| |
| |||||||
Log-Analyse und Auswertung: Malwarebytes meldet Fund und Rechner ist lahmWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
02.01.2013, 20:29
| #1 |
| |  Malwarebytes meldet Fund und Rechner ist lahm Liebes Forum, mein Rechner wird immer langsamer und manchmal übereinstimmen die Tastennicht mit dem überein, was sie "mache" sollten. Habe daraufhin Malwarebytes ausgeführt und es wurde ein Fund ausgespuckt. Anbei die Logs. Für Hilfe wäreich sehr dankbar, Elvi |
|
02.01.2013, 21:18
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malwarebytes meldet Fund und Rechner ist lahm Hallo und
__________________ Mal eine kurze Frage, das ist jetzt nichts speziell gegen dich, ich hätte auch jeden anderen fragen können der die Logs so postet - wo bitte steht, dass die Logs in den Anhang gelegt werden sollen bzw. wo genau hast du das herausgelesen? Logfiles im Anhang erschweren die Auswertung massivst Bitte um Erläuterung damit man die Textstelle in der Anleitung für alle Neulinge mal gezielt ändern/verbessern kann. Danke.
__________________ |
|
02.01.2013, 21:25
| #3 |
| | Malwarebytes meldet Fund und Rechner ist lahm Hallo Cosinus,
__________________ich hatte es so verstanden - im Kontext gesehen und dieses Verständnis bestätigte sich für mich rein subjektiv dann,als ich in der Eingabemaske des Postings war. Soll ich nun nacharbeiten oder drückt ihr für mich eines der berühmten Augen zu? LG Elvi P.S. ich muss vielleicht noch hinzufügen, dass ich technisch nicht sehr versiert bin und mich dies alleshier über meine Grenzen hinaus bringt |
|
02.01.2013, 21:47
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes meldet Fund und Rechner ist lahm Naja, ich wollte nur wissen warum doch recht viele Neulinge die Logs immer wieder anhängen. Vllt ist da eine Textstelle in der Anleitung die missverständlich beschrieben ist oder so. Bitte die folgenden Logs in CODE-Tags. Danke. Außerdem fehlt das OTL.txt bitte nachreichen.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.01.2013, 21:54
| #5 |
| | Malwarebytes meldet Fund und Rechner ist lahm Hier also nochmal all meine Logfiles: Code:
ATTFilter OTL Extras logfile created on: 02.01.2013 17:14:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kirsten_2\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,96 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,99% Memory free
6,15 Gb Paging File | 4,93 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,52 Gb Total Space | 112,74 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive E: | 184,62 Gb Total Space | 170,89 Gb Free Space | 92,56% Space Free | Partition Type: NTFS
Computer Name: SARAHS-PC | User Name: Kirsten_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000769BC-FCA3-4B4F-B3E5-F4CF5EF3F4B0}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{035BDC54-CEB8-4081-8FA7-3F1BF82DF33E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3429D633-3DF1-4BC2-878D-A64C1834A8AA}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{520E3DA9-46C7-4E39-A662-13ABE3853A17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D3559EA-8B5E-411B-9BB5-318CE8598E3D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2C994A4-0641-4124-BAB3-2C665452D123}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8650496-7B0C-4BBD-8C6C-14AEA012F061}" = rport=2869 | protocol=6 | dir=out | app=system |
"{FEF201DE-493F-469C-9A91-717FBE864BB9}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D392AF4-E02D-4840-9748-95279A89D034}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0E2A29BD-F0D8-4A5E-ADDF-D5777AC9AB51}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{13BBF106-8436-40C7-B02A-6FBF76B01EDC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{39231223-58B3-4433-B0F3-C3E76D19531F}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{558B48E1-8D9A-4481-9634-8D36F1734437}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{64471AEB-BAA4-4D1F-97BD-0B88770F0285}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{6FB0F9D8-2293-4547-BAA5-EA94004D6920}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8F80216F-BEE7-4064-9907-3F1DB69A6E3F}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{98C952F3-91DA-4D83-9AEF-2791BF359E57}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9EA48CFC-AD74-4F47-AE83-534BF01C8056}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{B5ECA6DE-5A70-4E9D-BE5E-D98CDC960659}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B8C8DBE5-A08E-41A0-8EBD-360346214769}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BFCC9BBD-5078-4A85-9A74-A50E6A5A0718}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{C8DF4FEB-B355-40D3-8FA6-33AF7BC19D0A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD86F9A7-FA44-4D80-9F0D-3E57DCE0AE37}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{D047E00C-D51C-48F3-9563-3D893A85489C}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{D9D2E15F-DE31-4396-8383-D998DC444942}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E9A3E178-FF8D-406C-A1EB-F4446CB7B128}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"TCP Query User{787019DF-E536-406D-883C-773B14B1E203}C:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{7C710233-4138-47EA-A0F3-965C384CC755}C:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{D8316FCE-A997-4BC8-BAAD-12E1DC61C61E}C:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{FA5F7AA7-10BA-4142-B992-C76AB6870B7E}C:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{2ACD08C7-D3E4-4433-9C7A-BB67E4763FE0}C:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{905AE170-7C01-4FCC-BA4D-BD91D856C93B}C:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{BE33C753-1C7E-4ED7-8955-A8AFD31FDEAF}C:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{C12619FF-2D76-4E4D-8558-64C439C038D8}C:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0D8E81A5-B61C-4360-910C-A738FD1B220A}" = Toshiba TEMPRO
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{12DCDE3D-5C8E-4C5E-A7E4-CEF30F578179}" = Dogz 5
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{37D67C45-8484-4398-B5C1-3CAE19FDDF22}" = EPSON PRINT Image Framer Tool1.1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A10DA03B-9048-48B4-00A2-A71153C3F886}" = Die Sims™ Tiergeschichten
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter und der Gefangene von Askaban(TM)
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B2EFE303-A594-11D5-95EB-005004BC1C65}" = EPSON PhotoQuicker3.2
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}" = Sprachtrainer Fonts
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter und der Halbblut-Prinz™
"{FDA8F0E9-53F0-46E7-8719-6DC08A46AC0B}" = Orange Line 2 Sprachtrainer
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Luka" = Luka
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"myphotobook" = myphotobook 3.65
"Nokia Ovi Suite" = Nokia Ovi Suite
"Picasa 3" = Picasa 3
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TIPP10_is1" = TIPP10 Version 2.1.0
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.11.2012 12:21:30 | Computer Name = Sarahs-PC | Source = EventSystem | ID = 4621
Description =
Error - 13.11.2012 12:48:21 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 12:48:25 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 13:09:35 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 13:09:37 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 13:09:38 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 13:09:58 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 13:14:07 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
Error - 13.11.2012 14:40:59 | Computer Name = Sarahs-PC | Source = Google Update | ID = 20
Description =
Error - 13.11.2012 14:41:36 | Computer Name = Sarahs-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 17.06.2012 06:25:33 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (7444.1128)
Error - 17.06.2012 06:25:33 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (7444.1129)
Error - 05.08.2012 04:46:10 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (344.1128)
Error - 05.08.2012 04:46:10 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (344.1129)
Error - 05.08.2012 05:46:16 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (1492.1128)
Error - 05.08.2012 05:46:16 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (1492.1129)
Error - 05.08.2012 06:46:22 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (1728.1128)
Error - 05.08.2012 06:46:22 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (1728.1129)
Error - 05.08.2012 07:46:28 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (5484.1128)
Error - 05.08.2012 07:46:28 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (5484.1129)
[ System Events ]
Error - 31.12.2012 03:29:03 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.12.2012 04:58:33 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.12.2012 07:37:46 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31.12.2012 09:43:42 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.01.2013 12:10:55 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.01.2013 03:30:10 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.01.2013 03:57:27 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.01.2013 05:11:13 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.01.2013 07:35:28 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.01.2013 09:25:02 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2013-01-02 20:14:39
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FG01
Running: j8bk5o82.exe; Driver: C:\Users\KIRSTE~1\AppData\Local\Temp\uxliqpow.sys
---- System - GMER 1.0.15 ----
SSDT 8CAB478E ZwCreateSection
SSDT 8CAB4798 ZwRequestWaitReplyPort
SSDT 8CAB4793 ZwSetContextThread
SSDT 8CAB479D ZwSetSecurityObject
SSDT 8CAB47A2 ZwSystemDebugControl
SSDT 8CAB472F ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 824F88D8 4 Bytes [8E, 47, AB, 8C]
.text ntkrnlpa.exe!KeSetEvent + 539 824F8BFC 4 Bytes [98, 47, AB, 8C]
.text ntkrnlpa.exe!KeSetEvent + 56D 824F8C30 4 Bytes [93, 47, AB, 8C]
.text ntkrnlpa.exe!KeSetEvent + 5D1 824F8C94 4 Bytes [9D, 47, AB, 8C]
.text ntkrnlpa.exe!KeSetEvent + 619 824F8CDC 4 Bytes [A2, 47, AB, 8C]
.text ...
