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
22:03:32.839 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
22:03:32.980 Disk 0 scanning C:\Windows\system32\drivers
22:04:15.084 Service scanning
22:05:20.682 Modules scanning
22:05:20.698 Disk 0 trace - called modules:
22:05:20.760 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
22:05:20.838 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80023f7330]
22:05:20.854 3 CLASSPNP.SYS[fffff880019b043f] -> nt!IofCallDriver -> [0xfffffa80022c7040]
22:05:20.885 5 amd_xata.sys[fffff880010808b4] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8001de77e0]
22:05:23.100 AVAST engine scan C:\Windows
22:05:26.423 AVAST engine scan C:\Windows\system32
22:10:22.387 AVAST engine scan C:\Windows\system32\drivers
22:10:40.779 AVAST engine scan C:\Users\Heike
22:16:06.196 File: C:\Users\Heike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\33a155c1-2268aa0f **INFECTED** Win32:Rootkit-gen [Rtk]
22:21:43.843 AVAST engine scan C:\ProgramData
22:23:38.565 Scan finished successfully
22:24:55.661 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
22:24:55.661 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
22:28:59.135 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
22:28:59.150 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-05 17:36:03
-----------------------------
17:36:03.656 OS Version: Windows x64 6.1.7601 Service Pack 1
17:36:03.656 Number of processors: 2 586 0x200
17:36:03.671 ComputerName: HEIKE-TOSH UserName: Heike
17:36:06.682 Initialize success
18:52:28.519 AVAST engine defs: 12120500
19:03:56.917 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
19:03:56.917 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11
19:03:56.949 Disk 0 MBR read successfully
19:03:56.949 Disk 0 MBR scan
19:03:57.058 Disk 0 Windows 7 default MBR code
19:03:57.089 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
19:03:57.120 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
19:03:57.151 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
19:03:57.214 Disk 0 scanning C:\Windows\system32\drivers
19:04:11.301 Service scanning
19:05:11.033 Modules scanning
19:05:11.049 Disk 0 trace - called modules:
19:05:11.095 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
19:05:11.111 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80023f72d0]
19:05:11.127 3 CLASSPNP.SYS[fffff880019a243f] -> nt!IofCallDriver -> [0xfffffa80022c3ac0]
19:05:11.142 5 amd_xata.sys[fffff880010b28b4] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8001dca240]
19:05:12.375 AVAST engine scan C:\Windows
19:05:15.339 AVAST engine scan C:\Windows\system32
19:09:35.610 AVAST engine scan C:\Windows\system32\drivers
19:09:51.288 AVAST engine scan C:\Users\Heike
19:13:33.073 File: C:\Users\Heike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\33a155c1-2268aa0f **INFECTED** Win32:Rootkit-gen [Rtk]
19:17:58.461 AVAST engine scan C:\ProgramData
19:19:38.925 Scan finished successfully
19:32:52.342 Disk 0 MBR has been saved successfully to "C:\Users\Heike\Desktop\MBR.dat"
19:32:52.374 The log file has been saved successfully to "C:\Users\Heike\Desktop\aswMBR.txt"
|
|
20.12.2012, 20:37
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes, Trojaner. Log vom TDSS-Killer fehlt immer noch!
__________________ --> Malewarebytes, Trojaner. |
|
20.12.2012, 20:42
| #22 |
| | Malewarebytes, Trojaner. Gleich, bin dabei. Code:
ATTFilter 20:37:40.0963 3944 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:37:41.0353 3944 ============================================================
20:37:41.0353 3944 Current date / time: 2012/12/20 20:37:41.0353
20:37:41.0353 3944 SystemInfo:
20:37:41.0353 3944
20:37:41.0353 3944 OS Version: 6.1.7601 ServicePack: 1.0
20:37:41.0353 3944 Product type: Workstation
20:37:41.0353 3944 ComputerName: HEIKE-TOSH
20:37:41.0353 3944 UserName: Heike
20:37:41.0353 3944 Windows directory: C:\Windows
20:37:41.0353 3944 System windows directory: C:\Windows
20:37:41.0353 3944 Running under WOW64
20:37:41.0353 3944 Processor architecture: Intel x64
20:37:41.0353 3944 Number of processors: 2
20:37:41.0353 3944 Page size: 0x1000
20:37:41.0353 3944 Boot type: Normal boot
20:37:41.0353 3944 ============================================================
20:37:43.0942 3944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:37:43.0942 3944 ============================================================
20:37:43.0942 3944 \Device\Harddisk0\DR0:
20:37:43.0942 3944 MBR partitions:
20:37:43.0942 3944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
20:37:43.0942 3944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
20:37:43.0942 3944 ============================================================
20:37:44.0005 3944 C: <-> \Device\Harddisk0\DR0\Partition1
20:37:44.0083 3944 D: <-> \Device\Harddisk0\DR0\Partition2
20:37:44.0083 3944 ============================================================
20:37:44.0083 3944 Initialize success
20:37:44.0098 3944 ============================================================
20:38:00.0260 4032 ============================================================
20:38:00.0260 4032 Scan started
20:38:00.0260 4032 Mode: Manual; SigCheck; TDLFS;
20:38:00.0260 4032 ============================================================
20:38:01.0399 4032 ================ Scan system memory ========================
20:38:01.0399 4032 System memory - ok
20:38:01.0399 4032 ================ Scan services =============================
20:38:01.0570 4032 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:38:01.0757 4032 1394ohci - ok
20:38:01.0789 4032 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:38:01.0835 4032 ACPI - ok
20:38:01.0867 4032 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:38:01.0976 4032 AcpiPmi - ok
20:38:02.0101 4032 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:38:02.0132 4032 AdobeFlashPlayerUpdateSvc - ok
20:38:02.0179 4032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:38:02.0225 4032 adp94xx - ok
20:38:02.0288 4032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:38:02.0335 4032 adpahci - ok
20:38:02.0335 4032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:38:02.0366 4032 adpu320 - ok
20:38:02.0413 4032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:38:02.0631 4032 AeLookupSvc - ok
20:38:02.0693 4032 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:38:02.0787 4032 AFD - ok
20:38:02.0834 4032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:38:02.0865 4032 agp440 - ok
20:38:02.0896 4032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:38:03.0005 4032 ALG - ok
20:38:03.0037 4032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:38:03.0068 4032 aliide - ok
20:38:03.0115 4032 [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:38:03.0224 4032 AMD External Events Utility - ok
20:38:03.0239 4032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:38:03.0271 4032 amdide - ok
20:38:03.0302 4032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:38:03.0349 4032 AmdK8 - ok
20:38:03.0645 4032 [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:38:04.0051 4032 amdkmdag - ok
20:38:04.0113 4032 [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:38:04.0175 4032 amdkmdap - ok
20:38:04.0222 4032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:38:04.0285 4032 AmdPPM - ok
20:38:04.0331 4032 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:38:04.0363 4032 amdsata - ok
20:38:04.0378 4032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:38:04.0409 4032 amdsbs - ok
