| |
| |||||||
Log-Analyse und Auswertung: tcbhn.exe Blabbers gefunden im StartmenüWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.12.2012, 22:20
| #1 |
| |  tcbhn.exe Blabbers gefunden im Startmenü  über google bin ich auf diese Seite gekommen, habe jetzt schon einige Beiträge zu tcbhn.exe gelesen, kann ich die angegebenen Schritte auch ausführen oder muss ich erst abwarten? Ich poste jetzt mal das was ich unter aswMBR gespeichert habe. Wäre echt super wenn ich schnell Hilfe bekäme. aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2012-12-08 21:56:17 ----------------------------- 21:56:17.559 OS Version: Windows 6.1.7601 Service Pack 1 21:56:17.559 Number of processors: 1 586 0x1601 21:56:17.561 ComputerName: CHRISTINA-PC UserName: Christina 21:56:40.347 Initialize success 21:57:58.350 AVAST engine defs: 12120800 21:58:05.653 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 21:58:05.656 Disk 0 Vendor: FUJITSU_MHV2120BH_PL 0000002A Size: 114473MB BusType: 3 21:58:05.685 Disk 0 MBR read successfully 21:58:05.688 Disk 0 MBR scan 21:58:05.708 Disk 0 Windows 7 default MBR code 21:58:05.719 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 21:58:05.730 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 29899 MB offset 206848 21:58:05.752 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 84472 MB offset 61440000 21:58:05.762 Disk 0 scanning sectors +234438656 21:58:05.832 Disk 0 scanning C:\Windows\system32\drivers 21:58:16.755 Service scanning 21:58:43.924 Modules scanning 21:58:54.545 Disk 0 trace - called modules: 21:58:54.928 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 21:58:54.934 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85624758] 21:58:54.943 3 CLASSPNP.SYS[8860459e] -> nt!IofCallDriver -> [0x85563828] 21:58:54.951 5 ACPI.sys[884ca3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x85569030] 21:58:55.619 AVAST engine scan C:\Windows 21:58:57.030 AVAST engine scan C:\Windows\system32 22:01:49.213 AVAST engine scan C:\Windows\system32\drivers 22:02:01.246 AVAST engine scan C:\Users\Christina 22:02:21.328 File: C:\Users\Christina\AppData\Local\Temp\av4C1F.tmp **HIDDEN** 22:02:21.479 AVAST engine scan C:\ProgramData 22:02:32.379 Scan finished successfully 22:14:09.038 Disk 0 MBR has been saved successfully to "C:\Users\Christina\Desktop\MBR.dat" 22:14:09.046 The log file has been saved successfully to "C:\Users\Christina\Desktop\aswMBR.txt" |
|
08.12.2012, 22:23
| #2 | |
| /// TB-Ausbilder  | tcbhn.exe Blabbers gefunden im Startmenü Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich. Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 3: AdwCleaner: Werbeprogramme suchen und löschen Schritt 4: Scan mit DDS (+ attach) Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.Schritt 2: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
__________________ |
|
08.12.2012, 22:51
| #3 |
| | tcbhn.exe Blabbers gefunden im Startmenü defogger_disable by jpshortstuff (23.02.10.1)
__________________Log created at 22:49 on 08/12/2012 (Christina) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Schritt 3 hat funktioniert :-) DDS Logfile: DDS Logfile: DDS Logfile: DDS Logfile: DDS Logfile: DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455
Run by Christina at 23:02:21 on 2012-12-08
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.2038.1231 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Launch Manager\WisLMSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [HotkeyApp] "c:\program files\launch manager\HotkeyApp.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [CtrlVol] c:\program files\launch manager\CtrlVol.exe
mRun: [LaunchAp] c:\program files\launch manager\LaunchAp.exe
mRun: [Wbutton] c:\program files\launch manager\WButton.exe
StartupFolder: c:\users\christ~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\tcbhn.lnk - c:\users\christina\appdata\roaming\browsercompanion\tcbhn.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{F6BE2432-3AAD-4788-A27B-DDC6C19656B5} : DHCPNameServer = 192.168.2.1
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-11-13 36552]
R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2012-11-13 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;c:\program files\avira\antivir desktop\avguard.exe [2012-11-13 109344]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-11-13 83432]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 WisLMSvc;WisLMSvc;c:\program files\launch manager\WisLMSvc.exe [2012-11-13 118784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-13 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-17 52224]
.
=============== Created Last 30 ================
.
2012-12-07 20:53:00 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{63267b14-8e20-4e71-a601-c5e96630b0d2}\mpengine.dll
2012-11-24 16:44:36 -------- d-----w- c:\program files\ABC Amber Text Converter
2012-11-24 16:28:38 -------- d-----w- c:\program files\MSECache
2012-11-24 15:25:26 -------- d-----w- c:\users\christina\appdata\local\Adobe
2012-11-24 15:23:37 805376 ----a-w- c:\windows\system32\FntCache.dll
2012-11-24 15:23:37 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-11-24 15:22:02 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
2012-11-18 19:28:09 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-18 19:28:09 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-17 19:24:48 -------- d-----w- c:\windows\system32\SPReview
2012-11-17 19:24:23 -------- d-----w- c:\windows\system32\EventProviders
2012-11-17 19:19:11 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-11-17 19:19:06 53760 ----a-w- c:\windows\system32\LSCSHostPolicy.dll
2012-11-17 19:19:06 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-17 19:19:06 3215872 ----a-w- c:\windows\system32\mstscax.dll
2012-11-17 19:19:06 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-17 19:19:02 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-11-17 19:19:02 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-11-17 19:19:02 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2012-11-17 19:19:01 80896 ----a-w- c:\windows\system32\RDVGHelper.exe
2012-11-17 19:19:01 120320 ----a-w- c:\windows\system32\tssrvlic.dll
2012-11-17 19:19:00 1159168 ----a-w- c:\windows\system32\sysmain.dll
2012-11-17 19:17:59 668160 ----a-w- c:\windows\system32\autochk.exe
2012-11-17 19:16:59 8704 ----a-w- c:\windows\system32\rdpcfgex.dll
2012-11-17 18:48:45 -------- d-----w- c:\program files\CCleaner
2012-11-16 20:00:05 -------- d-----w- c:\users\christina\appdata\local\Microsoft Games
2012-11-16 18:05:32 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-11-16 07:00:03 -------- d-----w- c:\windows\system32\wbem\en-US
2012-11-16 06:03:15 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 06:03:15 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 06:03:15 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 06:01:17 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 06:01:17 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 06:01:15 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 06:01:15 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 06:01:13 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 06:01:13 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 06:01:13 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 05:59:35 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-16 05:59:34 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-16 05:59:34 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-16 05:55:49 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-11-15 20:24:11 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-15 20:24:11 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-11-15 20:24:03 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2012-11-15 20:24:03 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-11-15 20:24:03 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-11-15 20:20:47 75776 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-15 20:20:47 465408 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-15 20:20:46 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-11-15 20:20:46 204288 ----a-w- c:\windows\system32\MSNP.ax
2012-11-15 20:20:45 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-11-15 20:18:12 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-11-15 20:16:35 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-15 20:16:35 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-15 20:14:07 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-15 20:14:06 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-15 20:14:06 225280 ----a-w- c:\windows\system32\schannel.dll
2012-11-15 20:14:05 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-15 20:14:05 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-15 20:14:05 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-11-15 20:14:05 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-15 20:14:05 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-11-15 20:14:04 22528 ----a-w- c:\windows\system32\lsass.exe