.text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8AB56480, 0x3C939, 0xE8000020]
.dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8AB97900, 0x3CA, 0x48000040]
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8EE02000, 0x263970, 0xE8000020]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.02.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Kirsten_2 :: SARAHS-PC [Administrator] 02.01.2013 14:32:11 MBAM-log-2013-01-02 (17-03-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 482731 Laufzeit: 2 Stunde(n), 19 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Sas\AppData\Local\Nokia\Nokia Ovi Player\20121030.log (Extension.Mismatch) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter OTL logfile created on: 02.01.2013 17:14:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kirsten_2\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,96 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,99% Memory free 6,15 Gb Paging File | 4,93 Gb Available in Paging File | 80,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 186,52 Gb Total Space | 112,74 Gb Free Space | 60,44% Space Free | Partition Type: NTFS Drive E: | 184,62 Gb Total Space | 170,89 Gb Free Space | 92,56% Space Free | Partition Type: NTFS Computer Name: SARAHS-PC | User Name: Kirsten_2 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.02 17:10:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kirsten_2\Downloads\OTL.exe PRC - [2012.10.04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.285\SSScheduler.exe PRC - [2012.08.15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe PRC - [2012.08.11 07:33:56 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.06.15 11:26:22 | 000,095,232 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe PRC - [2012.05.29 16:25:52 | 001,564,880 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.01 23:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.04.24 01:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2010.10.26 15:00:24 | 001,050,072 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproTray.exe PRC - [2010.10.26 15:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe PRC - [2010.02.03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2009.05.12 21:26:42 | 000,299,008 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2009.04.24 10:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TECO\TecoService.exe PRC - [2009.04.24 10:40:08 | 001,323,008 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TECO\TEco.exe PRC - [2009.04.23 19:01:24 | 001,011,712 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe PRC - [2009.04.21 21:07:32 | 000,303,104 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009.04.21 21:07:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009.04.16 17:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe PRC - [2009.04.16 17:42:54 | 002,513,472 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe PRC - [2009.04.15 16:04:02 | 000,570,736 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe PRC - [2009.04.15 16:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009.04.01 17:11:06 | 001,283,384 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe PRC - [2009.04.01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe PRC - [2009.03.31 09:33:52 | 000,503,808 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe PRC - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2009.03.23 10:50:40 | 000,729,088 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2009.03.17 10:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2009.03.10 17:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2009.03.06 17:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2009.03.06 17:29:04 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2009.01.13 20:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe PRC - [2008.01.21 03:23:33 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2006.11.02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe ========== Modules (No Company Name) ========== MOD - [2012.11.16 18:47:10 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll MOD - [2012.11.16 18:45:33 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll MOD - [2012.11.16 18:45:29 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll MOD - [2012.11.16 18:45:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll MOD - [2012.11.16 18:45:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll MOD - [2012.11.16 18:44:59 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\79f3661da2402c72b0bba0de1e55f4d1\Accessibility.ni.dll MOD - [2012.11.16 17:46:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll MOD - [2012.11.16 17:46:24 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll MOD - [2012.11.16 17:46:14 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll MOD - [2012.11.16 17:45:03 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\09ab834223f9c860f08de8d58688b1a3\PresentationCore.ni.dll MOD - [2012.11.16 17:44:47 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\0e3cff5f58a9a75de7fcac112c8bbca0\WindowsBase.ni.dll MOD - [2012.11.16 17:44:33 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll MOD - [2012.11.16 17:44:19 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.07.26 18:10:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3398.36832__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2011.07.26 18:10:15 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3398.36836__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2011.07.26 18:10:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3398.36908__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2011.07.26 18:10:15 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3398.36876__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:15 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3398.36818__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2011.07.26 18:10:15 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3398.36838__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2011.07.26 18:10:15 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3398.36876__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2011.07.26 18:10:15 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3398.36889__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2011.07.26 18:10:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3398.36827__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:15 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3398.36871__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2011.07.26 18:10:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3398.36875__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2011.07.26 18:10:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3398.36909__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:15 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3398.36862__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011.07.26 18:10:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3398.36827__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,782,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3398.36864__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3398.36839__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3398.36828__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3398.36884__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2011.07.26 18:10:14 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3398.36863__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3398.36858__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3398.36870__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3398.36843__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2011.07.26 18:10:14 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3398.36838__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3398.36908__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3398.36869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2011.07.26 18:10:14 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3398.36863__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3398.36862__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3398.36907__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3398.36842__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3398.36863__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3398.36868__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3398.36870__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2011.07.26 18:10:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3010.30503__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011.07.26 18:10:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3010.30495__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3010.30513__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3010.30526__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3010.30525__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3010.30512__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3010.30525__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2011.07.26 18:10:13 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3010.30489__90ba9c70f846762e\CLI.Foundation.dll MOD - [2011.07.26 18:10:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3010.30518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3010.30504__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3010.30518__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3010.30516__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3010.30516__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3010.30516__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2011.07.26 18:10:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3010.30523__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3010.30517__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3010.30487__90ba9c70f846762e\LOG.Foundation.dll MOD - [2011.07.26 18:10:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3010.30509__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3010.30488__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3010.30539__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3010.30522__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3010.30515__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3010.30514__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3010.30512__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3010.30503__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2011.07.26 18:10:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3010.30517__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3010.30507__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2011.07.26 18:10:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3010.30495__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2011.07.26 18:10:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3010.30514__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3010.30511__90ba9c70f846762e\MOM.Foundation.