20:38:04.0441 4032 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:38:04.0472 4032 amdxata - ok
20:38:04.0503 4032 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
20:38:04.0550 4032 amd_sata - ok
20:38:04.0565 4032 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
20:38:04.0581 4032 amd_xata - ok
20:38:04.0628 4032 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:38:04.0846 4032 AppID - ok
20:38:04.0877 4032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:38:04.0971 4032 AppIDSvc - ok
20:38:05.0002 4032 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:38:05.0111 4032 Appinfo - ok
20:38:05.0158 4032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:38:05.0189 4032 arc - ok
20:38:05.0205 4032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:38:05.0236 4032 arcsas - ok
20:38:05.0236 4032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:38:05.0345 4032 AsyncMac - ok
20:38:05.0377 4032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:38:05.0408 4032 atapi - ok
20:38:05.0486 4032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:38:05.0611 4032 AudioEndpointBuilder - ok
20:38:05.0626 4032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:38:05.0751 4032 AudioSrv - ok
20:38:05.0782 4032 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:38:05.0876 4032 AxInstSV - ok
20:38:05.0923 4032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:38:05.0985 4032 b06bdrv - ok
20:38:06.0047 4032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:38:06.0094 4032 b57nd60a - ok
20:38:06.0141 4032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:38:06.0172 4032 BDESVC - ok
20:38:06.0203 4032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:38:06.0297 4032 Beep - ok
20:38:06.0359 4032 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:38:06.0484 4032 BFE - ok
20:38:06.0547 4032 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:38:06.0687 4032 BITS - ok
20:38:06.0734 4032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:38:06.0765 4032 blbdrive - ok
20:38:06.0796 4032 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:38:06.0859 4032 bowser - ok
20:38:06.0905 4032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:38:06.0952 4032 BrFiltLo - ok
20:38:06.0983 4032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:38:07.0030 4032 BrFiltUp - ok
20:38:07.0061 4032 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:38:07.0108 4032 Browser - ok
20:38:07.0155 4032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:38:07.0233 4032 Brserid - ok
20:38:07.0249 4032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:38:07.0311 4032 BrSerWdm - ok
20:38:07.0342 4032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:38:07.0389 4032 BrUsbMdm - ok
20:38:07.0405 4032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:38:07.0451 4032 BrUsbSer - ok
20:38:07.0483 4032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:38:07.0529 4032 BTHMODEM - ok
20:38:07.0592 4032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:38:07.0670 4032 bthserv - ok
20:38:07.0701 4032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:38:07.0795 4032 cdfs - ok
20:38:07.0841 4032 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:38:07.0873 4032 cdrom - ok
20:38:07.0904 4032 [ 7E83E47BD1FF93E11CD69F1AD65A9581 ] CeKbFilter C:\Windows\system32\DRIVERS\CeKbFilter.sys
20:38:07.0935 4032 CeKbFilter - ok
20:38:07.0982 4032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:38:08.0075 4032 CertPropSvc - ok
20:38:08.0200 4032 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
20:38:08.0263 4032 cfWiMAXService - ok
20:38:08.0294 4032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:38:08.0341 4032 circlass - ok
20:38:08.0403 4032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:38:08.0434 4032 CLFS - ok
20:38:08.0528 4032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:38:08.0575 4032 clr_optimization_v2.0.50727_32 - ok
20:38:08.0637 4032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:38:08.0668 4032 clr_optimization_v2.0.50727_64 - ok
20:38:08.0746 4032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:38:08.0824 4032 clr_optimization_v4.0.30319_32 - ok
20:38:08.0887 4032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:38:08.0902 4032 clr_optimization_v4.0.30319_64 - ok
20:38:08.0949 4032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:38:08.0996 4032 CmBatt - ok
20:38:09.0027 4032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:38:09.0043 4032 cmdide - ok
20:38:09.0089 4032 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:38:09.0214 4032 CNG - ok
20:38:09.0261 4032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:38:09.0292 4032 Compbatt - ok
20:38:09.0323 4032 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:38:09.0370 4032 CompositeBus - ok
20:38:09.0401 4032 COMSysApp - ok
20:38:09.0448 4032 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
20:38:09.0464 4032 ConfigFree Service - ok
20:38:09.0495 4032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:38:09.0511 4032 crcdisk - ok
20:38:09.0573 4032 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:38:09.0651 4032 CryptSvc - ok
20:38:09.0760 4032 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:38:09.0823 4032 cvhsvc - ok
20:38:09.0885 4032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:38:09.0994 4032 DcomLaunch - ok
20:38:10.0041 4032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:38:10.0150 4032 defragsvc - ok
20:38:10.0181 4032 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:38:10.0291 4032 DfsC - ok
20:38:10.0353 4032 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:38:10.0369 4032 dg_ssudbus - ok
20:38:10.0447 4032 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:38:10.0618 4032 Dhcp - ok
20:38:10.0634 4032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:38:10.0759 4032 discache - ok
20:38:10.0805 4032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:38:10.0837 4032 Disk - ok
20:38:10.0868 4032 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:38:10.0930 4032 Dnscache - ok
20:38:10.0977 4032 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:38:11.0086 4032 dot3svc - ok
20:38:11.0149 4032 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:38:11.0211 4032 Dot4 - ok
20:38:11.0258 4032 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:38:11.0305 4032 Dot4Print - ok
20:38:11.0320 4032 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:38:11.0367 4032 dot4usb - ok
20:38:11.0414 4032 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:38:11.0507 4032 DPS - ok
20:38:11.0539 4032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:38:11.0585 4032 drmkaud - ok
20:38:11.0632 4032 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:38:11.0695 4032 DXGKrnl - ok
20:38:11.0757 4032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:38:11.0866 4032 EapHost - ok
20:38:11.0975 4032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:38:12.0163 4032 ebdrv - ok
20:38:12.0209 4032 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:38:12.0303 4032 EFS - ok
20:38:12.0365 4032 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:38:12.0459 4032 ehRecvr - ok
20:38:12.0490 4032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:38:12.0537 4032 ehSched - ok
20:38:12.0599 4032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:38:12.0646 4032 elxstor - ok
20:38:12.0662 4032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:38:12.0709 4032 ErrDev - ok