2012-11-15 20:14:04 22016 ----a-w- c:\windows\system32\secur32.dll
2012-11-15 20:13:56 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-11-15 20:13:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-11-15 20:13:55 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-11-15 20:13:50 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-11-15 20:13:50 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-11-15 20:13:50 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-11-15 20:12:45 571904 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-15 20:12:45 233472 ----a-w- c:\windows\system32\oleacc.dll
2012-11-15 20:12:24 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-11-15 20:12:24 1785344 ----a-w- c:\program files\windows journal\Journal.exe
2012-11-15 20:12:23 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-11-15 20:12:23 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-11-15 20:12:23 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-11-15 20:12:16 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-11-15 20:12:10 741376 ----a-w- c:\windows\system32\inetcomm.dll
2012-11-15 20:09:55 67072 ----a-w- c:\windows\system32\packager.dll
2012-11-15 20:01:02 802304 ----a-w- c:\windows\system32\WFS.exe
2012-11-15 20:01:02 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2012-11-15 19:59:56 2616320 ----a-w- c:\windows\explorer.exe
2012-11-15 19:58:26 769024 ----a-w- c:\windows\system32\localspl.dll
2012-11-15 19:58:25 30208 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\winprint.dll
2012-11-15 19:58:10 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-15 19:58:01 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-11-15 19:57:54 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2012-11-15 19:57:54 1137664 ----a-w- c:\windows\system32\mfc42.dll
2012-11-15 19:57:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-15 19:57:36 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-11-15 19:57:31 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-11-15 19:57:23 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-11-15 19:57:22 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-11-15 19:57:22 107520 ----a-w- c:\windows\system32\cdd.dll
2012-11-15 19:56:57 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-11-15 19:56:56 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2012-11-13 22:25:28 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2012-11-13 22:25:28 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2012-11-13 22:25:28 -------- d-----w- c:\windows\system32\Lang
2012-11-13 22:21:02 1002008 ----a-w- c:\windows\system32\igxpun.exe
2012-11-13 22:21:02 -------- d-----w- c:\windows\system32\x64
2012-11-13 22:20:52 -------- d-----w- c:\windows\system32\URTTEMP
2012-11-13 22:20:20 -------- d-----w- c:\users\christina\appdata\roaming\Avira
2012-11-13 22:19:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-11-13 22:19:34 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-11-13 22:19:34 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2012-11-13 22:19:34 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-13 22:19:34 134656 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-13 22:18:50 18944 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2012-11-13 22:18:50 17920 ----a-w- c:\windows\system32\mdimon.dll
2012-11-13 22:16:52 -------- d-----w- c:\windows\PCHEALTH
2012-11-13 22:14:32 83432 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-13 22:14:32 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-11-13 22:14:31 -------- d-----w- c:\programdata\Avira
2012-11-13 22:14:31 -------- d-----w- c:\program files\Avira
2012-11-13 22:11:08 208896 ----a-w- c:\windows\system32\FFRafShellEx.dll
2012-11-13 22:11:06 233472 ----a-w- c:\windows\system32\RFCLauncher.exe
2012-11-13 22:11:06 -------- d-----w- c:\program files\RAF
2012-11-13 22:10:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2012-11-13 22:10:23 -------- d-----w- c:\programdata\FUJIFILM
2012-11-13 22:10:11 -------- d-----w- c:\program files\FUJIFILM
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-11-13 22:09:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-11-13 22:08:40 -------- d-----w- c:\users\christina\appdata\local\Apple
2012-11-13 22:04:43 -------- d-sh--w- c:\windows\Installer
2012-11-13 22:03:25 -------- d-----w- c:\users\christina\appdata\roaming\SoftMaker
2012-11-13 22:03:25 -------- d-----w- c:\program files\SoftMaker Office 2008
2012-11-13 21:36:35 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-11-13 18:12:28 9867 ----a-w- c:\windows\system32\drivers\HOTKEY.sys
2012-11-13 18:12:28 -------- d-----w- c:\program files\Launch Manager
2012-11-13 18:07:23 -------- d-----w- c:\users\christina\appdata\local\ElevatedDiagnostics
2012-11-13 17:58:40 -------- d-----w- c:\users\christina\appdata\local\Diagnostics
2012-11-13 17:57:59 -------- d-----w- c:\windows\system32\wbem\Performance
2012-11-13 17:55:01 -------- d-----w- c:\users\christina\appdata\local\VirtualStore
2012-11-13 17:47:16 -------- d-----w- c:\windows\Panther
.
==================== Find3M ====================
.
2012-11-17 19:32:46 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-03 16:58:30 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42:26 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 16:42:26 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 16:42:24 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 16:40:35 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21:38 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- c:\windows\system32\synceng.dll
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 23:03:26,55 ===============
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 13.11.2012 18:54:53 System Uptime: 08.12.2012 22:55:14 (1 hours ago) . Motherboard: FUJITSU SIEMENS | | LV1 Processor: Intel(R) Celeron(R) CPU 560 @ 2.13GHz | U2E1 | 2128/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 29 GiB total, 13,064 GiB free. D: is FIXED (NTFS) - 82 GiB total, 82,18 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP31: 08.12.2012 01:29:15 - Geplanter Prüfpunkt . ==== Installed Programs ====================== . Adobe Reader XI - Deutsch Apple Application Support Apple Software Update Avira Free Antivirus CCleaner FUJIFILM MyFinePix Studio 2.0 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Intel(R) Graphics Media Accelerator Driver Intel(R) TV Wizard Launch Manager V1.4.9 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 German Language Pack Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Office Small Business Edition 2003 Microsoft Office Word Viewer 2003 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 QuickTime RAF Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) SoftMaker Office 2008 (C:\Program Files\SoftMaker Office 2008) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) . ==== End Of File =========================== ist bis hier richtig was ich mache? der TDSS Killer sagt mir No threats found. ist das richtig? 23:10:31.0815 3772 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 23:10:31.0898 3772 ============================================================ 23:10:31.0898 3772 Current date / time: 2012/12/08 23:10:31.0898 23:10:31.0898 3772 SystemInfo: 23:10:31.0898 3772 23:10:31.0899 3772 OS Version: 6.1.7601 ServicePack: 1.0 23:10:31.0899 3772 Product type: Workstation 23:10:31.0899 3772 ComputerName: CHRISTINA-PC 23:10:31.0899 3772 UserName: Christina 23:10:31.0899 3772 Windows directory: C:\Windows 23:10:31.0899 3772 System windows directory: C:\Windows 23:10:31.0899 3772 Processor architecture: Intel x86 23:10:31.0899 3772 Number of processors: 1 23:10:31.0899 3772 Page size: 0x1000 23:10:31.0899 3772 Boot type: Normal boot 23:10:31.0899 3772 ============================================================ 23:10:33.0218 3772 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:10:33.0220 3772 ============================================================ 23:10:33.0220 3772 \Device\Harddisk0\DR0: 23:10:33.0220 3772 MBR partitions: 23:10:33.0220 3772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 23:10:33.0220 3772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A65800 23:10:33.0220 3772 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3A98000, BlocksNum 0xA4FC000 23:10:33.0220 3772 ============================================================ 23:10:33.0257 3772 C: <-> \Device\Harddisk0\DR0\Partition2 23:10:33.0289 3772 D: <-> \Device\Harddisk0\DR0\Partition3 23:10:33.0289 3772 ============================================================ 23:10:33.0289 3772 Initialize success 23:10:33.0289 3772 ============================================================ 23:10:55.0497 0844 ============================================================ 23:10:55.0497 0844 Scan started 23:10:55.0498 