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3010.30523__90ba9c70f846762e\DEM.Graphics.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3010.30502__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3010.30515__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3010.30514__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2011.07.26 18:10:13 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2011.07.26 18:10:12 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3398.36823__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2011.07.26 18:10:12 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3398.36832__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2011.07.26 18:10:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3398.36903__90ba9c70f846762e\MOM.Implementation.dll MOD - [2011.07.26 18:10:12 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3398.36902__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2011.07.26 18:10:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3398.36816__90ba9c70f846762e\APM.Server.dll MOD - [2011.07.26 18:10:12 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3398.36818__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2011.07.26 18:10:12 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3398.36816__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2011.07.26 18:10:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3010.30512__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2011.07.26 18:10:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3398.36814__90ba9c70f846762e\AEM.Server.dll MOD - [2011.07.26 18:10:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3398.36914__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2011.07.26 18:10:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3010.30492__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2011.07.26 18:10:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3010.30507__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2011.07.26 18:10:12 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3010.30497__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2011.07.26 18:10:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2011.07.26 18:10:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3010.30512__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2011.07.26 18:10:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3010.30500__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3010.30511__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3010.30510__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3010.30518__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3010.30511__90ba9c70f846762e\APM.Foundation.dll MOD - [2011.07.26 18:10:12 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3398.36903__90ba9c70f846762e\CCC.Implementation.dll MOD - [2011.07.26 18:10:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3010.30502__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2011.07.26 18:10:12 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2011.07.26 18:10:12 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2011.07.26 18:10:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3398.36814__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2009.06.09 10:37:22 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll MOD - [2009.04.24 10:39:24 | 000,516,096 | ---- | M] () -- C:\Programme\TOSHIBA\TECO\TecoPower.dll MOD - [2009.04.21 21:05:58 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.03.12 18:08:04 | 000,049,152 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll MOD - [2009.03.07 13:15:46 | 007,005,496 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\BlackPng.dll MOD - [2009.01.30 21:11:56 | 000,073,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll MOD - [2009.01.30 09:41:20 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2008.07.14 10:37:00 | 000,095,544 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll MOD - [2006.12.01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\TBS\NotifyTBS.dll MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ========== Services (SafeList) ========== SRV - [2012.12.11 20:35:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.21 07:28:08 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService) SRV - [2012.06.15 11:26:22 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.01 23:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.10.26 15:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.04.24 10:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) SRV - [2009.04.21 21:07:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.04.16 17:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc) SRV - [2009.04.15 16:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) SRV - [2009.04.01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2009.03.17 10:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2009.03.06 17:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2009.02.11 12:05:16 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Programme\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006.10.26 18:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.04.27 09:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.24 23:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 20:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009.04.24 13:29:28 | 000,163,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009.04.21 22:30:14 | 004,491,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.03.31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009.03.20 22:29:18 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL) DRV - [2009.03.20 20:09:52 | 000,491,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se) DRV - [2009.03.20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009.03.20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009.03.20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2009.03.18 10:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect) DRV - [2009.01.27 18:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) DRV - [2008.11.11 17:29:42 | 000,154,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.05.07 10:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter) DRV - [2007.12.14 10:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007.04.23 09:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG; IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{C32FDFE3-C70C-4DE2-AF58-77701832CECD}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG; IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG; IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB} IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "SweetIM Search" FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}" FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.7.0.3 FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}&src=2&crg=3.1010006.10028&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.08.24 10:14:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.21 07:28:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2012.01.14 14:15:52 | 000,000,000 | ---D | M] [2012.11.04 09:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\Extensions [2013.01.02 14:26:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\Firefox\Profiles\jgfy3esz.default\extensions [2013.01.02 14:26:12 | 000,189,128 | ---- | M] () (No name found) -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\firefox\profiles\jgfy3esz.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012.12.27 11:59:13 | 000,003,983 | ---- | M] () -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\firefox\profiles\jgfy3esz.default\searchplugins\sweetim.xml [2012.10.21 07:28:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.21 07:28:09 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation) O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.) O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH) O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Programme\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Kirsten_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B048F730-2C0E-459C-96C1-FF2BE1E3E45D}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.02 14:30:51 | 000,000,000 | ---D | C] -- C:\Users\Kirsten_2\Desktop\Test [2013.01.02 14:29:58 | 000,000,000 | ---D | C] -- C:\Users\Kirsten_2\AppData\Roaming\Malwarebytes [2013.01.02 14:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.02 14:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.02 14:29:11 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.01.02 14:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.12.27 11:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM [2012.12.27 11:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM [2012.12.27 11:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer ========== Files - Modified Within 30 Days ========== [2013.01.02 17:21:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1012UA.job [2013.01.02 17:09:33 | 000,000,000 | ---- | M] () -- C:\Users\Kirsten_2\defogger_reenable [2013.01.02 16:35:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.02 16:27:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1006UA.job [2013.01.02 16:27:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1006Core.job [2013.01.02 16:24:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.02 16:24:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.02 14:57:59 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1010UA.job [2013.01.02 14:31:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1004UA.job [2013.01.02 14:29:13 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.02 14:24:56 | 000,001,833 | ---- | M] () -- C:\Users\Kirsten_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2013.01.02 14:24:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.02 14:24:13 | 3184,394,240 | -HS- | M] () -- C:\hiberfil.sys [2013.01.01 17:30:59 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1004Core.job [2012.12.27 11:11:49 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.12.27 11:10:27 | 000,000,238 | ---- | M] () -- C:\Users\Kirsten_2\Desktop\Search the Web.url [2012.12.27 11:10:27 | 000,000,232 | ---- | M] () -- C:\Users\Kirsten_2\Desktop\SweetPcFix.url [2012.12.26 20:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1012Core.job [2012.12.26 08:08:22 | 000,595,504 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.12.26 