20:38:12.0771 4032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:38:12.0880 4032 EventSystem - ok
20:38:12.0927 4032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:38:13.0005 4032 exfat - ok
20:38:13.0036 4032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:38:13.0145 4032 fastfat - ok
20:38:13.0192 4032 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:38:13.0286 4032 Fax - ok
20:38:13.0317 4032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:38:13.0348 4032 fdc - ok
20:38:13.0379 4032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:38:13.0473 4032 fdPHost - ok
20:38:13.0504 4032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:38:13.0598 4032 FDResPub - ok
20:38:13.0645 4032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:38:13.0660 4032 FileInfo - ok
20:38:13.0676 4032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:38:13.0801 4032 Filetrace - ok
20:38:13.0832 4032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:38:13.0863 4032 flpydisk - ok
20:38:13.0894 4032 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:38:13.0941 4032 FltMgr - ok
20:38:13.0988 4032 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:38:14.0081 4032 FontCache - ok
20:38:14.0128 4032 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:38:14.0175 4032 FontCache3.0.0.0 - ok
20:38:14.0191 4032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:38:14.0222 4032 FsDepends - ok
20:38:14.0253 4032 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:38:14.0284 4032 fssfltr - ok
20:38:14.0409 4032 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:38:14.0503 4032 fsssvc - ok
20:38:14.0549 4032 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:38:14.0581 4032 Fs_Rec - ok
20:38:14.0627 4032 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:38:14.0674 4032 fvevol - ok
20:38:14.0690 4032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:38:14.0721 4032 gagp30kx - ok
20:38:14.0768 4032 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:38:14.0877 4032 gpsvc - ok
20:38:14.0986 4032 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:38:15.0017 4032 gupdate - ok
20:38:15.0080 4032 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:38:15.0111 4032 gupdatem - ok
20:38:15.0142 4032 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:38:15.0173 4032 gusvc - ok
20:38:15.0205 4032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:38:15.0251 4032 hcw85cir - ok
20:38:15.0298 4032 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:38:15.0361 4032 HdAudAddService - ok
20:38:15.0407 4032 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:38:15.0454 4032 HDAudBus - ok
20:38:15.0485 4032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:38:15.0532 4032 HidBatt - ok
20:38:15.0563 4032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:38:15.0610 4032 HidBth - ok
20:38:15.0657 4032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:38:15.0688 4032 HidIr - ok
20:38:15.0719 4032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:38:15.0813 4032 hidserv - ok
20:38:15.0860 4032 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:38:15.0891 4032 HidUsb - ok
20:38:15.0938 4032 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:38:16.0031 4032 hkmsvc - ok
20:38:16.0078 4032 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:38:16.0141 4032 HomeGroupListener - ok
20:38:16.0172 4032 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:38:16.0234 4032 HomeGroupProvider - ok
20:38:16.0359 4032 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:38:16.0406 4032 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:38:16.0406 4032 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:38:16.0453 4032 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:38:16.0499 4032 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:38:16.0499 4032 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:38:16.0531 4032 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:38:16.0562 4032 HpSAMD - ok
20:38:16.0640 4032 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:38:16.0687 4032 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:38:16.0687 4032 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:38:16.0733 4032 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:38:16.0858 4032 HTTP - ok
20:38:16.0889 4032 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:38:16.0921 4032 hwpolicy - ok
20:38:16.0952 4032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:38:16.0983 4032 i8042prt - ok
20:38:17.0030 4032 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:38:17.0061 4032 iaStorV - ok
20:38:17.0155 4032 [ DABFBE88774A3C1A8CEA198348E02740 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
20:38:17.0248 4032 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
20:38:17.0248 4032 IconMan_R - detected UnsignedFile.Multi.Generic (1)
20:38:17.0326 4032 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:38:17.0389 4032 idsvc - ok
20:38:17.0420 4032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:38:17.0451 4032 iirsp - ok
20:38:17.0498 4032 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:38:17.0607 4032 IKEEXT - ok
20:38:17.0732 4032 [ 8BC7EB3BF3FA1C434AA830A50456DD02 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:38:17.0872 4032 IntcAzAudAddService - ok
20:38:17.0903 4032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:38:17.0919 4032 intelide - ok
20:38:17.0935 4032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:38:17.0981 4032 intelppm - ok
20:38:18.0028 4032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:38:18.0137 4032 IPBusEnum - ok
20:38:18.0169 4032 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:38:18.0262 4032 IpFilterDriver - ok
20:38:18.0325 4032 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:38:18.0418 4032 iphlpsvc - ok
20:38:18.0449 4032 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:38:18.0512 4032 IPMIDRV - ok
20:38:18.0543 4032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:38:18.0637 4032 IPNAT - ok
20:38:18.0683 4032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:38:18.0746 4032 IRENUM - ok
20:38:18.0793 4032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:38:18.0824 4032 isapnp - ok
20:38:18.0855 4032 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:38:18.0886 4032 iScsiPrt - ok
20:38:18.0933 4032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:38:18.0949 4032 kbdclass - ok
20:38:19.0011 4032 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:38:19.0058 4032 kbdhid - ok
20:38:19.0089 4032 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:38:19.0120 4032 KeyIso - ok
20:38:19.0167 4032 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:38:19.0198 4032 KSecDD - ok
20:38:19.0245 4032 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:38:19.0276 4032 KSecPkg - ok
20:38:19.0307 4032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:38:19.0401 4032 ksthunk - ok
20:38:19.0744 4032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:38:19.0853 4032 KtmRm - ok
20:38:19.0916 4032 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:38:20.0009 4032 LanmanServer - ok
20:38:20.0072 4032 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:38:20.0165 4032 LanmanWorkstation - ok
20:38:20.0228 4032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:38:20.0321 4032 lltdio - ok
20:38:20.0368 4032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:38:20.0477 4032 lltdsvc - ok
20:38:20.0509 4032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:38:20.0602 4032 lmhosts - ok