0844 Mode: Manual; TDLFS; 23:10:55.0498 0844 ============================================================ 23:10:55.0922 0844 ================ Scan system memory ======================== 23:10:55.0922 0844 System memory - ok 23:10:55.0926 0844 ================ Scan services ============================= 23:10:56.0113 0844 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 23:10:56.0115 0844 1394ohci - ok 23:10:56.0163 0844 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 23:10:56.0166 0844 ACPI - ok 23:10:56.0200 0844 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 23:10:56.0201 0844 AcpiPmi - ok 23:10:56.0301 0844 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 23:10:56.0302 0844 AdobeARMservice - ok 23:10:56.0370 0844 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 23:10:56.0376 0844 adp94xx - ok 23:10:56.0408 0844 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 23:10:56.0411 0844 adpahci - ok 23:10:56.0436 0844 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 23:10:56.0437 0844 adpu320 - ok 23:10:56.0472 0844 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:10:56.0473 0844 AeLookupSvc - ok 23:10:56.0550 0844 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 23:10:56.0555 0844 AFD - ok 23:10:56.0603 0844 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 23:10:56.0604 0844 agp440 - ok 23:10:56.0641 0844 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 23:10:56.0642 0844 aic78xx - ok 23:10:56.0675 0844 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 23:10:56.0676 0844 ALG - ok 23:10:56.0714 0844 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 23:10:56.0715 0844 aliide - ok 23:10:56.0737 0844 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 23:10:56.0738 0844 amdagp - ok 23:10:56.0757 0844 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 23:10:56.0758 0844 amdide - ok 23:10:56.0802 0844 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 23:10:56.0803 0844 AmdK8 - ok 23:10:56.0815 0844 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 23:10:56.0815 0844 AmdPPM - ok 23:10:56.0838 0844 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 23:10:56.0839 0844 amdsata - ok 23:10:56.0875 0844 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 23:10:56.0876 0844 amdsbs - ok 23:10:56.0903 0844 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 23:10:56.0903 0844 amdxata - ok 23:10:56.0989 0844 [ 07194A09DC27C99A2474251DE27F6E17 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 23:10:56.0990 0844 AntiVirSchedulerService - ok 23:10:57.0027 0844 [ F0964ECD283591E7686AF912298B9F39 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 23:10:57.0028 0844 AntiVirService - ok 23:10:57.0087 0844 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 23:10:57.0089 0844 AppID - ok 23:10:57.0120 0844 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 23:10:57.0121 0844 AppIDSvc - ok 23:10:57.0172 0844 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 23:10:57.0174 0844 Appinfo - ok 23:10:57.0225 0844 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll 23:10:57.0227 0844 AppMgmt - ok 23:10:57.0266 0844 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 23:10:57.0267 0844 arc - ok 23:10:57.0292 0844 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 23:10:57.0293 0844 arcsas - ok 23:10:57.0399 0844 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 23:10:57.0407 0844 aspnet_state - ok 23:10:57.0440 0844 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:10:57.0441 0844 AsyncMac - ok 23:10:57.0487 0844 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 23:10:57.0488 0844 atapi - ok 23:10:57.0573 0844 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\Windows\system32\DRIVERS\athr.sys 23:10:57.0617 0844 athr - ok 23:10:57.0690 0844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:10:57.0696 0844 AudioEndpointBuilder - ok 23:10:57.0723 0844 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 23:10:57.0727 0844 Audiosrv - ok 23:10:57.0780 0844 [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 23:10:57.0781 0844 avgntflt - ok 23:10:57.0821 0844 [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 23:10:57.0823 0844 avipbb - ok 23:10:57.0893 0844 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 23:10:57.0895 0844 avkmgr - ok 23:10:58.0032 0844 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 23:10:58.0034 0844 AxInstSV - ok 23:10:58.0090 0844 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 23:10:58.0095 0844 b06bdrv - ok 23:10:58.0137 0844 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 23:10:58.0140 0844 b57nd60x - ok 23:10:58.0208 0844 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 23:10:58.0210 0844 BDESVC - ok 23:10:58.0229 0844 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 23:10:58.0229 0844 Beep - ok 23:10:58.0307 0844 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 23:10:58.0314 0844 BFE - ok 23:10:58.0372 0844 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 23:10:58.0391 0844 BITS - ok 23:10:58.0427 0844 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 23:10:58.0428 0844 blbdrive - ok 23:10:58.0467 0844 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:10:58.0469 0844 bowser - ok 23:10:58.0481 0844 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:10:58.0482 0844 BrFiltLo - ok 23:10:58.0495 0844 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:10:58.0495 0844 BrFiltUp - ok 23:10:58.0537 0844 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 23:10:58.0539 0844 Browser - ok 23:10:58.0572 0844 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 23:10:58.0575 0844 Brserid - ok 23:10:58.0590 0844 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 23:10:58.0591 0844 BrSerWdm - ok 23:10:58.0603 0844 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 23:10:58.0604 0844 BrUsbMdm - ok 23:10:58.0616 0844 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 23:10:58.0617 0844 BrUsbSer - ok 23:10:58.0630 0844 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 23:10:58.0631 0844 BTHMODEM - ok 23:10:58.0678 0844 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 23:10:58.0679 0844 bthserv - ok 23:10:58.0710 0844 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:10:58.0711 0844 cdfs - ok 23:10:58.0801 0844 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys 23:10:58.0802 0844 cdrom - ok 23:10:58.0857 0844 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 23:10:58.0859 0844 CertPropSvc - ok 23:10:58.0888 0844 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 23:10:58.0889 0844 circlass - ok 23:10:58.0918 0844 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 23:10:58.0923 0844 CLFS - ok 23:10:58.0977 0844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:10:58.0986 0844 clr_optimization_v2.0.50727_32 - ok 23:10:59.0143 0844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:10:59.0145 0844 clr_optimization_v4.0.30319_32 - ok 23:10:59.0159 0844 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 23:10:59.0160 0844 CmBatt - ok 23:10:59.0185 0844 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 23:10:59.0186 0844 cmdide - ok 23:10:59.0240 0844 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 23:10:59.0245 0844 CNG - ok 23:10:59.0290 0844 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 23:10:59.0291 0844 Compbatt - ok 23:10:59.0334 0844 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 23:10:59.0335 0844 CompositeBus - ok 23:10:59.0357 0844 COMSysApp - ok 23:10:59.0383 0844 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 23:10:59.0383 0844 crcdisk - ok 23:10:59.0458 0844 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:10:59.0460 0844 CryptSvc - ok 23:10:59.0513 0844 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys 23:10:59.0517 0844 CSC - ok 23:10:59.0579 0844 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll 23:10:59.0596 0844 CscService - ok 23:10:59.0628 0844 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 23:10:59.0635 0844 DcomLaunch - ok 23:10:59.0670 0844 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 23:10:59.0674 0844 defragsvc - ok 23:10:59.0725 0844 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:10:59.0727 0844 DfsC - ok 23:10:59.0783 0844 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 23:10:59.0786 0844 Dhcp - ok 23:10:59.0820 0844 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 23:10:59.0822 0844 discache - ok 23:10:59.0876 0844 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 23:10:59.0877 0844 Disk - ok 23:10:59.0923 0844 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:10:59.0935 0844 Dnscache - ok 23:10:59.0996 0844 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 23:10:59.0999 0844 dot3svc - ok 23:11:00.0040 0844 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 23:11:00.0043 0844 DPS - ok 23:11:00.0090 0844 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:11:00.0091 0844 drmkaud - ok 23:11:00.0156 0844 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:11:00.0162 0844 DXGKrnl - ok 23:11:00.0216 0844 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 23:11:00.0218 0844 EapHost - ok 23:11:00.0361 0844 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 23:11:00.0460 0844 ebdrv - ok 23:11:00.0521 0844 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 23:11:00.0528 0844 EFS - ok 23:11:00.0580 0844 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:11:00.0587 0844 ehRecvr - ok 23:11:00.0627 0844 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 23:11:00.0629 0844 ehSched - ok 23:11:00.0671 0844 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 23:11:00.0677 0844 elxstor - ok 23:11:00.0697 0844 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 23:11:00.0697 0844 ErrDev - ok 23:11:00.0746 0844 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 23:11:00.0750 0844 EventSystem - ok 23:11:00.0764 0844 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 23:11:00.0766 0844 exfat - ok 23:11:00.0800 0844 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:11:00.0802 0844 fastfat - ok 23:11:00.0875 0844 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 23:11:00.0908 0844 Fax - ok 23:11:00.0943 0844 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 23:11:00.0944 0844 fdc - ok 23:11:00.0978 0844 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 23:11:00.0980 0844 fdPHost - ok 23:11:00.0996 0844 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 23:11:00.0997 0844 FDResPub - ok 23:11:01.0018 0844 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:11:01.0019 0844 FileInfo - ok 23:11:01.0037 0844 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:11:01.0039 0844 Filetrace - ok 23:11:01.0051 0844 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 23:11:01.0051 0844 flpydisk - ok 23:11:01.0079 0844 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:11:01.0081 0844 FltMgr - ok 23:11:01.0148 0844 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 23:11:01.0180 0844 FontCache - ok 23:11:01.0237 0844 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 23:11:01.0245 0844 FontCache3.0.0.0 - ok 23:11:01.0271 0844 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 23:11:01.0273 0844 FsDepends - ok 23:11:01.0308 0844 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:11:01.0314 0844 Fs_Rec - ok 23:11:01.0372 0844 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 23:11:01.0374 0844 fvevol - ok 23:11:01.0413 0844 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 23:11:01.0414 0844 gagp30kx - ok 23:11:01.0469 0844 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 23:11:01.0490 0844 gpsvc - ok 23:11:01.0589 0844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 23:11:01.0590 0844 gupdate - ok 23:11:01.0601 0844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 23:11:01.0603 0844 gupdatem - ok 23:11:01.0686 0844 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 23:11:01.0702 0844 gusvc - ok 23:11:01.0730 0844 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 23:11:01.0731 0844 hcw85cir - ok 23:11:01.0789 0844 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:11:01.0793 0844 HdAudAddService - ok 23:11:01.0821 0844 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 23:11:01.0823 0844 HDAudBus - ok 23:11:01.0860 0844 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 23:11:01.0861 0844 HidBatt - ok 23:11:01.0878 0844 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 23:11:01.0879 0844 HidBth - ok 23:11:01.0901 0844 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 23:11:01.0902 0844 HidIr - ok 23:11:01.0939 0844 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 23:11:01.0944 0844 hidserv - ok 23:11:01.0979 0844 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 23:11:01.0980 0844 HidUsb - ok 23:11:02.0028 0844 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 23:11:02.0031 0844 hkmsvc - ok 23:11:02.0082 0844 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 23:11:02.0085 0844 HomeGroupListener - ok 23:11:02.0132 0844 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 23:11:02.0135 0844 HomeGroupProvider - ok 23:11:02.0245 0844 [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey C:\Windows\system32\drivers\Hotkey.sys 23:11:02.0245 0844 Hotkey - ok 23:11:02.0293 0844 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 23:11:02.0294 0844 HpSAMD - ok 23:11:02.0349 0844 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:11:02.0355 0844 HTTP - ok 23:11:02.0398 0844 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 23:11:02.0399 0844 hwpolicy - ok 23:11:02.0450 0844 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 23:11:02.0451 0844 i8042prt - ok 23:11:02.0490 0844 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 23:11:02.0494 0844 iaStorV - ok 23:11:02.0567 0844 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:11:02.0643 0844 idsvc - ok 23:11:02.0846 0844 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 23:11:03.0003 0844 igfx - ok 23:11:03.0050 0844 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 23:11:03.0051 0844 iirsp - ok 23:11:03.0138 0844 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 23:11:03.0160 0844 IKEEXT - ok 23:11:03.0205 0844 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 23:11:03.0206 0844 intelide - ok 23:11:03.0236 0844 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 23:11:03.0237 0844 intelppm - ok 23:11:03.0281 0844 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:11:03.0283 0844 IPBusEnum - ok 23:11:03.0305 0844 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:11:03.0308 0844 IpFilterDriver - ok 23:11:03.0370 0844 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:11:03.0377 0844 iphlpsvc - ok 23:11:03.0422 0844 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 23:11:03.0423 0844 IPMIDRV - ok 23:11:03.0448 0844 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 23:11:03.0450 0844 IPNAT - ok 23:11:03.0479 0844 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:11:03.0480 0844 IRENUM - ok 23:11:03.0511 0844 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 23:11:03.0512 0844 isapnp - ok 23:11:03.0548 0844 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 23:11:03.0551 0844 iScsiPrt - ok 23:11:03.0595 0844 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 23:11:03.0595 0844 kbdclass - ok 23:11:03.0650 0844 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 23:11:03.0651 0844 kbdhid - ok 23:11:03.0676 0844 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 23:11:03.0678 0844 KeyIso - ok 23:11:03.0720 0844 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:11:03.0721 0844 KSecDD - ok 23:11:03.0742 0844 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 23:11:03.0744 0844 KSecPkg - ok 23:11:03.0791 0844 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 23:11:03.0809 0844 KtmRm - ok 23:11:03.0834 0844 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 23:11:03.0838 0844 LanmanServer - ok 23:11:03.0861 0844 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:11:03.0865 0844 LanmanWorkstation - ok 23:11:03.0928 0844 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:11:03.0929 0844 lltdio - ok 23:11:03.0968 0844 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:11:03.0981 0844 lltdsvc - ok 23:11:04.0010 0844 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 23:11:04.0012 0844 lmhosts - ok 23:11:04.0054 0844 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 23:11:04.0055 0844 LSI_FC - ok 23:11:04.0077 0844 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 23:11:04.0078 0844 LSI_SAS - ok 23:11:04.0098 0844 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:11:04.0099 0844 LSI_SAS2 - ok 23:11:04.0123 0844 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:11:04.0126 0844 LSI_SCSI - ok 23:11:04.0149 0844 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 23:11:04.0150 0844 luafv - ok 23:11:04.0186 0844 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:11:04.0197 0844 Mcx2Svc - ok 23:11:04.0308 0844 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 23:11:04.0310 0844 MDM - ok 23:11:04.0350 0844 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 23:11:04.0351 0844 megasas - ok 23:11:04.0386 0844 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 23:11:04.0389 0844 MegaSR - ok 23:11:04.0421 0844 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 23:11:04.0423 0844 MMCSS - ok 23:11:04.0450 0844 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 23:11:04.0451 0844 Modem - ok 23:11:04.0476 0844 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:11:04.0477 0844 monitor - ok 23:11:04.0531 0844 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 23:11:04.0532 0844 mouclass - ok 23:11:04.0564 0844 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:11:04.0565 0844 mouhid - ok 23:11:04.0607 0844 