08:08:22 | 000,104,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.12.26 08:08:21 | 000,626,768 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.12.26 08:08:21 | 000,126,232 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.12.25 17:58:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1010Core.job [2012.12.21 15:53:35 | 000,329,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys ========== Files Created - No Company Name ========== [2013.01.02 17:09:33 | 000,000,000 | ---- | C] () -- C:\Users\Kirsten_2\defogger_reenable [2013.01.02 14:29:13 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.12.27 11:11:49 | 000,000,809 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.12.27 11:10:27 | 000,000,238 | ---- | C] () -- C:\Users\Kirsten_2\Desktop\Search the Web.url [2012.12.27 11:10:27 | 000,000,232 | ---- | C] () -- C:\Users\Kirsten_2\Desktop\SweetPcFix.url [2012.10.30 15:30:23 | 000,000,526 | ---- | C] () -- C:\Windows\eReg.dat [2012.09.30 07:55:00 | 000,000,680 | RHS- | C] () -- C:\Users\Kirsten_2\ntuser.pol [2012.08.27 09:46:39 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012.08.27 09:46:39 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2012.06.18 17:03:16 | 000,329,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2011.12.05 16:27:38 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT.DAT [2011.07.30 11:33:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.07.30 11:33:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.07.27 19:31:28 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2011.07.27 19:31:28 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2011.07.26 18:33:27 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2011.07.26 18:30:52 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib.dll [2011.07.26 18:11:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.07.26 18:09:09 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe [2011.07.26 18:09:09 | 000,184,751 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.07.26 18:09:09 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2011.07.26 18:09:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.09.30 07:55:02 | 000,000,000 | ---D | M] -- C:\Users\Kirsten_2\AppData\Roaming\PC Suite ========== Purity Check ========== < End of report > |
|
02.01.2013, 22:09
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes meldet Fund und Rechner ist lahm Wieso postest du jetzt alle Logs nochmal?! Ich schrieb doch: Zitat:
 Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Malwarebytes meldet Fund und Rechner ist lahm |
|
02.01.2013, 22:41
| #7 |
| | Malwarebytes meldet Fund und Rechner ist lahm Hier das Logfile von Malwarebytes Anti-Rootkit Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2013.01.02.10
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kirsten_2 :: SARAHS-PC [administrator]
02.01.2013 22:38:12
mbar-log-2013-01-02 (22-38-12).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30267
Time elapsed: 12 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
03.01.2013, 11:16
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes meldet Fund und Rechner ist lahm 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 12:24
| #9 |
| | Malwarebytes meldet Fund und Rechner ist lahm Hier meine beiden Logs Code:
ATTFilter 12:14:20.0503 6112 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:14:20.0691 6112 ============================================================
12:14:20.0691 6112 Current date / time: 2013/01/03 12:14:20.0691
12:14:20.0691 6112 SystemInfo:
12:14:20.0691 6112
12:14:20.0691 6112 OS Version: 6.0.6002 ServicePack: 2.0
12:14:20.0691 6112 Product type: Workstation
12:14:20.0691 6112 ComputerName: SARAHS-PC
12:14:20.0691 6112 UserName: Kirsten_2
12:14:20.0691 6112 Windows directory: C:\Windows
12:14:20.0691 6112 System windows directory: C:\Windows
12:14:20.0691 6112 Processor architecture: Intel x86
12:14:20.0691 6112 Number of processors: 2
12:14:20.0691 6112 Page size: 0x1000
12:14:20.0691 6112 Boot type: Normal boot
12:14:20.0691 6112 ============================================================
12:14:21.0127 6112 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:14:21.0127 6112 ============================================================
12:14:21.0127 6112 \Device\Harddisk0\DR0:
12:14:21.0127 6112 MBR partitions:
12:14:21.0127 6112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1750C000
12:14:21.0127 6112 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x177FA800, BlocksNum 0x1713E000
12:14:21.0127 6112 ============================================================
12:14:21.0268 6112 C: <-> \Device\Harddisk0\DR0\Partition1
12:14:21.0393 6112 E: <-> \Device\Harddisk0\DR0\Partition2
12:14:21.0393 6112 ============================================================
12:14:21.0393 6112 Initialize success
12:14:21.0393 6112 ============================================================
12:15:29.0050 2908 ============================================================
12:15:29.0050 2908 Scan started
12:15:29.0050 2908 Mode: Manual; SigCheck; TDLFS;
12:15:29.0050 2908 ============================================================
12:15:29.0424 2908 ================ Scan system memory ========================
12:15:29.0424 2908 System memory - ok
12:15:29.0424 2908 ================ Scan services =============================
12:15:29.0596 2908 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:15:29.0721 2908 ACPI - ok
12:15:29.0861 2908 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:15:29.0877 2908 AdobeFlashPlayerUpdateSvc - ok
12:15:29.0923 2908 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:15:29.0955 2908 adp94xx - ok
12:15:29.0955 2908 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:15:29.0970 2908 adpahci - ok
12:15:30.0001 2908 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:15:30.0017 2908 adpu160m - ok
12:15:30.0033 2908 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:15:30.0048 2908 adpu320 - ok
12:15:30.0079 2908 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:15:30.0111 2908 AeLookupSvc - ok
12:15:30.0157 2908 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:15:30.0189 2908 AFD - ok
12:15:30.0251 2908 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:15:30.0267 2908 agp440 - ok
12:15:30.0282 2908 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:15:30.0298 2908 aic78xx - ok
12:15:30.0329 2908 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:15:30.0376 2908 ALG - ok
12:15:30.0407 2908 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
12:15:30.0423 2908 aliide - ok
12:15:30.0469 2908 [ 761F38EE3C1146A7434AD72763382544 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:15:30.0501 2908 AMD External Events Utility - ok
12:15:30.0532 2908 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:15:30.0547 2908 amdagp - ok
12:15:30.0563 2908 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
12:15:30.0579 2908 amdide - ok
12:15:30.0594 2908 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:15:30.0641 2908 AmdK7 - ok
12:15:30.0657 2908 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:15:30.0688 2908 AmdK8 - ok
12:15:30.0766 2908 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
12:15:30.0781 2908 AntiVirSchedulerService - ok
12:15:30.0813 2908 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
12:15:30.0828 2908 AntiVirService - ok
12:15:30.0859 2908 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:15:30.0875 2908 AntiVirWebService - ok
12:15:30.0937 2908 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:15:30.0984 2908 Appinfo - ok
12:15:31.0093 2908 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:15:31.0093 2908 Apple Mobile Device - ok
12:15:31.0109 2908 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
12:15:31.0125 2908 arc - ok
12:15:31.0140 2908 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:15:31.0171 2908 arcsas - ok
12:15:31.0203 2908 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:15:31.0265 2908 AsyncMac - ok
12:15:31.0281 2908 [ 9C0E70031905ADBF94EDB9EA14AF943B ] atapi C:\Windows\system32\drivers\atapi.sys
12:15:31.0296 2908 atapi - ok
12:15:31.0437 2908 [ 53DF058C7115B3E6259954D2A2DBF8E9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:15:31.0577 2908 atikmdag - ok
12:15:31.0624 2908 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:15:31.0655 2908 AudioEndpointBuilder - ok
12:15:31.0671 2908 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:15:31.0686 2908 Audiosrv - ok
12:15:31.0702 2908 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:15:31.0717 2908 avgntflt - ok
12:15:31.0749 2908 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:15:31.0764 2908 avipbb - ok
12:15:31.0780 2908 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:15:31.0795 2908 avkmgr - ok
12:15:31.0827 2908 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:15:31.0858 2908 Beep - ok
12:15:31.0920 2908 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:15:31.0936 2908 BFE - ok
12:15:31.0998 2908 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:15:32.0061 2908 BITS - ok
12:15:32.0076 2908 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:15:32.0123 2908 blbdrive - ok
12:15:32.0185 2908 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:15:32.0217 2908 Bonjour Service - ok
12:15:32.0248 2908 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:15:32.0263 2908 bowser - ok
12:15:32.0295 2908 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:15:32.0326 2908 BrFiltLo - ok
12:15:32.0326 2908 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:15:32.0373 2908 BrFiltUp - ok
12:15:32.0404 2908 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:15:32.0466 2908 Browser - ok
12:15:32.0497 2908 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:15:32.0560 2908 Brserid - ok
12:15:32.0575 2908 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:15:32.0622 2908 BrSerWdm - ok
12:15:32.0622 2908 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:15:32.0685 2908 BrUsbMdm - ok
12:15:32.0716 2908 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:15:32.0763 2908 BrUsbSer - ok
12:15:32.0778 2908 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:15:32.0841 2908 BTHMODEM - ok
12:15:32.0887 2908 [ F1140ED3A1E1D6824A63F27AFD9EEF32 ] camsvc C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
12:15:32.0903 2908 camsvc - ok
12:15:32.0934 2908 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:15:32.0965 2908 cdfs - ok
12:15:32.0997 2908 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:15:33.0028 2908 cdrom - ok
12:15:33.0075 2908 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:15:33.0121 2908 CertPropSvc - ok
12:15:33.0153 2908 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
12:15:33.0199 2908 circlass - ok