20:38:20.0665 4032 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
20:38:20.0680 4032 LPCFilter - ok
20:38:20.0727 4032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:38:20.0758 4032 LSI_FC - ok
20:38:20.0789 4032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:38:20.0805 4032 LSI_SAS - ok
20:38:20.0821 4032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:38:20.0852 4032 LSI_SAS2 - ok
20:38:20.0867 4032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:38:20.0899 4032 LSI_SCSI - ok
20:38:20.0930 4032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:38:21.0023 4032 luafv - ok
20:38:21.0101 4032 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:38:21.0117 4032 MBAMProtector - ok
20:38:21.0195 4032 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:38:21.0242 4032 MBAMScheduler - ok
20:38:21.0304 4032 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:38:21.0351 4032 MBAMService - ok
20:38:21.0382 4032 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:38:21.0429 4032 Mcx2Svc - ok
20:38:21.0460 4032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:38:21.0491 4032 megasas - ok
20:38:21.0523 4032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:38:21.0554 4032 MegaSR - ok
20:38:21.0601 4032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:38:21.0694 4032 MMCSS - ok
20:38:21.0741 4032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:38:21.0850 4032 Modem - ok
20:38:21.0881 4032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:38:21.0944 4032 monitor - ok
20:38:21.0991 4032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:38:22.0022 4032 mouclass - ok
20:38:22.0037 4032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
20:38:22.0084 4032 mouhid - ok
20:38:22.0131 4032 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:38:22.0162 4032 mountmgr - ok
20:38:22.0178 4032 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:38:22.0209 4032 mpio - ok
20:38:22.0240 4032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:38:22.0318 4032 mpsdrv - ok
20:38:22.0365 4032 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:38:22.0459 4032 MpsSvc - ok
20:38:22.0490 4032 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:38:22.0537 4032 MRxDAV - ok
20:38:22.0583 4032 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:38:22.0661 4032 mrxsmb - ok
20:38:22.0708 4032 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:38:22.0739 4032 mrxsmb10 - ok
20:38:22.0755 4032 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:38:22.0786 4032 mrxsmb20 - ok
20:38:22.0817 4032 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
20:38:22.0849 4032 msahci - ok
20:38:22.0880 4032 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:38:22.0911 4032 msdsm - ok
20:38:22.0927 4032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:38:22.0973 4032 MSDTC - ok
20:38:23.0036 4032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:38:23.0129 4032 Msfs - ok
20:38:23.0161 4032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:38:23.0254 4032 mshidkmdf - ok
20:38:23.0270 4032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:38:23.0301 4032 msisadrv - ok
20:38:23.0348 4032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:38:23.0441 4032 MSiSCSI - ok
20:38:23.0457 4032 msiserver - ok
20:38:23.0488 4032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:38:23.0597 4032 MSKSSRV - ok
20:38:23.0613 4032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:38:23.0707 4032 MSPCLOCK - ok
20:38:23.0753 4032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:38:23.0847 4032 MSPQM - ok
20:38:23.0878 4032 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:38:23.0925 4032 MsRPC - ok
20:38:23.0972 4032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:38:23.0987 4032 mssmbios - ok
20:38:24.0019 4032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:38:24.0128 4032 MSTEE - ok
20:38:24.0143 4032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:38:24.0190 4032 MTConfig - ok
20:38:24.0221 4032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:38:24.0237 4032 Mup - ok
20:38:24.0284 4032 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:38:24.0393 4032 napagent - ok
20:38:24.0455 4032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:38:24.0533 4032 NativeWifiP - ok
20:38:24.0611 4032 [ 2989174DF02E0AEF54BAE90674FB445F ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
20:38:24.0643 4032 NAUpdate - ok
20:38:24.0705 4032 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:38:24.0767 4032 NDIS - ok
20:38:24.0814 4032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:38:24.0908 4032 NdisCap - ok
20:38:24.0939 4032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:38:25.0017 4032 NdisTapi - ok
20:38:25.0048 4032 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:38:25.0142 4032 Ndisuio - ok
20:38:25.0173 4032 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:38:25.0267 4032 NdisWan - ok
20:38:25.0298 4032 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:38:25.0376 4032 NDProxy - ok
20:38:25.0438 4032 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:38:25.0469 4032 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:38:25.0469 4032 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:38:25.0501 4032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:38:25.0594 4032 NetBIOS - ok
20:38:25.0641 4032 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:38:25.0750 4032 NetBT - ok
20:38:25.0766 4032 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:38:25.0797 4032 Netlogon - ok
20:38:25.0844 4032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:38:25.0953 4032 Netman - ok
20:38:25.0969 4032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:38:26.0078 4032 netprofm - ok
20:38:26.0109 4032 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:38:26.0140 4032 NetTcpPortSharing - ok
20:38:26.0171 4032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:38:26.0187 4032 nfrd960 - ok
20:38:26.0234 4032 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:38:26.0296 4032 NlaSvc - ok
20:38:26.0327 4032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:38:26.0405 4032 Npfs - ok
20:38:26.0437 4032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:38:26.0515 4032 nsi - ok
20:38:26.0561 4032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:38:26.0655 4032 nsiproxy - ok
20:38:26.0749 4032 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:38:26.0873 4032 Ntfs - ok
20:38:26.0905 4032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:38:26.0998 4032 Null - ok
20:38:27.0045 4032 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:38:27.0076 4032 nvraid - ok
20:38:27.0092 4032 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:38:27.0123 4032 nvstor - ok
20:38:27.0139 4032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:38:27.0170 4032 nv_agp - ok
20:38:27.0201 4032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:38:27.0232 4032 ohci1394 - ok
20:38:27.0295 4032 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:38:27.0326 4032 ose - ok
20:38:27.0529 4032 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:38:27.0841 4032 osppsvc - ok
20:38:27.0887 4032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:38:27.0950 4032 p2pimsvc - ok
20:38:27.0981 4032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:38:28.0028 4032 p2psvc - ok
20:38:28.0059 4032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:38:28.0106 4032 Parport - ok
20:38:28.0153 4032 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:38:28.0184 4032 partmgr - ok