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 23:11:04.0609 0844 mountmgr - ok 23:11:04.0627 0844 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 23:11:04.0629 0844 mpio - ok 23:11:04.0664 0844 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:11:04.0666 0844 mpsdrv - ok 23:11:04.0724 0844 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 23:11:04.0753 0844 MpsSvc - ok 23:11:04.0796 0844 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:11:04.0797 0844 MRxDAV - ok 23:11:04.0842 0844 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:11:04.0844 0844 mrxsmb - ok 23:11:04.0867 0844 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:11:04.0870 0844 mrxsmb10 - ok 23:11:04.0900 0844 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:11:04.0902 0844 mrxsmb20 - ok 23:11:04.0944 0844 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 23:11:04.0944 0844 msahci - ok 23:11:04.0991 0844 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 23:11:04.0993 0844 msdsm - ok 23:11:05.0020 0844 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 23:11:05.0034 0844 MSDTC - ok 23:11:05.0101 0844 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:11:05.0102 0844 Msfs - ok 23:11:05.0122 0844 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 23:11:05.0123 0844 mshidkmdf - ok 23:11:05.0162 0844 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 23:11:05.0163 0844 msisadrv - ok 23:11:05.0200 0844 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:11:05.0212 0844 MSiSCSI - ok 23:11:05.0223 0844 msiserver - ok 23:11:05.0264 0844 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:11:05.0265 0844 MSKSSRV - ok 23:11:05.0278 0844 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:11:05.0279 0844 MSPCLOCK - ok 23:11:05.0291 0844 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:11:05.0293 0844 MSPQM - ok 23:11:05.0317 0844 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:11:05.0319 0844 MsRPC - ok 23:11:05.0347 0844 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 23:11:05.0348 0844 mssmbios - ok 23:11:05.0387 0844 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:11:05.0388 0844 MSTEE - ok 23:11:05.0400 0844 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 23:11:05.0401 0844 MTConfig - ok 23:11:05.0424 0844 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 23:11:05.0426 0844 Mup - ok 23:11:05.0471 0844 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 23:11:05.0477 0844 napagent - ok 23:11:05.0528 0844 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:11:05.0532 0844 NativeWifiP - ok 23:11:05.0596 0844 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 23:11:05.0613 0844 NDIS - ok 23:11:05.0637 0844 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 23:11:05.0638 0844 NdisCap - ok 23:11:05.0674 0844 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:11:05.0676 0844 NdisTapi - ok 23:11:05.0730 0844 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:11:05.0731 0844 Ndisuio - ok 23:11:05.0778 0844 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:11:05.0779 0844 NdisWan - ok 23:11:05.0814 0844 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:11:05.0815 0844 NDProxy - ok 23:11:05.0835 0844 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:11:05.0836 0844 NetBIOS - ok 23:11:05.0884 0844 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 23:11:05.0886 0844 NetBT - ok 23:11:05.0910 0844 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 23:11:05.0912 0844 Netlogon - ok 23:11:05.0974 0844 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 23:11:05.0980 0844 Netman - ok 23:11:05.0998 0844 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 23:11:06.0007 0844 netprofm - ok 23:11:06.0057 0844 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:11:06.0070 0844 NetTcpPortSharing - ok 23:11:06.0132 0844 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 23:11:06.0133 0844 nfrd960 - ok 23:11:06.0190 0844 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 23:11:06.0195 0844 NlaSvc - ok 23:11:06.0219 0844 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:11:06.0220 0844 Npfs - ok 23:11:06.0262 0844 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 23:11:06.0265 0844 nsi - ok 23:11:06.0281 0844 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:11:06.0282 0844 nsiproxy - ok 23:11:06.0369 0844 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:11:06.0412 0844 Ntfs - ok 23:11:06.0433 0844 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 23:11:06.0434 0844 Null - ok 23:11:06.0475 0844 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:11:06.0477 0844 nvraid - ok 23:11:06.0501 0844 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:11:06.0502 0844 nvstor - ok 23:11:06.0534 0844 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 23:11:06.0536 0844 nv_agp - ok 23:11:06.0585 0844 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 23:11:06.0586 0844 ohci1394 - ok 23:11:06.0624 0844 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:11:06.0637 0844 ose - ok 23:11:06.0696 0844 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 23:11:06.0701 0844 p2pimsvc - ok 23:11:06.0728 0844 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 23:11:06.0734 0844 p2psvc - ok 23:11:06.0780 0844 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 23:11:06.0781 0844 Parport - ok 23:11:06.0825 0844 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:11:06.0827 0844 partmgr - ok 23:11:06.0854 0844 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 23:11:06.0855 0844 Parvdm - ok 23:11:06.0882 0844 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:11:06.0885 0844 PcaSvc - ok 23:11:06.0915 0844 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 23:11:06.0917 0844 pci - ok 23:11:06.0966 0844 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 23:11:06.0966 0844 pciide - ok 23:11:06.0996 0844 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 23:11:06.0997 0844 pcmcia - ok 23:11:07.0020 0844 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 23:11:07.0021 0844 pcw - ok 23:11:07.0069 0844 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:11:07.0089 0844 PEAUTH - ok 23:11:07.0170 0844 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 23:11:07.0202 0844 PeerDistSvc - ok 23:11:07.0314 0844 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 23:11:07.0369 0844 pla - ok 23:11:07.0437 0844 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:11:07.0443 0844 PlugPlay - ok 23:11:07.0479 0844 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 23:11:07.0482 0844 PNRPAutoReg - ok 23:11:07.0518 0844 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 23:11:07.0522 0844 PNRPsvc - ok 23:11:07.0556 0844 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:11:07.0575 0844 PolicyAgent - ok 23:11:07.0627 0844 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 23:11:07.0631 0844 Power - ok 23:11:07.0680 0844 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:11:07.0681 0844 PptpMiniport - ok 23:11:07.0704 0844 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 23:11:07.0705 0844 Processor - ok 23:11:07.0769 0844 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 23:11:07.0773 0844 ProfSvc - ok 23:11:07.0801 0844 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:11:07.0803 0844 ProtectedStorage - ok 23:11:07.0847 0844 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 23:11:07.0849 0844 Psched - ok 23:11:07.0921 0844 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 23:11:07.0963 0844 ql2300 - ok 23:11:07.0987 0844 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 23:11:07.0988 0844 ql40xx - ok 23:11:08.0034 0844 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 23:11:08.0039 0844 QWAVE - ok 23:11:08.0071 0844 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:11:08.0072 0844 QWAVEdrv - ok 23:11:08.0099 0844 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:11:08.0100 0844 RasAcd - ok 23:11:08.0158 0844 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 23:11:08.0159 0844 RasAgileVpn - ok 23:11:08.0208 0844 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 23:11:08.0211 0844 RasAuto - ok 23:11:08.0230 0844 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:11:08.0231 0844 Rasl2tp - ok 23:11:08.0284 0844 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 23:11:08.0289 0844 RasMan - ok 23:11:08.0312 0844 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:11:08.0313 0844 RasPppoe - ok 23:11:08.0338 0844 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 23:11:08.0341 0844 RasSstp - ok 23:11:08.0396 0844 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:11:08.0399 0844 rdbss - ok 23:11:08.0420 0844 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 23:11:08.0420 0844 rdpbus - ok 23:11:08.0468 0844 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:11:08.0470 0844 RDPCDD - ok 23:11:08.0500 0844 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 23:11:08.0502 