12:15:33.0231 2908 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:15:33.0262 2908 CLFS - ok
12:15:33.0324 2908 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:15:33.0340 2908 clr_optimization_v2.0.50727_32 - ok
12:15:33.0402 2908 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:15:33.0433 2908 CmBatt - ok
12:15:33.0449 2908 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:15:33.0465 2908 cmdide - ok
12:15:33.0480 2908 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:15:33.0496 2908 Compbatt - ok
12:15:33.0496 2908 COMSysApp - ok
12:15:33.0543 2908 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
12:15:33.0558 2908 ConfigFree Service - ok
12:15:33.0574 2908 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:15:33.0589 2908 crcdisk - ok
12:15:33.0605 2908 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:15:33.0636 2908 Crusoe - ok
12:15:33.0683 2908 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:15:33.0714 2908 CryptSvc - ok
12:15:33.0777 2908 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:15:33.0823 2908 DcomLaunch - ok
12:15:33.0839 2908 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:15:33.0870 2908 DfsC - ok
12:15:33.0948 2908 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:15:34.0026 2908 DFSR - ok
12:15:34.0073 2908 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:15:34.0104 2908 Dhcp - ok
12:15:34.0135 2908 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:15:34.0151 2908 disk - ok
12:15:34.0182 2908 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:15:34.0213 2908 Dnscache - ok
12:15:34.0229 2908 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:15:34.0260 2908 dot3svc - ok
12:15:34.0291 2908 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:15:34.0323 2908 DPS - ok
12:15:34.0354 2908 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:15:34.0401 2908 drmkaud - ok
12:15:34.0447 2908 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:15:34.0479 2908 DXGKrnl - ok
12:15:34.0510 2908 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:15:34.0541 2908 E1G60 - ok
12:15:34.0572 2908 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:15:34.0619 2908 EapHost - ok
12:15:34.0666 2908 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:15:34.0681 2908 Ecache - ok
12:15:34.0744 2908 [ 3A511ED3C9A9DA2CD5A50FF46178063A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:15:34.0806 2908 ehRecvr - ok
12:15:34.0822 2908 [ A3D94C93333619458AF4BDE7531234C5 ] ehSched C:\Windows\ehome\ehsched.exe
12:15:34.0853 2908 ehSched - ok
12:15:34.0884 2908 [ 487BA5C5BB442BD172F120DC197811C2 ] ehstart C:\Windows\ehome\ehstart.dll
12:15:34.0915 2908 ehstart - ok
12:15:34.0962 2908 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:15:34.0978 2908 elxstor - ok
12:15:35.0025 2908 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:15:35.0087 2908 EMDMgmt - ok
12:15:35.0103 2908 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:15:35.0149 2908 ErrDev - ok
12:15:35.0181 2908 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:15:35.0227 2908 EventSystem - ok
12:15:35.0274 2908 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:15:35.0305 2908 exfat - ok
12:15:35.0337 2908 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:15:35.0383 2908 fastfat - ok
12:15:35.0446 2908 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:15:35.0493 2908 fdc - ok
12:15:35.0524 2908 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:15:35.0555 2908 fdPHost - ok
12:15:35.0555 2908 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:15:35.0617 2908 FDResPub - ok
12:15:35.0633 2908 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:15:35.0649 2908 FileInfo - ok
12:15:35.0680 2908 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:15:35.0711 2908 Filetrace - ok
12:15:35.0727 2908 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:15:35.0758 2908 flpydisk - ok
12:15:35.0789 2908 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:15:35.0805 2908 FltMgr - ok
12:15:35.0867 2908 [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache C:\Windows\system32\FntCache.dll
12:15:35.0929 2908 FontCache - ok
12:15:35.0992 2908 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:15:35.0992 2908 FontCache3.0.0.0 - ok
12:15:36.0054 2908 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
12:15:36.0070 2908 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0070 2908 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
12:15:36.0101 2908 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
12:15:36.0117 2908 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0117 2908 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
12:15:36.0132 2908 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:15:36.0163 2908 Fs_Rec - ok
12:15:36.0195 2908 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:15:36.0210 2908 gagp30kx - ok
12:15:36.0273 2908 [ 54FD6B2F163782914F1205D51FEDD3EF ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
12:15:36.0288 2908 GameConsoleService - ok
12:15:36.0319 2908 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:15:36.0335 2908 GEARAspiWDM - ok
12:15:36.0397 2908 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:15:36.0397 2908 GoogleDesktopManager-051210-111108 - ok
12:15:36.0429 2908 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:15:36.0491 2908 gpsvc - ok
12:15:36.0538 2908 [ 1BF044E23206FDDC16891A32922D571B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:15:36.0553 2908 gusvc - ok
12:15:36.0600 2908 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:15:36.0663 2908 HdAudAddService - ok
12:15:36.0694 2908 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:15:36.0741 2908 HDAudBus - ok
12:15:36.0741 2908 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:15:36.0803 2908 HidBth - ok
12:15:36.0834 2908 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:15:36.0897 2908 HidIr - ok
12:15:36.0928 2908 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:15:36.0959 2908 hidserv - ok
12:15:36.0990 2908 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:15:37.0037 2908 HidUsb - ok
12:15:37.0084 2908 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:15:37.0115 2908 hkmsvc - ok
12:15:37.0146 2908 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:15:37.0162 2908 HpCISSs - ok
12:15:37.0209 2908 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:15:37.0240 2908 HTTP - ok
12:15:37.0271 2908 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:15:37.0287 2908 i2omp - ok
12:15:37.0318 2908 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:15:37.0365 2908 i8042prt - ok
12:15:37.0396 2908 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:15:37.0411 2908 iaStor - ok
12:15:37.0458 2908 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:15:37.0474 2908 iaStorV - ok
12:15:37.0552 2908 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:15:37.0614 2908 idsvc - ok
12:15:37.0677 2908 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:15:37.0692 2908 iirsp - ok
12:15:37.0739 2908 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:15:37.0786 2908 IKEEXT - ok
12:15:37.0895 2908 [ 2E4F8AD76CB1203D68DB6E8F02E4AF74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:15:37.0942 2908 IntcAzAudAddService - ok
12:15:38.0004 2908 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:15:38.0020 2908 intelide - ok
12:15:38.0035 2908 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:15:38.0067 2908 intelppm - ok
12:15:38.0098 2908 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:15:38.0145 2908 IPBusEnum - ok
12:15:38.0176 2908 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:15:38.0223 2908 IpFilterDriver - ok
12:15:38.0254 2908 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:15:38.0285 2908 iphlpsvc - ok
12:15:38.0301 2908 IpInIp - ok
12:15:38.0316 2908 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:15:38.0347 2908 IPMIDRV - ok
12:15:38.0363 2908 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:15:38.0394 2908 IPNAT - ok
12:15:38.0441 2908 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:15:38.0472 2908 iPod Service - ok
12:15:38.0488 2908 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:15:38.0535 2908 IRENUM - ok
12:15:38.0550 2908 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:15:38.0566 2908 isapnp - ok
12:15:38.0613 2908 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:15:38.0628 2908 iScsiPrt - ok
12:15:38.0628 2908 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:15:38.0644 2908 iteatapi - ok
12:15:38.0644 2908 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:15:38.0659 2908 iteraid - ok
12:15:38.0675 2908 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:15:38.0691 2908 kbdclass - ok
12:15:38.0706 2908 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:15:38.0753 2908 kbdhid - ok
12:15:38.0769 2908 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:15:38.0800 2908 KeyIso - ok
12:15:38.0847 2908 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:15:38.0862 2908 KSecDD - ok
12:15:38.0925 2908 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:15:38.0971 2908 KtmRm - ok
12:15:39.0003 2908 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:15:39.0034 2908 LanmanServer - ok
12:15:39.0065 2908 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:15:39.0096 2908 LanmanWorkstation - ok
12:15:39.0127 2908 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:15:39.0159 2908 lltdio - ok
12:15:39.0190 2908 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:15:39.0221 2908 lltdsvc - ok
12:15:39.0252 2908 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:15:39.0283 2908 lmhosts - ok
12:15:39.0299 2908 [ 31F74D5D47EEA83E5E89447586917774 ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
12:15:39.0299 2908 LPCFilter - ok
12:15:39.0346 2908 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:15:39.0361 2908 LSI_FC - ok
12:15:39.0361 2908 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:15:39.0377 2908 LSI_SAS - ok
12:15:39.0393 2908 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:15:39.0393 2908 LSI_SCSI - ok
12:15:39.0408 2908 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:15:39.0455 2908 luafv - ok
12:15:39.0533 2908 [ C226CE46CD17FCE6261A9DE406F01C8B ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
12:15:39.0533 2908 McAfee SiteAdvisor Service - ok
12:15:39.0595 2908 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
12:15:39.0611 2908 McComponentHostService - ok
12:15:39.0642 2908 [ 3BD2AD18179DEAD6652E87157FB98E4A ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:15:39.0673 2908 Mcx2Svc - ok
12:15:39.0705 2908 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
12:15:39.0720 2908 megasas - ok
12:15:39.0736 2908 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:15:39.0767 2908 MegaSR - ok