20:38:28.0215 4032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:38:28.0277 4032 PcaSvc - ok
20:38:28.0324 4032 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:38:28.0355 4032 pci - ok
20:38:28.0387 4032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
20:38:28.0418 4032 pciide - ok
20:38:28.0433 4032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:38:28.0480 4032 pcmcia - ok
20:38:28.0511 4032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:38:28.0543 4032 pcw - ok
20:38:28.0589 4032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:38:28.0699 4032 PEAUTH - ok
20:38:28.0792 4032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:38:28.0839 4032 PerfHost - ok
20:38:28.0901 4032 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
20:38:28.0933 4032 PGEffect - ok
20:38:28.0995 4032 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:38:29.0151 4032 pla - ok
20:38:29.0198 4032 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:38:29.0276 4032 PlugPlay - ok
20:38:29.0323 4032 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:38:29.0338 4032 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:38:29.0338 4032 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:38:29.0385 4032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:38:29.0416 4032 PNRPAutoReg - ok
20:38:29.0447 4032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:38:29.0494 4032 PNRPsvc - ok
20:38:29.0525 4032 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:38:29.0635 4032 PolicyAgent - ok
20:38:29.0681 4032 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:38:29.0775 4032 Power - ok
20:38:29.0822 4032 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:38:29.0915 4032 PptpMiniport - ok
20:38:29.0947 4032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:38:29.0993 4032 Processor - ok
20:38:30.0040 4032 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:38:30.0118 4032 ProfSvc - ok
20:38:30.0134 4032 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:38:30.0165 4032 ProtectedStorage - ok
20:38:30.0196 4032 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:38:30.0290 4032 Psched - ok
20:38:30.0368 4032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:38:30.0446 4032 ql2300 - ok
20:38:30.0477 4032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:38:30.0508 4032 ql40xx - ok
20:38:30.0539 4032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:38:30.0586 4032 QWAVE - ok
20:38:30.0617 4032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:38:30.0664 4032 QWAVEdrv - ok
20:38:30.0695 4032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:38:30.0789 4032 RasAcd - ok
20:38:30.0836 4032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:38:30.0914 4032 RasAgileVpn - ok
20:38:30.0945 4032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:38:31.0039 4032 RasAuto - ok
20:38:31.0085 4032 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:38:31.0179 4032 Rasl2tp - ok
20:38:31.0210 4032 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:38:31.0304 4032 RasMan - ok
20:38:31.0319 4032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:38:31.0429 4032 RasPppoe - ok
20:38:31.0475 4032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:38:31.0585 4032 RasSstp - ok
20:38:31.0600 4032 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:38:31.0694 4032 rdbss - ok
20:38:31.0725 4032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:38:31.0772 4032 rdpbus - ok
20:38:31.0803 4032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:38:31.0881 4032 RDPCDD - ok
20:38:31.0912 4032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:38:32.0006 4032 RDPENCDD - ok
20:38:32.0053 4032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:38:32.0131 4032 RDPREFMP - ok
20:38:32.0177 4032 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:38:32.0240 4032 RDPWD - ok
20:38:32.0287 4032 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:38:32.0318 4032 rdyboost - ok
20:38:32.0365 4032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:38:32.0474 4032 RemoteAccess - ok
20:38:32.0521 4032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:38:32.0614 4032 RemoteRegistry - ok
20:38:32.0645 4032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:38:32.0739 4032 RpcEptMapper - ok
20:38:32.0786 4032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:38:32.0833 4032 RpcLocator - ok
20:38:32.0864 4032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:38:32.0957 4032 RpcSs - ok
20:38:32.0989 4032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:38:33.0082 4032 rspndr - ok
20:38:33.0160 4032 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:38:33.0191 4032 RSUSBSTOR - ok
20:38:33.0254 4032 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:38:33.0285 4032 RTL8167 - ok
20:38:33.0347 4032 [ FA088015155C4C6DAB5D1D9E68EB9D6B ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
20:38:33.0410 4032 RTL8192Ce - ok
20:38:33.0425 4032 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:38:33.0457 4032 SamSs - ok
20:38:33.0488 4032 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:38:33.0519 4032 sbp2port - ok
20:38:33.0550 4032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:38:33.0644 4032 SCardSvr - ok
20:38:33.0659 4032 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:38:33.0753 4032 scfilter - ok
20:38:33.0815 4032 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:38:33.0940 4032 Schedule - ok
20:38:33.0987 4032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:38:34.0065 4032 SCPolicySvc - ok
20:38:34.0112 4032 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:38:34.0190 4032 SDRSVC - ok
20:38:34.0221 4032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:38:34.0330 4032 secdrv - ok
20:38:34.0361 4032 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:38:34.0439 4032 seclogon - ok
20:38:34.0471 4032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:38:34.0564 4032 SENS - ok
20:38:34.0611 4032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:38:34.0689 4032 SensrSvc - ok
20:38:34.0720 4032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:38:34.0767 4032 Serenum - ok
20:38:34.0798 4032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:38:34.0845 4032 Serial - ok
20:38:34.0876 4032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:38:34.0923 4032 sermouse - ok
20:38:34.0970 4032 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:38:35.0079 4032 SessionEnv - ok
20:38:35.0095 4032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:38:35.0141 4032 sffdisk - ok
20:38:35.0157 4032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:38:35.0204 4032 sffp_mmc - ok
20:38:35.0235 4032 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:38:35.0282 4032 sffp_sd - ok
20:38:35.0313 4032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:38:35.0360 4032 sfloppy - ok
20:38:35.0453 4032 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:38:35.0500 4032 Sftfs - ok
20:38:35.0594 4032 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:38:35.0641 4032 sftlist - ok
20:38:35.0687 4032 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:38:35.0734 4032 Sftplay - ok
20:38:35.0750 4032 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:38:35.0781 4032 Sftredir - ok
20:38:35.0797 4032 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:38:35.0812 4032 Sftvol - ok
20:38:35.0843 4032 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:38:35.0875 4032 sftvsa - ok