0844 RDPDR - ok 23:11:08.0535 0844 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:11:08.0536 0844 RDPENCDD - ok 23:11:08.0580 0844 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 23:11:08.0581 0844 RDPREFMP - ok 23:11:08.0657 0844 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 23:11:08.0658 0844 RdpVideoMiniport - ok 23:11:08.0706 0844 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:11:08.0708 0844 RDPWD - ok 23:11:08.0766 0844 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 23:11:08.0768 0844 rdyboost - ok 23:11:08.0806 0844 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 23:11:08.0809 0844 RemoteAccess - ok 23:11:08.0843 0844 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:11:08.0848 0844 RemoteRegistry - ok 23:11:08.0874 0844 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 23:11:08.0877 0844 RpcEptMapper - ok 23:11:08.0912 0844 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 23:11:08.0914 0844 RpcLocator - ok 23:11:08.0949 0844 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 23:11:08.0955 0844 RpcSs - ok 23:11:08.0998 0844 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:11:08.0999 0844 rspndr - ok 23:11:09.0027 0844 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 23:11:09.0031 0844 RTL8167 - ok 23:11:09.0074 0844 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 23:11:09.0075 0844 s3cap - ok 23:11:09.0098 0844 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 23:11:09.0100 0844 SamSs - ok 23:11:09.0143 0844 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 23:11:09.0145 0844 sbp2port - ok 23:11:09.0205 0844 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:11:09.0209 0844 SCardSvr - ok 23:11:09.0259 0844 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 23:11:09.0260 0844 scfilter - ok 23:11:09.0321 0844 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 23:11:09.0349 0844 Schedule - ok 23:11:09.0367 0844 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 23:11:09.0368 0844 SCPolicySvc - ok 23:11:09.0427 0844 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:11:09.0430 0844 SDRSVC - ok 23:11:09.0479 0844 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:11:09.0480 0844 secdrv - ok 23:11:09.0497 0844 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 23:11:09.0500 0844 seclogon - ok 23:11:09.0543 0844 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 23:11:09.0547 0844 SENS - ok 23:11:09.0583 0844 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 23:11:09.0586 0844 SensrSvc - ok 23:11:09.0615 0844 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 23:11:09.0616 0844 Serenum - ok 23:11:09.0628 0844 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 23:11:09.0631 0844 Serial - ok 23:11:09.0659 0844 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 23:11:09.0660 0844 sermouse - ok 23:11:09.0718 0844 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 23:11:09.0721 0844 SessionEnv - ok 23:11:09.0772 0844 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 23:11:09.0772 0844 sffdisk - ok 23:11:09.0799 0844 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 23:11:09.0799 0844 sffp_mmc - ok 23:11:09.0811 0844 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 23:11:09.0811 0844 sffp_sd - ok 23:11:09.0826 0844 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 23:11:09.0827 0844 sfloppy - ok 23:11:09.0871 0844 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:11:09.0876 0844 SharedAccess - ok 23:11:09.0931 0844 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:11:09.0936 0844 ShellHWDetection - ok 23:11:09.0959 0844 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 23:11:09.0959 0844 sisagp - ok 23:11:10.0027 0844 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:11:10.0028 0844 SiSRaid2 - ok 23:11:10.0049 0844 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 23:11:10.0050 0844 SiSRaid4 - ok 23:11:10.0089 0844 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:11:10.0090 0844 Smb - ok 23:11:10.0160 0844 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:11:10.0163 0844 SNMPTRAP - ok 23:11:10.0184 0844 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 23:11:10.0185 0844 spldr - ok 23:11:10.0240 0844 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 23:11:10.0245 0844 Spooler - ok 23:11:10.0378 0844 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 23:11:10.0471 0844 sppsvc - ok 23:11:10.0519 0844 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 23:11:10.0523 0844 sppuinotify - ok 23:11:10.0576 0844 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 23:11:10.0581 0844 srv - ok 23:11:10.0605 0844 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:11:10.0608 0844 srv2 - ok 23:11:10.0632 0844 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:11:10.0634 0844 srvnet - ok 23:11:10.0664 0844 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:11:10.0668 0844 SSDPSRV - ok 23:11:10.0708 0844 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 23:11:10.0708 0844 ssmdrv - ok 23:11:10.0750 0844 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 23:11:10.0756 0844 SstpSvc - ok 23:11:10.0795 0844 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 23:11:10.0797 0844 stexstor - ok 23:11:10.0861 0844 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 23:11:10.0870 0844 StiSvc - ok 23:11:10.0892 0844 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 23:11:10.0893 0844 storflt - ok 23:11:10.0955 0844 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys 23:11:10.0956 0844 storvsc - ok 23:11:10.0992 0844 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 23:11:10.0993 0844 swenum - ok 23:11:11.0029 0844 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 23:11:11.0036 0844 swprv - ok 23:11:11.0070 0844 Synth3dVsc - ok 23:11:11.0146 0844 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 23:11:11.0184 0844 SysMain - ok 23:11:11.0209 0844 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:11:11.0214 0844 TabletInputService - ok 23:11:11.0263 0844 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 23:11:11.0268 0844 TapiSrv - ok 23:11:11.0304 0844 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 23:11:11.0307 0844 TBS - ok 23:11:11.0386 0844 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:11:11.0426 0844 Tcpip - ok 23:11:11.0496 0844 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 23:11:11.0505 0844 TCPIP6 - ok 23:11:11.0535 0844 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:11:11.0537 0844 tcpipreg - ok 23:11:11.0578 0844 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:11:11.0579 0844 TDPIPE - ok 23:11:11.0601 0844 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:11:11.0602 0844 TDTCP - ok 23:11:11.0642 0844 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:11:11.0644 0844 tdx - ok 23:11:11.0669 0844 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 23:11:11.0670 0844 TermDD - ok 23:11:11.0728 0844 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 23:11:11.0737 0844 TermService - ok 23:11:11.0771 0844 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 23:11:11.0774 0844 Themes - ok 23:11:11.0799 0844 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 23:11:11.0802 0844 THREADORDER - ok 23:11:11.0838 0844 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 23:11:11.0841 0844 TrkWks - ok 23:11:11.0921 0844 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:11:11.0923 0844 TrustedInstaller - ok 23:11:11.0978 0844 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:11:11.0979 0844 tssecsrv - ok 23:11:12.0008 0844 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 23:11:12.0009 0844 TsUsbFlt - ok 23:11:12.0021 0844 tsusbhub - ok 23:11:12.0155 0844 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:11:12.0157 0844 tunnel - ok 23:11:12.0199 0844 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 23:11:12.0200 0844 uagp35 - ok 23:11:12.0261 0844 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:11:12.0264 0844 udfs - ok 23:11:12.0302 0844 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:11:12.0305 0844 UI0Detect - ok 23:11:12.0354 0844 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 23:11:12.0355 0844 uliagpkx - ok 23:11:12.0400 0844 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 23:11:12.0401 0844 umbus - ok 23:11:12.0428 0844 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 23:11:12.0429 0844 UmPass - ok 23:11:12.0475 0844 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll 23:11:12.0479 0844 UmRdpService - ok 23:11:12.0530 0844 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 23:11:12.0536 0844 upnphost - ok 23:11:12.0560 0844 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:11:12.0561 0844 usbccgp - ok 23:11:12.0607 0844 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 23:11:12.0608 0844 usbcir - ok 23:11:12.0633 0844 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:11:12.0634 0844 