12:15:39.0798 2908 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:15:39.0845 2908 MMCSS - ok
12:15:39.0861 2908 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:15:39.0907 2908 Modem - ok
12:15:39.0954 2908 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:15:39.0985 2908 monitor - ok
12:15:40.0017 2908 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:15:40.0032 2908 mouclass - ok
12:15:40.0048 2908 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:15:40.0079 2908 mouhid - ok
12:15:40.0095 2908 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:15:40.0110 2908 MountMgr - ok
12:15:40.0173 2908 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:15:40.0188 2908 MozillaMaintenance - ok
12:15:40.0219 2908 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
12:15:40.0235 2908 mpio - ok
12:15:40.0251 2908 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:15:40.0282 2908 mpsdrv - ok
12:15:40.0329 2908 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:15:40.0375 2908 MpsSvc - ok
12:15:40.0422 2908 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:15:40.0438 2908 Mraid35x - ok
12:15:40.0453 2908 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:15:40.0469 2908 MRxDAV - ok
12:15:40.0500 2908 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:15:40.0516 2908 mrxsmb - ok
12:15:40.0547 2908 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:15:40.0578 2908 mrxsmb10 - ok
12:15:40.0609 2908 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:15:40.0625 2908 mrxsmb20 - ok
12:15:40.0672 2908 [ AA305CFF241DA187BD5077DE4A2A043D ] msahci C:\Windows\system32\drivers\msahci.sys
12:15:40.0672 2908 msahci - ok
12:15:40.0687 2908 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:15:40.0703 2908 msdsm - ok
12:15:40.0719 2908 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:15:40.0750 2908 MSDTC - ok
12:15:40.0781 2908 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:15:40.0812 2908 Msfs - ok
12:15:40.0859 2908 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:15:40.0875 2908 msisadrv - ok
12:15:40.0890 2908 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:15:40.0937 2908 MSiSCSI - ok
12:15:40.0937 2908 msiserver - ok
12:15:40.0968 2908 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:15:41.0015 2908 MSKSSRV - ok
12:15:41.0031 2908 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:15:41.0062 2908 MSPCLOCK - ok
12:15:41.0077 2908 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:15:41.0093 2908 MSPQM - ok
12:15:41.0140 2908 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:15:41.0155 2908 MsRPC - ok
12:15:41.0187 2908 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:15:41.0202 2908 mssmbios - ok
12:15:41.0218 2908 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:15:41.0249 2908 MSTEE - ok
12:15:41.0265 2908 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:15:41.0280 2908 Mup - ok
12:15:41.0311 2908 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:15:41.0358 2908 napagent - ok
12:15:41.0405 2908 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:15:41.0421 2908 NativeWifiP - ok
12:15:41.0467 2908 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:15:41.0483 2908 NDIS - ok
12:15:41.0514 2908 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:15:41.0545 2908 NdisTapi - ok
12:15:41.0561 2908 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:15:41.0577 2908 Ndisuio - ok
12:15:41.0623 2908 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:15:41.0639 2908 NdisWan - ok
12:15:41.0670 2908 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:15:41.0701 2908 NDProxy - ok
12:15:41.0701 2908 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:15:41.0748 2908 NetBIOS - ok
12:15:41.0764 2908 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:15:41.0811 2908 netbt - ok
12:15:41.0826 2908 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:15:41.0842 2908 Netlogon - ok
12:15:41.0873 2908 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:15:41.0920 2908 Netman - ok
12:15:41.0935 2908 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:15:41.0982 2908 netprofm - ok
12:15:42.0029 2908 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:15:42.0029 2908 NetTcpPortSharing - ok
12:15:42.0076 2908 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:15:42.0091 2908 nfrd960 - ok
12:15:42.0123 2908 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:15:42.0154 2908 NlaSvc - ok
12:15:42.0169 2908 [ 28E36E677849174C910FAAEAD3E60E9E ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
12:15:42.0216 2908 nmwcd - ok
12:15:42.0247 2908 [ 3823DEB17F9F6775DE0187A98FA0536D ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
12:15:42.0279 2908 nmwcdc - ok
12:15:42.0294 2908 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:15:42.0325 2908 Npfs - ok
12:15:42.0341 2908 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:15:42.0372 2908 nsi - ok
12:15:42.0403 2908 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:15:42.0435 2908 nsiproxy - ok
12:15:42.0497 2908 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:15:42.0528 2908 Ntfs - ok
12:15:42.0544 2908 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:15:42.0591 2908 ntrigdigi - ok
12:15:42.0606 2908 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:15:42.0653 2908 Null - ok
12:15:42.0669 2908 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:15:42.0669 2908 nvraid - ok
12:15:42.0700 2908 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:15:42.0715 2908 nvstor - ok
12:15:42.0715 2908 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:15:42.0731 2908 nv_agp - ok
12:15:42.0731 2908 NwlnkFlt - ok
12:15:42.0747 2908 NwlnkFwd - ok
12:15:42.0809 2908 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:15:42.0825 2908 odserv - ok
12:15:42.0871 2908 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:15:42.0918 2908 ohci1394 - ok
12:15:42.0965 2908 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:42.0965 2908 ose - ok
12:15:43.0027 2908 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:15:43.0074 2908 p2pimsvc - ok
12:15:43.0090 2908 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:15:43.0105 2908 p2psvc - ok
12:15:43.0137 2908 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:15:43.0183 2908 Parport - ok
12:15:43.0215 2908 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:15:43.0230 2908 partmgr - ok
12:15:43.0246 2908 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:15:43.0293 2908 Parvdm - ok
12:15:43.0324 2908 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:15:43.0339 2908 PcaSvc - ok
12:15:43.0386 2908 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:15:43.0402 2908 pccsmcfd - ok
12:15:43.0433 2908 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:15:43.0449 2908 pci - ok
12:15:43.0464 2908 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
12:15:43.0480 2908 pciide - ok
12:15:43.0495 2908 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:15:43.0511 2908 pcmcia - ok
12:15:43.0573 2908 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:15:43.0636 2908 PEAUTH - ok
12:15:43.0683 2908 [ 28F7FFFF50C474CF8BE16A2CACC7CE42 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
12:15:43.0698 2908 PGEffect - ok
12:15:43.0761 2908 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:15:43.0839 2908 pla - ok
12:15:43.0870 2908 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:15:43.0901 2908 PlugPlay - ok
12:15:43.0932 2908 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:15:43.0948 2908 PNRPAutoReg - ok
12:15:43.0963 2908 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:15:43.0995 2908 PNRPsvc - ok
12:15:44.0026 2908 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:15:44.0041 2908 PolicyAgent - ok
12:15:44.0088 2908 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:15:44.0104 2908 PptpMiniport - ok
12:15:44.0135 2908 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
12:15:44.0182 2908 Processor - ok
12:15:44.0197 2908 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:15:44.0229 2908 ProfSvc - ok
12:15:44.0244 2908 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:15:44.0260 2908 ProtectedStorage - ok
12:15:44.0291 2908 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:15:44.0322 2908 PSched - ok
12:15:44.0338 2908 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:15:44.0353 2908 PxHelp20 - ok
12:15:44.0400 2908 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:15:44.0447 2908 ql2300 - ok
12:15:44.0447 2908 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:15:44.0463 2908 ql40xx - ok
12:15:44.0494 2908 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:15:44.0541 2908 QWAVE - ok
12:15:44.0556 2908 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:15:44.0572 2908 QWAVEdrv - ok
12:15:44.0587 2908 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:15:44.0619 2908 RasAcd - ok
12:15:44.0634 2908 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:15:44.0681 2908 RasAuto - ok
12:15:44.0697 2908 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:15:44.0743 2908 Rasl2tp - ok
12:15:44.0759 2908 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:15:44.0806 2908 RasMan - ok
12:15:44.0853 2908 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:15:44.0884 2908 RasPppoe - ok
12:15:44.0899 2908 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:15:44.0915 2908 RasSstp - ok
12:15:44.0946 2908 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:15:44.0993 2908 rdbss - ok
12:15:45.0024 2908 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:15:45.0055 2908 RDPCDD - ok
12:15:45.0087 2908 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:15:45.0118 2908 rdpdr - ok
12:15:45.0118 2908 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:15:45.0149 2908 RDPENCDD - ok
12:15:45.0196 2908 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:15:45.0227 2908 RDPWD - ok
12:15:45.0274 2908 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:15:45.0305 2908 RemoteAccess - ok
12:15:45.0336 2908 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:15:45.0367 2908 RemoteRegistry - ok
12:15:45.0383 2908 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:15:45.0414 2908 RpcLocator - ok
12:15:45.0445 2908 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:15:45.0461 2908 RpcSs - ok
12:15:45.0492 2908 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:15:45.0523 2908 rspndr - ok
12:15:45.0555 2908 [ D85DA4371AF61359EDFCA4EA06619DD4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
12:15:45.0555 2908 RTHDMIAzAudService - ok
12:15:45.0601 2908 [ 470253597930E765DD08B30E723C1FA2 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
12:15:45.0633 2908 RTL8169 - ok