20:38:35.0921 4032 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:38:36.0031 4032 SharedAccess - ok
20:38:36.0077 4032 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:38:36.0187 4032 ShellHWDetection - ok
20:38:36.0218 4032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:38:36.0249 4032 SiSRaid2 - ok
20:38:36.0265 4032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:38:36.0296 4032 SiSRaid4 - ok
20:38:36.0311 4032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:38:36.0405 4032 Smb - ok
20:38:36.0467 4032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:38:36.0514 4032 SNMPTRAP - ok
20:38:36.0561 4032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:38:36.0592 4032 spldr - ok
20:38:36.0639 4032 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:38:36.0701 4032 Spooler - ok
20:38:36.0826 4032 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:38:37.0045 4032 sppsvc - ok
20:38:37.0076 4032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:38:37.0169 4032 sppuinotify - ok
20:38:37.0216 4032 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:38:37.0310 4032 srv - ok
20:38:37.0372 4032 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:38:37.0435 4032 srv2 - ok
20:38:37.0466 4032 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:38:37.0497 4032 srvnet - ok
20:38:37.0528 4032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:38:37.0622 4032 SSDPSRV - ok
20:38:37.0637 4032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:38:37.0715 4032 SstpSvc - ok
20:38:37.0778 4032 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:38:37.0793 4032 ssudmdm - ok
20:38:37.0825 4032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:38:37.0856 4032 stexstor - ok
20:38:37.0918 4032 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:38:37.0981 4032 stisvc - ok
20:38:38.0027 4032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:38:38.0043 4032 swenum - ok
20:38:38.0074 4032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:38:38.0168 4032 swprv - ok
20:38:38.0261 4032 [ 9484C1DE568173DC1C44DF80F16092CC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:38:38.0339 4032 SynTP - ok
20:38:38.0417 4032 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:38:38.0542 4032 SysMain - ok
20:38:38.0573 4032 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:38:38.0620 4032 TabletInputService - ok
20:38:38.0651 4032 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:38:38.0761 4032 TapiSrv - ok
20:38:38.0776 4032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:38:38.0870 4032 TBS - ok
20:38:38.0948 4032 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:38:39.0104 4032 Tcpip - ok
20:38:39.0213 4032 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:38:39.0338 4032 TCPIP6 - ok
20:38:39.0369 4032 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:38:39.0400 4032 tcpipreg - ok
20:38:39.0463 4032 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
20:38:39.0478 4032 tdcmdpst - ok
20:38:39.0525 4032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:38:39.0587 4032 TDPIPE - ok
20:38:39.0619 4032 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:38:39.0665 4032 TDTCP - ok
20:38:39.0697 4032 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:38:39.0775 4032 tdx - ok
20:38:39.0837 4032 [ 1B709733A04DCC41A63F9CD1F76A4EBE ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
20:38:39.0868 4032 TemproMonitoringService - ok
20:38:39.0899 4032 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:38:39.0931 4032 TermDD - ok
20:38:39.0977 4032 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:38:40.0102 4032 TermService - ok
20:38:40.0133 4032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:38:40.0180 4032 Themes - ok
20:38:40.0196 4032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:38:40.0274 4032 THREADORDER - ok
20:38:40.0336 4032 [ DFE9BA871B9F3DBB591BD113611CBCC0 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:38:40.0383 4032 TMachInfo - ok
20:38:40.0414 4032 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
20:38:40.0445 4032 TODDSrv - ok
20:38:40.0523 4032 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:38:40.0570 4032 TosCoSrv - ok
20:38:40.0617 4032 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:38:40.0633 4032 TOSHIBA HDD SSD Alert Service - ok
20:38:40.0679 4032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:38:40.0773 4032 TrkWks - ok
20:38:40.0835 4032 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:38:40.0929 4032 TrustedInstaller - ok
20:38:40.0960 4032 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:38:41.0054 4032 tssecsrv - ok
20:38:41.0085 4032 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:38:41.0147 4032 TsUsbFlt - ok
20:38:41.0147 4032 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:38:41.0194 4032 TsUsbGD - ok
20:38:41.0241 4032 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:38:41.0335 4032 tunnel - ok
20:38:41.0381 4032 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
20:38:41.0413 4032 TVALZ - ok
20:38:41.0428 4032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:38:41.0459 4032 uagp35 - ok
20:38:41.0491 4032 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:38:41.0584 4032 udfs - ok
20:38:41.0631 4032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:38:41.0678 4032 UI0Detect - ok
20:38:41.0725 4032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:38:41.0740 4032 uliagpkx - ok
20:38:41.0787 4032 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:38:41.0818 4032 umbus - ok
20:38:41.0849 4032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:38:41.0881 4032 UmPass - ok
20:38:41.0927 4032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:38:42.0037 4032 upnphost - ok
20:38:42.0083 4032 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:38:42.0130 4032 usbccgp - ok
20:38:42.0161 4032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:38:42.0193 4032 usbcir - ok
20:38:42.0224 4032 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:38:42.0255 4032 usbehci - ok
20:38:42.0286 4032 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:38:42.0333 4032 usbhub - ok
20:38:42.0380 4032 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:38:42.0427 4032 usbohci - ok
20:38:42.0473 4032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:38:42.0520 4032 usbprint - ok
20:38:42.0583 4032 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:38:42.0614 4032 usbscan - ok
20:38:42.0629 4032 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:38:42.0707 4032 USBSTOR - ok
20:38:42.0739 4032 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:38:42.0770 4032 usbuhci - ok
20:38:42.0817 4032 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:38:42.0863 4032 usbvideo - ok
20:38:42.0895 4032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:38:42.0988 4032 UxSms - ok
20:38:43.0035 4032 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:38:43.0051 4032 VaultSvc - ok
20:38:43.0082 4032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:38:43.0113 4032 vdrvroot - ok
20:38:43.0160 4032 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:38:43.0253 4032 vds - ok
20:38:43.0316 4032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:38:43.0347 4032 vga - ok
20:38:43.0363 4032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:38:43.0472 4032 VgaSave - ok
20:38:43.0503 4032 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:38:43.0534 4032 vhdmp - ok
20:38:43.0550 4032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:38:43.0565 4032 viaide - ok