usbehci - ok 23:11:12.0675 0844 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:11:12.0678 0844 usbhub - ok 23:11:12.0697 0844 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 23:11:12.0698 0844 usbohci - ok 23:11:12.0750 0844 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 23:11:12.0751 0844 usbprint - ok 23:11:12.0802 0844 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 23:11:12.0803 0844 usbscan - ok 23:11:12.0830 0844 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:11:12.0831 0844 USBSTOR - ok 23:11:12.0876 0844 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 23:11:12.0877 0844 usbuhci - ok 23:11:12.0911 0844 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 23:11:12.0921 0844 UxSms - ok 23:11:12.0943 0844 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 23:11:12.0951 0844 VaultSvc - ok 23:11:12.0981 0844 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 23:11:12.0983 0844 vdrvroot - ok 23:11:13.0046 0844 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 23:11:13.0055 0844 vds - ok 23:11:13.0080 0844 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:11:13.0081 0844 vga - ok 23:11:13.0115 0844 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 23:11:13.0117 0844 VgaSave - ok 23:11:13.0140 0844 VGPU - ok 23:11:13.0183 0844 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 23:11:13.0185 0844 vhdmp - ok 23:11:13.0228 0844 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 23:11:13.0229 0844 viaagp - ok 23:11:13.0250 0844 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 23:11:13.0251 0844 ViaC7 - ok 23:11:13.0292 0844 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 23:11:13.0293 0844 viaide - ok 23:11:13.0313 0844 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys 23:11:13.0314 0844 vmbus - ok 23:11:13.0344 0844 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 23:11:13.0345 0844 VMBusHID - ok 23:11:13.0368 0844 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 23:11:13.0369 0844 volmgr - ok 23:11:13.0404 0844 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:11:13.0408 0844 volmgrx - ok 23:11:13.0432 0844 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 23:11:13.0436 0844 volsnap - ok 23:11:13.0484 0844 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 23:11:13.0486 0844 vsmraid - ok 23:11:13.0557 0844 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 23:11:13.0575 0844 VSS - ok 23:11:13.0604 0844 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 23:11:13.0605 0844 vwifibus - ok 23:11:13.0643 0844 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 23:11:13.0644 0844 vwififlt - ok 23:11:13.0690 0844 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 23:11:13.0696 0844 W32Time - ok 23:11:13.0728 0844 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 23:11:13.0728 0844 WacomPen - ok 23:11:13.0780 0844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 23:11:13.0782 0844 WANARP - ok 23:11:13.0793 0844 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:11:13.0794 0844 Wanarpv6 - ok 23:11:13.0849 0844 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 23:11:13.0893 0844 wbengine - ok 23:11:13.0914 0844 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 23:11:13.0920 0844 WbioSrvc - ok 23:11:13.0964 0844 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:11:13.0970 0844 wcncsvc - ok 23:11:13.0993 0844 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:11:13.0996 0844 WcsPlugInService - ok 23:11:14.0036 0844 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 23:11:14.0037 0844 Wd - ok 23:11:14.0094 0844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:11:14.0101 0844 Wdf01000 - ok 23:11:14.0127 0844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:11:14.0130 0844 WdiServiceHost - ok 23:11:14.0142 0844 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:11:14.0146 0844 WdiSystemHost - ok 23:11:14.0196 0844 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 23:11:14.0201 0844 WebClient - ok 23:11:14.0243 0844 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 23:11:14.0247 0844 Wecsvc - ok 23:11:14.0270 0844 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:11:14.0274 0844 wercplsupport - ok 23:11:14.0313 0844 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 23:11:14.0318 0844 WerSvc - ok 23:11:14.0363 0844 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 23:11:14.0364 0844 WfpLwf - ok 23:11:14.0392 0844 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 23:11:14.0393 0844 WIMMount - ok 23:11:14.0466 0844 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 23:11:14.0496 0844 WinDefend - ok 23:11:14.0513 0844 WinHttpAutoProxySvc - ok 23:11:14.0577 0844 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:11:14.0579 0844 Winmgmt - ok 23:11:14.0642 0844 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 23:11:14.0687 0844 WinRM - ok 23:11:14.0747 0844 [ B0E6FAA0F0EAD4772C545A3737EFB47F ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe 23:11:14.0749 0844 WisLMSvc - ok 23:11:14.0804 0844 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 23:11:14.0832 0844 Wlansvc - ok 23:11:14.0882 0844 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 23:11:14.0883 0844 WmiAcpi - ok 23:11:14.0909 0844 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:11:14.0911 0844 wmiApSrv - ok 23:11:15.0006 0844 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 23:11:15.0051 0844 WMPNetworkSvc - ok 23:11:15.0078 0844 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:11:15.0082 0844 WPCSvc - ok 23:11:15.0127 0844 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:11:15.0131 0844 WPDBusEnum - ok 23:11:15.0164 0844 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:11:15.0165 0844 ws2ifsl - ok 23:11:15.0187 0844 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 23:11:15.0191 0844 wscsvc - ok 23:11:15.0203 0844 WSearch - ok 23:11:15.0312 0844 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 23:11:15.0375 0844 wuauserv - ok 23:11:15.0425 0844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 23:11:15.0427 0844 WudfPf - ok 23:11:15.0462 0844 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:11:15.0464 0844 WUDFRd - ok 23:11:15.0530 0844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:11:15.0534 0844 wudfsvc - ok 23:11:15.0579 0844 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 23:11:15.0583 0844 WwanSvc - ok 23:11:15.0624 0844 ================ Scan global =============================== 23:11:15.0671 0844 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 23:11:15.0722 0844 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll 23:11:15.0747 0844 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll 23:11:15.0783 0844 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 23:11:15.0810 0844 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 23:11:15.0815 0844 [Global] - ok 23:11:15.0820 0844 ================ Scan MBR ================================== 23:11:15.0829 0844 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 23:11:16.0066 0844 \Device\Harddisk0\DR0 - ok 23:11:16.0071 0844 ================ Scan VBR ================================== 23:11:16.0075 0844 [ 494FC400C5C635193A8D7E4B0EF5EA94 ] \Device\Harddisk0\DR0\Partition1 23:11:16.0077 0844 \Device\Harddisk0\DR0\Partition1 - ok 23:11:16.0119 0844 [ 8084199E9830A6DE7D03D29287D39A8F ] \Device\Harddisk0\DR0\Partition2 23:11:16.0120 0844 \Device\Harddisk0\DR0\Partition2 - ok 23:11:16.0141 0844 [ 6001DF44E66D8C1936164247EB14D0BF ] \Device\Harddisk0\DR0\Partition3 23:11:16.0142 0844 \Device\Harddisk0\DR0\Partition3 - ok 23:11:16.0147 0844 ============================================================ 23:11:16.0147 0844 Scan finished 23:11:16.0147 0844 ============================================================ 23:11:16.0165 2992 Detected object count: 0 23:11:16.0165 2992 Actual detected object count: 0 Hallo Ryder, ist das alles richtig was ich bis jetzt gemacht habe? manchmal bin ich in bisschen "blond"  |
|
08.12.2012, 23:19
| #4 | ||
| /// TB-Ausbilder | tcbhn.exe Blabbers gefunden im Startmenü Schritt 1: Deinstalliere Ccleaner Schritt 2: Scan mit Combofix
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
08.12.2012, 23:19
| #5 |
| | tcbhn.exe Blabbers gefunden im Startmenü was passiert denn jetzt weiter? |
|
08.12.2012, 23:26
| #6 |
| /// TB-Ausbilder | tcbhn.exe Blabbers gefunden im Startmenü wir bereinigen jetzt weiter bis alles fort ist
__________________ --> tcbhn.exe Blabbers gefunden im Startmenü |
|
08.12.2012, 23:32
| #7 |
| | tcbhn.exe Blabbers gefunden im Startmenü Combofix Logfile: Code:
ATTFilter ComboFix 12-12-07.01 - Christina 08.12.2012 23:23:22.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.2038.1116 [GMT 1:00]
ausgeführt von:: c:\users\Christina\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\7Loader.TAG
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-08 bis 2012-12-08 ))))))))))))))))))))))))))))))
.
.