12:15:45.0664 2908 [ 3E29AB4BC6C174B87D31BF2A94B8AD67 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
12:15:45.0711 2908 rtl8192se - ok
12:15:45.0742 2908 [ 0D60B8C10A2C5E8DD620B3FDEB1CDA64 ] RtlProt C:\Windows\system32\DRIVERS\rtlprot.sys
12:15:45.0757 2908 RtlProt - ok
12:15:45.0773 2908 [ 52532A4CA8B251775DECC87C4813ABFB ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
12:15:45.0789 2908 RTSTOR - ok
12:15:45.0804 2908 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:15:45.0820 2908 SamSs - ok
12:15:45.0851 2908 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:15:45.0867 2908 sbp2port - ok
12:15:45.0898 2908 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:15:45.0929 2908 SCardSvr - ok
12:15:45.0960 2908 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:15:45.0991 2908 Schedule - ok
12:15:46.0023 2908 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:15:46.0038 2908 SCPolicySvc - ok
12:15:46.0085 2908 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:15:46.0116 2908 SDRSVC - ok
12:15:46.0163 2908 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:15:46.0225 2908 secdrv - ok
12:15:46.0257 2908 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:15:46.0272 2908 seclogon - ok
12:15:46.0288 2908 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:15:46.0319 2908 SENS - ok
12:15:46.0335 2908 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:15:46.0381 2908 Serenum - ok
12:15:46.0381 2908 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
12:15:46.0428 2908 Serial - ok
12:15:46.0428 2908 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:15:46.0459 2908 sermouse - ok
12:15:46.0537 2908 [ 5BF59C6BC737BAAF541168E5CB2EC1D9 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:15:46.0584 2908 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:15:46.0584 2908 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:15:46.0615 2908 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:15:46.0647 2908 SessionEnv - ok
12:15:46.0662 2908 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:15:46.0678 2908 sffdisk - ok
12:15:46.0693 2908 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:15:46.0725 2908 sffp_mmc - ok
12:15:46.0740 2908 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:15:46.0771 2908 sffp_sd - ok
12:15:46.0803 2908 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:15:46.0834 2908 sfloppy - ok
12:15:46.0881 2908 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:15:46.0912 2908 SharedAccess - ok
12:15:46.0943 2908 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:15:46.0959 2908 ShellHWDetection - ok
12:15:46.0990 2908 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:15:47.0005 2908 sisagp - ok
12:15:47.0005 2908 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:15:47.0021 2908 SiSRaid2 - ok
12:15:47.0037 2908 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:15:47.0052 2908 SiSRaid4 - ok
12:15:47.0083 2908 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:15:47.0099 2908 SkypeUpdate - ok
12:15:47.0193 2908 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:15:47.0302 2908 slsvc - ok
12:15:47.0349 2908 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:15:47.0380 2908 SLUINotify - ok
12:15:47.0395 2908 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:15:47.0427 2908 Smb - ok
12:15:47.0458 2908 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:15:47.0473 2908 SNMPTRAP - ok
12:15:47.0505 2908 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:15:47.0505 2908 spldr - ok
12:15:47.0551 2908 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:15:47.0567 2908 Spooler - ok
12:15:47.0598 2908 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:15:47.0629 2908 srv - ok
12:15:47.0645 2908 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:15:47.0676 2908 srv2 - ok
12:15:47.0676 2908 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:15:47.0723 2908 srvnet - ok
12:15:47.0754 2908 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:15:47.0785 2908 SSDPSRV - ok
12:15:47.0801 2908 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
12:15:47.0817 2908 ssmdrv - ok
12:15:47.0832 2908 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:15:47.0848 2908 SstpSvc - ok
12:15:47.0895 2908 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
12:15:47.0895 2908 ss_bbus - ok
12:15:47.0926 2908 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
12:15:47.0941 2908 ss_bmdfl - ok
12:15:47.0957 2908 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
12:15:47.0973 2908 ss_bmdm - ok
12:15:48.0035 2908 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:15:48.0066 2908 stisvc - ok
12:15:48.0097 2908 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:15:48.0113 2908 swenum - ok
12:15:48.0144 2908 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:15:48.0191 2908 swprv - ok
12:15:48.0207 2908 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:15:48.0222 2908 Symc8xx - ok
12:15:48.0238 2908 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:15:48.0253 2908 Sym_hi - ok
12:15:48.0285 2908 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:15:48.0285 2908 Sym_u3 - ok
12:15:48.0347 2908 [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:15:48.0363 2908 SynTP - ok
12:15:48.0394 2908 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:15:48.0456 2908 SysMain - ok
12:15:48.0487 2908 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:15:48.0519 2908 TabletInputService - ok
12:15:48.0550 2908 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:15:48.0597 2908 TapiSrv - ok
12:15:48.0612 2908 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:15:48.0643 2908 TBS - ok
12:15:48.0706 2908 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:15:48.0737 2908 Tcpip - ok
12:15:48.0753 2908 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:15:48.0784 2908 Tcpip6 - ok
12:15:48.0815 2908 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:15:48.0831 2908 tcpipreg - ok
12:15:48.0862 2908 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:15:48.0877 2908 tdcmdpst - ok
12:15:48.0909 2908 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:15:48.0955 2908 TDPIPE - ok
12:15:48.0955 2908 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:15:48.0987 2908 TDTCP - ok
12:15:49.0018 2908 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:15:49.0033 2908 tdx - ok
12:15:49.0080 2908 [ 24EA631FEC13E87AFE07A2B28732EF38 ] TemproMonitoringService C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
12:15:49.0096 2908 TemproMonitoringService - ok
12:15:49.0111 2908 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:15:49.0127 2908 TermDD - ok
12:15:49.0158 2908 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:15:49.0189 2908 TermService - ok
12:15:49.0221 2908 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:15:49.0236 2908 Themes - ok
12:15:49.0252 2908 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:15:49.0267 2908 THREADORDER - ok
12:15:49.0299 2908 [ FB8448D1B0DA00D70C28ADF9282B31BB ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
12:15:49.0314 2908 TMachInfo - ok
12:15:49.0361 2908 [ 22BC804EFE155F54252F389B0781D7F2 ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
12:15:49.0361 2908 TNaviSrv - ok
12:15:49.0408 2908 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
12:15:49.0408 2908 TODDSrv - ok
12:15:49.0486 2908 [ 5557E7F940CBCF09BE43379F551F6689 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:15:49.0501 2908 TosCoSrv - ok
12:15:49.0564 2908 [ 9D1C30CE9F1A8488D5D9102C0820743D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
12:15:49.0579 2908 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
12:15:49.0579 2908 TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
12:15:49.0626 2908 [ B792D35B8BDC5FC4106808FF5C7770AB ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
12:15:49.0642 2908 TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - warning
12:15:49.0642 2908 TOSHIBA HDD SSD Alert Service - detected UnsignedFile.Multi.Generic (1)
12:15:49.0673 2908 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
12:15:49.0689 2908 tos_sps32 - ok
12:15:49.0751 2908 [ 1A6FA701F66B58192B814570322521B2 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
12:15:49.0767 2908 TPCHSrv - ok
12:15:49.0798 2908 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:15:49.0845 2908 TrkWks - ok
12:15:49.0891 2908 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:15:49.0907 2908 TrustedInstaller - ok
12:15:49.0938 2908 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:15:49.0969 2908 tssecsrv - ok
12:15:50.0001 2908 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:15:50.0016 2908 tunmp - ok
12:15:50.0047 2908 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:15:50.0063 2908 tunnel - ok
12:15:50.0094 2908 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:15:50.0110 2908 TVALZ - ok
12:15:50.0141 2908 [ 009AECD4C19209B09669A6615EA1E889 ] TVALZFL C:\Windows\system32\DRIVERS\TVALZFL.sys
12:15:50.0141 2908 TVALZFL - ok
12:15:50.0172 2908 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:15:50.0188 2908 uagp35 - ok
12:15:50.0235 2908 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:15:50.0250 2908 udfs - ok
12:15:50.0297 2908 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:15:50.0344 2908 UI0Detect - ok
12:15:50.0375 2908 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:15:50.0391 2908 uliagpkx - ok
12:15:50.0406 2908 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:15:50.0437 2908 uliahci - ok
12:15:50.0437 2908 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:15:50.0453 2908 UlSata - ok
12:15:50.0484 2908 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:15:50.0484 2908 ulsata2 - ok
12:15:50.0531 2908 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:15:50.0578 2908 umbus - ok
12:15:50.0625 2908 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:15:50.0656 2908 upnphost - ok
12:15:50.0687 2908 [ B1B8BEE26227DAD9835019201552CB05 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:15:50.0703 2908 upperdev - ok
12:15:50.0749 2908 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:15:50.0765 2908 USBAAPL - ok
12:15:50.0796 2908 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:15:50.0843 2908 usbccgp - ok
12:15:50.0859 2908 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:15:50.0905 2908 usbcir - ok
12:15:50.0937 2908 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:15:50.0968 2908 usbehci - ok
12:15:50.0983 2908 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:15:51.0015 2908 usbhub - ok
12:15:51.0046 2908 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:15:51.0093 2908 usbohci - ok
12:15:51.0124 2908 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:15:51.0139 2908 usbprint - ok