20:38:43.0612 4032 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:38:43.0628 4032 volmgr - ok
20:38:43.0675 4032 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:38:43.0706 4032 volmgrx - ok
20:38:43.0737 4032 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:38:43.0768 4032 volsnap - ok
20:38:43.0799 4032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:38:43.0831 4032 vsmraid - ok
20:38:43.0893 4032 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:38:44.0049 4032 VSS - ok
20:38:44.0080 4032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:38:44.0127 4032 vwifibus - ok
20:38:44.0158 4032 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:38:44.0221 4032 vwififlt - ok
20:38:44.0299 4032 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:38:44.0392 4032 vwifimp - ok
20:38:44.0439 4032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:38:44.0548 4032 W32Time - ok
20:38:44.0579 4032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:38:44.0626 4032 WacomPen - ok
20:38:44.0657 4032 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:38:44.0751 4032 WANARP - ok
20:38:44.0767 4032 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:38:44.0845 4032 Wanarpv6 - ok
20:38:44.0923 4032 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:38:45.0016 4032 wbengine - ok
20:38:45.0047 4032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:38:45.0094 4032 WbioSrvc - ok
20:38:45.0125 4032 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:38:45.0188 4032 wcncsvc - ok
20:38:45.0219 4032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:38:45.0281 4032 WcsPlugInService - ok
20:38:45.0313 4032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:38:45.0344 4032 Wd - ok
20:38:45.0391 4032 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:38:45.0453 4032 Wdf01000 - ok
20:38:45.0484 4032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:38:45.0625 4032 WdiServiceHost - ok
20:38:45.0640 4032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:38:45.0687 4032 WdiSystemHost - ok
20:38:45.0734 4032 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:38:45.0781 4032 WebClient - ok
20:38:45.0812 4032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:38:45.0921 4032 Wecsvc - ok
20:38:45.0968 4032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:38:46.0061 4032 wercplsupport - ok
20:38:46.0077 4032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:38:46.0171 4032 WerSvc - ok
20:38:46.0217 4032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:38:46.0295 4032 WfpLwf - ok
20:38:46.0327 4032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:38:46.0358 4032 WIMMount - ok
20:38:46.0373 4032 WinDefend - ok
20:38:46.0389 4032 WinHttpAutoProxySvc - ok
20:38:46.0451 4032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:38:46.0561 4032 Winmgmt - ok
20:38:46.0639 4032 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:38:46.0779 4032 WinRM - ok
20:38:46.0841 4032 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:38:46.0919 4032 WinUsb - ok
20:38:46.0982 4032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:38:47.0060 4032 Wlansvc - ok
20:38:47.0122 4032 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:38:47.0153 4032 wlcrasvc - ok
20:38:47.0278 4032 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:38:47.0387 4032 wlidsvc - ok
20:38:47.0419 4032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:38:47.0450 4032 WmiAcpi - ok
20:38:47.0497 4032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:38:47.0543 4032 wmiApSrv - ok
20:38:47.0590 4032 WMPNetworkSvc - ok
20:38:47.0621 4032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:38:47.0668 4032 WPCSvc - ok
20:38:47.0699 4032 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:38:47.0746 4032 WPDBusEnum - ok
20:38:47.0793 4032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:38:47.0871 4032 ws2ifsl - ok
20:38:47.0902 4032 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:38:47.0965 4032 wscsvc - ok
20:38:47.0965 4032 WSearch - ok
20:38:48.0089 4032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:38:48.0214 4032 wuauserv - ok
20:38:48.0245 4032 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:38:48.0339 4032 WudfPf - ok
20:38:48.0386 4032 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:38:48.0448 4032 WUDFRd - ok
20:38:48.0479 4032 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:38:48.0542 4032 wudfsvc - ok
20:38:48.0573 4032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:38:48.0620 4032 WwanSvc - ok
20:38:48.0682 4032 ================ Scan global ===============================
20:38:48.0713 4032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:38:48.0729 4032 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
20:38:48.0745 4032 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
20:38:48.0791 4032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:38:48.0823 4032 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:38:48.0823 4032 [Global] - ok
20:38:48.0823 4032 ================ Scan MBR ==================================
20:38:48.0854 4032 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:38:49.0150 4032 \Device\Harddisk0\DR0 - ok
20:38:49.0150 4032 ================ Scan VBR ==================================
20:38:49.0181 4032 [ 69E397D19B4DBCFF299F2A4FC66718DC ] \Device\Harddisk0\DR0\Partition1
20:38:49.0197 4032 \Device\Harddisk0\DR0\Partition1 - ok
20:38:49.0213 4032 [ A2F16C2943E25C45004D203F404F9A4C ] \Device\Harddisk0\DR0\Partition2
20:38:49.0228 4032 \Device\Harddisk0\DR0\Partition2 - ok
20:38:49.0228 4032 ============================================================
20:38:49.0228 4032 Scan finished
20:38:49.0228 4032 ============================================================
20:38:49.0259 1824 Detected object count: 6
20:38:49.0259 1824 Actual detected object count: 6
20:40:56.0119 1824 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - copied to quarantine
20:40:56.0119 1824 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:40:56.0166 1824 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - copied to quarantine
20:40:56.0166 1824 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:40:56.0259 1824 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - copied to quarantine
20:40:56.0259 1824 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:40:56.0384 1824 C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe - copied to quarantine
20:40:56.0400 1824 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:40:56.0415 1824 C:\Windows\system32\HPZinw12.dll - copied to quarantine
20:40:56.0415 1824 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:40:56.0446 1824 C:\Windows\system32\HPZipm12.dll - copied to quarantine
20:40:56.0446 1824 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
Vielen Dank für deine Bemühungen. |
|
20.12.2012, 20:44
| #23 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes, Trojaner.Zitat:
Du solltest doch alles skippen, bitte mal die Anleitungen genauer lesen! Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.12.2012, 21:40
| #24 |
| | Malewarebytes, Trojaner.Code:
ATTFilter ComboFix 12-12-20.02 - Heike 20.12.2012 21:13:30.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1644.518 [GMT 1:00]
ausgeführt von:: c:\users\Heike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MJZL3SF3\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\IsUn0407.exe
c:\windows\SysWow64\DC120fc7_32.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-20 bis 2012-12-20 ))))))))))))))))))))))))))))))
.