2012-12-08 22:28 . 2012-12-08 22:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-07 20:53 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{63267B14-8E20-4E71-A601-C5E96630B0D2}\mpengine.dll
2012-11-24 16:44 . 2012-12-07 23:51 -------- d-----w- c:\program files\ABC Amber Text Converter
2012-11-24 16:28 . 2012-11-24 16:28 -------- d-----w- c:\program files\MSECache
2012-11-24 15:23 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2012-11-24 15:23 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-11-24 15:22 . 2012-11-24 15:22 -------- d-----w- c:\programdata\Hewlett-Packard
2012-11-24 15:22 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2012-11-18 19:28 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-18 19:28 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-17 19:24 . 2012-11-17 19:24 -------- d-----w- c:\windows\system32\SPReview
2012-11-17 19:24 . 2012-11-17 19:24 -------- d-----w- c:\windows\system32\EventProviders
2012-11-17 19:19 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-11-17 19:19 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-17 19:19 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\system32\mstscax.dll
2012-11-17 19:19 . 2010-11-20 12:19 53760 ----a-w- c:\windows\system32\LSCSHostPolicy.dll
2012-11-17 19:19 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-17 19:19 . 2010-11-20 12:19 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-11-17 19:19 . 2010-11-20 12:19 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-11-17 19:19 . 2010-11-20 12:18 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2012-11-17 19:19 . 2010-11-20 12:21 120320 ----a-w- c:\windows\system32\tssrvlic.dll
2012-11-17 19:19 . 2010-11-20 12:17 80896 ----a-w- c:\windows\system32\RDVGHelper.exe
2012-11-17 19:19 . 2010-11-20 12:21 1159168 ----a-w- c:\windows\system32\sysmain.dll
2012-11-17 19:17 . 2010-11-20 12:29 2217856 ----a-w- c:\windows\system32\bootres.dll
2012-11-17 19:16 . 2010-11-20 12:21 8704 ----a-w- c:\windows\system32\rdpcfgex.dll
2012-11-16 07:00 . 2012-11-16 07:00 -------- d-----w- c:\windows\system32\wbem\en-US
2012-11-16 06:03 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 06:03 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 06:03 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 06:01 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 06:01 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 06:01 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 06:01 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 06:01 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 06:01 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-16 06:01 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 05:59 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-16 05:59 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-16 05:59 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-16 05:55 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-11-15 20:24 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-15 20:24 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-11-15 20:24 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2012-11-15 20:24 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-11-15 20:24 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-11-15 20:22 . 2012-08-20 17:40 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-15 20:20 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-15 20:20 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-15 20:20 . 2010-11-20 12:16 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-11-15 20:20 . 2010-11-20 12:16 204288 ----a-w- c:\windows\system32\MSNP.ax
2012-11-15 20:20 . 2010-11-20 12:16 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-11-15 20:18 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-11-15 20:16 . 2012-04-28 04:41 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-15 20:16 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-15 20:14 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-15 20:14 . 2012-06-02 04:40 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-15 20:14 . 2012-06-02 04:40 225280 ----a-w- c:\windows\system32\schannel.dll
2012-11-15 20:14 . 2012-06-02 04:45 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-15 20:14 . 2012-06-02 04:45 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-15 20:14 . 2012-06-02 04:39 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-15 20:14 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-11-15 20:14 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-11-15 20:14 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-11-15 20:14 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-11-15 20:13 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-11-15 20:13 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-11-15 20:13 . 2010-06-26 03:24 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-11-15 20:13 . 2011-07-09 02:30 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-11-15 20:13 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-11-15 20:13 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-11-15 20:12 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-15 20:12 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2012-11-15 20:12 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-11-15 20:12 . 2010-11-20 12:17 1785344 ----a-w- c:\program files\Windows Journal\Journal.exe
2012-11-15 20:12 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-11-15 20:12 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-11-15 20:12 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-11-15 20:12 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-11-15 20:12 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2012-11-15 20:09 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-11-15 20:01 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2012-11-15 20:01 . 2010-11-20 12:17 802304 ----a-w- c:\windows\system32\WFS.exe
2012-11-15 19:59 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2012-11-15 19:58 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-11-15 19:58 . 2010-11-20 12:21 30208 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\winprint.dll
2012-11-15 19:58 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-15 19:58 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-11-15 19:57 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2012-11-15 19:57 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
2012-11-15 19:57 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-15 19:57 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-11-15 19:57 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-11-15 19:57 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-11-15 19:57 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-11-15 19:57 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll
2012-11-15 19:56 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-11-15 19:56 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2012-11-13 22:25 . 2012-11-13 22:25 -------- d-----w- c:\windows\system32\Lang
2012-11-13 22:25 . 2009-09-23 10:50 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2012-11-13 22:25 . 2009-09-23 10:49 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2012-11-13 22:25 . 2012-11-13 22:25 -------- d-----w- c:\program files\Intel
2012-11-13 22:21 . 2012-11-13 22:21 -------- d-----w- c:\program files\Common Files\Adobe
2012-11-13 22:21 . 2012-11-13 22:21 -------- d-----w- c:\windows\system32\x64
2012-11-13 22:21 . 2009-09-23 18:30 1002008 ----a-w- c:\windows\system32\igxpun.exe
2012-11-13 22:19 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-11-13 22:19 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-11-13 22:19 . 2010-11-20 10:24 134656 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-13 22:19 . 2010-11-20 10:21 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-13 22:19 . 2010-11-20 10:21 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2012-11-13 22:18 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2012-11-13 22:18 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2012-11-13 22:17 . 2012-11-13 22:17 -------- d-----w- c:\program files\Microsoft Works
2012-11-13 22:16 . 2012-11-17 21:45 -------- d-----w- c:\program files\Microsoft.NET
2012-11-13 22:16 . 2012-11-13 22:16 -------- d-----w- c:\windows\PCHEALTH
2012-11-13 22:14 . 2012-11-07 15:03 83432 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-13 22:14 . 2012-11-07 15:03 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-11-13 22:14 . 2012-11-07 15:03 133824 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-11-13 22:14 . 2012-11-13 22:14 -------- d-----w- c:\programdata\Avira
2012-11-13 22:14 . 2012-11-13 22:14 -------- d-----w- c:\program files\Avira
2012-11-13 22:11 . 2006-07-12 13:39 208896 ----a-w- c:\windows\system32\FFRafShellEx.dll
2012-11-13 22:11 . 2012-11-13 22:11 -------- d-----w- c:\program files\RAF
2012-11-13 22:11 . 2010-02-10 13:26 233472 ----a-w- c:\windows\system32\RFCLauncher.exe
2012-11-13 22:10 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2012-11-13 22:10 . 2012-11-13 22:10 -------- d-----w- c:\programdata\FUJIFILM
2012-11-13 22:10 . 2012-11-13 22:10 -------- d-----w- c:\program files\FUJIFILM
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-17 19:32 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-16 07:39 . 2012-11-27 18:39 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-07-26 192512]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-11-26 384800]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
.
c:\users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
tcbhn.lnk - c:\users\Christina\AppData\Roaming\BrowserCompanion\tcbhn.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-09-23 19:43 926896 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 22985893
*Deregistered* - 22985893
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-13 21:58]
.
2012-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-13 21:58]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
HKLM-Run-LaunchAp - c:\program files\Launch Manager\LaunchAp.exe
HKLM-Run-Wbutton - c:\program files\Launch Manager\WButton.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-08 23:29:55
ComboFix-quarantined-files.txt 2012-12-08 22:29
.
Vor Suchlauf: 5 Verzeichnis(se), 13.818.036.224 Bytes frei
Nach Suchlauf: 8 Verzeichnis(se), 13.876.256.768 Bytes frei
.
- - End Of File - - C7E071EB782595759C46F0147B854BFF
war das richtig? ich hatte nicht so wirklich das Gefühl das ein Neustart stattgefunden hat. soll ich den Laptop lieber nochmal neu starten? kann ich Avira wieder starten? |
|
08.12.2012, 23:42
| #8 | ||
| /// TB-Ausbilder | tcbhn.exe Blabbers gefunden im Startmenü Ja kannst du ... ist aber auch egal ... denn Sowas hier ... Zitat:
Supportstopp: Cracks oder Keygens Damit ist das Thema beendet.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
08.12.2012, 23:46
| #9 |
| | tcbhn.exe Blabbers gefunden im Startmenü was bedeutet das? Ich habe diesen Laptop gebraucht gekauft, da war schon alles drauf. Wie kann ich das korrigieren? Und was ist denn nicht original? Kannst du mir da weiterhelfen? Wie finde ich heraus was nicht echt ist? Ich werde den Laptop am Montag in eine Fachwerkstatt geben, denn etwas illegales will ich nicht haben. Sorry, aber DAS HABE ICH WIRKLICH NICHT GEWUSST! Trotzdem Danke für die Hilfe und wünsche noch ein schönes Wochenende. |
|
| Themen zu tcbhn.exe Blabbers gefunden im Startmenü |
| appdata, aswmbr, avast, beiträge, boot, c:\windows, classpnp.sys, computer, desktop, device, file, google, harddisk, ide, log, log file, scanning, schnell, seite, service, super, system, system32, temp, version, windows, windows 7 |
Linear-Darstellung