12:15:51.0186 2908 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\drivers\usbser.sys
12:15:51.0202 2908 usbser - ok
12:15:51.0217 2908 [ 98E1FF1D732C6C7200B6C59D4FF8C1C3 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:15:51.0249 2908 UsbserFilt - ok
12:15:51.0295 2908 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:15:51.0311 2908 USBSTOR - ok
12:15:51.0327 2908 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:15:51.0373 2908 usbuhci - ok
12:15:51.0405 2908 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:15:51.0436 2908 usbvideo - ok
12:15:51.0451 2908 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:15:51.0467 2908 UxSms - ok
12:15:51.0498 2908 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:15:51.0545 2908 vds - ok
12:15:51.0592 2908 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:15:51.0623 2908 vga - ok
12:15:51.0639 2908 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:15:51.0670 2908 VgaSave - ok
12:15:51.0670 2908 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:15:51.0685 2908 viaagp - ok
12:15:51.0685 2908 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:15:51.0717 2908 ViaC7 - ok
12:15:51.0717 2908 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
12:15:51.0732 2908 viaide - ok
12:15:51.0748 2908 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:15:51.0763 2908 volmgr - ok
12:15:51.0795 2908 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:15:51.0810 2908 volmgrx - ok
12:15:51.0841 2908 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:15:51.0857 2908 volsnap - ok
12:15:51.0888 2908 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:15:51.0904 2908 vsmraid - ok
12:15:51.0951 2908 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:15:52.0029 2908 VSS - ok
12:15:52.0044 2908 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:15:52.0075 2908 W32Time - ok
12:15:52.0107 2908 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:15:52.0169 2908 WacomPen - ok
12:15:52.0185 2908 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:15:52.0200 2908 Wanarp - ok
12:15:52.0200 2908 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:15:52.0231 2908 Wanarpv6 - ok
12:15:52.0263 2908 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:15:52.0294 2908 wcncsvc - ok
12:15:52.0309 2908 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:15:52.0356 2908 WcsPlugInService - ok
12:15:52.0387 2908 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
12:15:52.0403 2908 Wd - ok
12:15:52.0434 2908 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:15:52.0450 2908 Wdf01000 - ok
12:15:52.0465 2908 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:15:52.0512 2908 WdiServiceHost - ok
12:15:52.0512 2908 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:15:52.0543 2908 WdiSystemHost - ok
12:15:52.0575 2908 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:15:52.0590 2908 WebClient - ok
12:15:52.0606 2908 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:15:52.0637 2908 Wecsvc - ok
12:15:52.0668 2908 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:15:52.0715 2908 wercplsupport - ok
12:15:52.0731 2908 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:15:52.0762 2908 WerSvc - ok
12:15:52.0809 2908 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:15:52.0824 2908 WinDefend - ok
12:15:52.0840 2908 WinHttpAutoProxySvc - ok
12:15:52.0887 2908 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:15:52.0902 2908 Winmgmt - ok
12:15:52.0933 2908 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
12:15:52.0980 2908 WinRM - ok
12:15:53.0027 2908 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:15:53.0058 2908 Wlansvc - ok
12:15:53.0074 2908 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:15:53.0105 2908 WmiAcpi - ok
12:15:53.0152 2908 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:15:53.0183 2908 wmiApSrv - ok
12:15:53.0245 2908 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:15:53.0277 2908 WMPNetworkSvc - ok
12:15:53.0308 2908 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:15:53.0339 2908 WPCSvc - ok
12:15:53.0370 2908 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:15:53.0386 2908 WPDBusEnum - ok
12:15:53.0417 2908 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:15:53.0448 2908 WpdUsb - ok
12:15:53.0479 2908 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:15:53.0511 2908 ws2ifsl - ok
12:15:53.0542 2908 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:15:53.0557 2908 wscsvc - ok
12:15:53.0573 2908 WSearch - ok
12:15:53.0651 2908 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:15:53.0713 2908 wuauserv - ok
12:15:53.0745 2908 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:15:53.0776 2908 WUDFRd - ok
12:15:53.0854 2908 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:15:53.0901 2908 wudfsvc - ok
12:15:53.0901 2908 ================ Scan global ===============================
12:15:53.0932 2908 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:15:53.0979 2908 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:15:53.0994 2908 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:15:54.0025 2908 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:15:54.0025 2908 [Global] - ok
12:15:54.0025 2908 ================ Scan MBR ==================================
12:15:54.0041 2908 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:15:55.0320 2908 \Device\Harddisk0\DR0 - ok
12:15:55.0320 2908 ================ Scan VBR ==================================
12:15:55.0351 2908 [ 6046502FFCCD6478DCEADF19556E819B ] \Device\Harddisk0\DR0\Partition1
12:15:55.0351 2908 \Device\Harddisk0\DR0\Partition1 - ok
12:15:55.0367 2908 [ 9265617E33251A4B1BCBDABF9BDA7BA5 ] \Device\Harddisk0\DR0\Partition2
12:15:55.0383 2908 \Device\Harddisk0\DR0\Partition2 - ok
12:15:55.0383 2908 ============================================================
12:15:55.0383 2908 Scan finished
12:15:55.0383 2908 ============================================================
12:15:55.0398 3892 Detected object count: 5
12:15:55.0398 3892 Actual detected object count: 5
12:17:24.0147 3892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0147 3892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:24.0147 3892 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0147 3892 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:24.0147 3892 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0147 3892 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:24.0162 3892 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0162 3892 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:24.0162 3892 TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0162 3892 TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-03 11:45:00
-----------------------------
11:45:00.990 OS Version: Windows 6.0.6002 Service Pack 2
11:45:00.990 Number of processors: 2 586 0x170A
11:45:00.990 ComputerName: SARAHS-PC UserName: Kirsten_2
11:45:28.116 Initialize success
11:55:43.536 AVAST engine defs: 13010201
11:56:06.000 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:56:06.015 Disk 0 Vendor: TOSHIBA_ FG01 Size: 381554MB BusType: 3
11:56:06.031 Disk 0 MBR read successfully
11:56:06.031 Disk 0 MBR scan
11:56:06.031 Disk 0 Windows VISTA default MBR code
11:56:06.046 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
11:56:06.062 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 191000 MB offset 3074048
11:56:06.093 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 189052 MB offset 394242048
11:56:06.109 Disk 0 scanning sectors +781420544
11:56:06.171 Disk 0 scanning C:\Windows\system32\drivers
11:56:15.924 Service scanning
11:56:54.597 Modules scanning
11:57:04.850 Disk 0 trace - called modules:
11:57:04.881 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:57:04.881 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8703fac8]
11:57:04.881 3 CLASSPNP.SYS[8330b8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85cd1028]
11:57:05.552 AVAST engine scan C:\Windows
11:57:07.221 AVAST engine scan C:\Windows\system32
12:00:08.698 AVAST engine scan C:\Windows\system32\drivers
12:00:21.286 AVAST engine scan C:\Users\Kirsten_2
12:01:21.747 AVAST engine scan C:\ProgramData
12:03:13.794 Scan finished successfully
12:04:35.256 Disk 0 MBR has been saved successfully to "C:\Users\Kirsten_2\Desktop\Test\MBR.dat"
12:04:35.266 The log file has been saved successfully to "C:\Users\Kirsten_2\Desktop\Test\aswMBR.txt"
|
|
03.01.2013, 12:33
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes meldet Fund und Rechner ist lahm Das ist alles sehr unauffällig. War das bisher der erste und einzige Fund?`
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 12:36
| #11 |
| | Malwarebytes meldet Fund und Rechner ist lahm Ja, der eine Fund von Malwarebytes. Der Rechner ist so extrem langsam geworden. das war whnsinn. Jetzt scheint er flotter zu sein, kann das sein? |
|
03.01.2013, 12:37
| #12 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes meldet Fund und Rechner ist lahmZitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 12:43
| #13 | ||
| | Malwarebytes meldet Fund und Rechner ist lahmZitat:
Zitat:
Geändert von Elvi (03.01.2013 um 12:48 Uhr) |
|
03.01.2013, 12:46
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes meldet Fund und Rechner ist lahm Du kannst ja deine Beobachtungen schildern aber WAS bitte erwartest du von einem Helfer als Antwort wenn du ihm Input gibst wie "eben war alles langsam jetzt ist alles flott, was ist das" - merkst du denn nicht dass das einfach zu wenig Infos sind um sinnvolle Antworten finden zu können?!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2013, 12:53
| #15 |
| | Malwarebytes meldet Fund und Rechner ist lahm Lieber Cosinus, ich bin nur eine Journalistin und habe von Technik überhaupt keine Ahnung. Zudem wusste ich nicht, welch harscher Umgangston hier weht. Ich habe darum in Deinen Augen große Fehler gemacht. Sie sind jedoch meinem technischen Unvermögen geschuldet. Aufgrund meines technischen Unvermögens war ich froh, dieses Forum von Fachleuten gefunden zu haben. Dass meine Antworten leider nicht die von Dir gewünschte Präzision besitzen sondern sehr laienhaft rüberkommen, tut mir sehr leid. Ich kann Dir jedoch versichern, all meine Antworten kamen und kommen von mir mit viel Ernst an der Sache! Sollte ich Dir zu dumm sein, dann schreibe einfach, dass das mit uns hier nichts wird und ich verstehe es und werde Dich nicht weioter mit meiner Dummheit belästigen. Für alles andere noch einmal meine ehrliche Entschuldigung! Elvira |
|
| Themen zu Malwarebytes meldet Fund und Rechner ist lahm |
| anbei, ausgeführt, dankbar, forum, fund, geschwindigkeit, lahm, langsamer, malware, malwarebytes, melde, meldet, rechner, rechner wird immer langsamer, stimme, stimmen, taste, tasten |
Hybrid-Darstellung