.
2012-12-20 20:32 . 2012-12-20 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-20 20:15 . 2012-12-20 20:15 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{22CE15AC-2985-49C1-A107-B8B9C970723A}\offreg.dll
2012-12-20 19:40 . 2012-12-20 19:40 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-19 13:48 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{22CE15AC-2985-49C1-A107-B8B9C970723A}\mpengine.dll
2012-12-13 22:32 . 2012-11-14 06:06 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-12-13 22:32 . 2012-11-14 02:01 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-12-13 22:32 . 2012-11-14 02:00 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-12-13 22:32 . 2012-11-14 06:06 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-12-13 22:32 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-13 22:32 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-13 22:13 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 22:13 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-11-29 18:30 . 2012-11-29 18:30 -------- d-----w- c:\users\Heike\AppData\Roaming\Malwarebytes
2012-11-29 18:30 . 2012-11-29 18:30 -------- d-----w- c:\programdata\Malwarebytes
2012-11-29 18:30 . 2012-11-29 18:30 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-29 18:30 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-24 19:08 . 2012-11-24 19:09 -------- d-----w- c:\windows\Free YouTube to MP3 Converter
2012-11-24 19:08 . 2012-11-24 19:08 -------- d-----w- c:\users\Heike\AppData\Roaming\OpenCandy
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-19 15:43 . 2012-04-02 20:52 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-19 15:43 . 2011-11-18 15:30 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 22:36 . 2011-11-15 15:53 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-27 22:01 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 22:01 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 22:01 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-16 15:25 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-16 15:25 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-16 15:25 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 15:25 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 22:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-16 15:42 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-16 15:42 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-16 15:42 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-16 15:42 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-16 15:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-16 15:42 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-16 15:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-16 15:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-16 15:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-16 15:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-16 15:42 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-16 15:14 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-16 15:14 95744 ----a-w- c:\windows\system32\synceng.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-21 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-11-02 2475384]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-07-01 1295224]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-11-09 532480]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-28 336384]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-01-07 1406248]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-15 34160]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Toshiba Places Icon Utility.lnk - c:\program files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [2011-6-8 1492352]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-11-24 98616]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-07-20 247400]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 203320]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-14 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-14 38016]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-28 204288]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-01-14 572712]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys [2011-09-24 20592]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-02-23 1142376]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-07-01 51576]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 36494694
*Deregistered* - 36494694
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 15:43]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-21 21:33]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-21 21:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2011-06-08 150992]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-10 11580520]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-03 2181224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\Heike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: eventim.de\www
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
Toolbar-Locked - (no file)
Toolbar-{99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
Toolbar-10 - (no file)
Toolbar-!{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-20 21:38:26
ComboFix-quarantined-files.txt 2012-12-20 20:38
.
Vor Suchlauf: 8 Verzeichnis(se), 88.578.113.536 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 88.057.270.272 Bytes frei
.
- - End Of File - - 5C4DE43B78150C0CC7D76E8B14200645
|
|
20.12.2012, 22:31
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes, Trojaner. adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2012, 11:17
| #26 |
| | Malewarebytes, Trojaner.Code:
ATTFilter # AdwCleaner v2.101 - Datei am 21/12/2012 um 11:15:47 erstellt
# Aktualisiert am 16/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Heike - HEIKE-TOSH
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Heike\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\DVDVideoSoftTB
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\Users\Heike\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\DVDVideoSoftTB
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\searchquband
Ordner Gefunden : C:\Users\Heike\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\Heike\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B4BCB7-F30C-4D36-8845-060AEC69F1D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E5B954D-0EBA-4AE1-AB62-CA120B57BBC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Schlüssel Gefunden : HKU\S-1-5-21-2125495200-1265102093-1486774950-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [5990 octets] - [21/12/2012 11:15:47]
########## EOF - C:\AdwCleaner[R1].txt - [6050 octets] ##########
Welches Antivirenprogramm kann ich mir runterladen, damit das nicht wieder passiert? Viele Grüße Heike |
|
22.12.2012, 19:44
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes, Trojaner. adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.12.2012, 21:50
| #28 |
| | Malewarebytes, Trojaner. Hallo Cosinus, ich habe jetzt den adwcleaner angeklickt, bin auf löschen u. bevor ich dazu kam auf OK zu klicken, fuhr der PC herunter u. es kam ein blauer Bildschirm mit einem haufen Text, dann fuhr er nochmal hoch u. ich mußte auf "Windows normal starten" klicken. Es kam dann auch keine Textdatei u. unter C finde ich nur die alte Textdatei vom 21.12. Was soll ich nun machen? Bevor ich selbständig was mache, frage ich lieber. Viele Grüße Heike |
|
22.12.2012, 21:53
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes, Trojaner. Mach einen neuen Suchlauf mit dem adwCleaner bitte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.12.2012, 22:04
| #30 |
| | Malewarebytes, Trojaner.Code:
ATTFilter # AdwCleaner v2.101 - Datei am 22/12/2012 um 22:03:23 erstellt
# Aktualisiert am 16/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Heike - HEIKE-TOSH
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Heike\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\DVDVideoSoftTB
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\Users\Heike\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\DVDVideoSoftTB
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Heike\AppData\LocalLow\searchquband
Ordner Gefunden : C:\Users\Heike\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\Heike\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B4BCB7-F30C-4D36-8845-060AEC69F1D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E5B954D-0EBA-4AE1-AB62-CA120B57BBC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Schlüssel Gefunden : HKU\S-1-5-21-2125495200-1265102093-1486774950-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [6109 octets] - [21/12/2012 11:15:47]
AdwCleaner[R2].txt - [6050 octets] - [22/12/2012 22:03:23]
########## EOF - C:\AdwCleaner[R2].txt - [6110 octets] ##########
|
|
| Themen zu Malewarebytes, Trojaner. |
| administrator, aktion, anti-malware, appdata, autostart, cache, ccc, dateien, durchgeführt, explorer, files, fix, gen, helper, install, install.exe, jquery, microsoft, probleme, registrierung, service, software, speicher, test, trojaner, uninstall.exe, version |
Linear-Darstellung
