| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mehrere Unbekannte Kontos und VirenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.02.2013, 23:21
| #1 |
 |  Mehrere Unbekannte Kontos und Viren Hallo! Zu meinem Problem: Heute habe ich per Zufall Unbekannte Benutzerkonten hier gefunden (Computer -> Eigenschaften -> Sicherheit) 1. Ich frage mich, ob diese mit den in Avast gefundenen "Schädlingen" zusammenhängen. Da ihr ursprünglicher Ort den selben Namen trägt wie die Unbekannten Benutzerkonnten. Name: S-1-5-21........ Bild von Avast:  Ich habe schon Avast, Malwarebytes und MB Rootkit suchen lassen aber ohne Ergebnis. Mitlerweile habe ich es geschafft diese Unbekannten Benutzerkonten zu löschen. Was ich hatte sind Heimnetzgruppen (mit Xbox), verbindung mit LAN an einen zweiten Notebook und ein Gastkonto das mitlerweile schon deaktiviert ist. Windows habe ich nie neu installiert sondern nur eine Systemwiederherstellungen gemacht. Aber ich weiss nicht ob das mit dem Unbekannten Kontos zusammenhängt. Ich hoffe jemand von euch Profis kann mir bei diesen Fragen helfen. Mit freundlichen Grüßen User11 |
|
27.02.2013, 12:27
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Mehrere Unbekannte Kontos und Viren Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ |
|
27.02.2013, 19:43
| #3 |
| | Mehrere Unbekannte Kontos und Viren__________________ |
|
27.02.2013, 20:46
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mehrere Unbekannte Kontos und Viren Wir haben hier noch rein garnix analysiert und du stellst so eine Frage?! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.02.2013, 19:51
| #5 |
| | Mehrere Unbekannte Kontos und Viren Ich meine das ich schneller dran bin mit ner Neuinstallation als mit einer analyse wo meine daten sichtbar werden. |
|
01.03.2013, 13:12
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mehrere Unbekannte Kontos und Viren Nochmal: ich hab noch kein einziges Log gesehen abgesehen von dem Screenshot von avast! Wie bitte soll das einer beurteilen und vernünftig deine Frage beantworten können?! Zitat:
Du hättest in der vergangenen Zeit der beiden letzten Postings von dir hier schon längst das Log gepostet haben!
__________________ --> Mehrere Unbekannte Kontos und Viren |
|
02.03.2013, 21:08
| #7 |
| | Mehrere Unbekannte Kontos und Viren OTL File1 Code:
ATTFilter OTL logfile created on: 02.03.2013 21:01:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Besima\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 63,92% Memory free 7,72 Gb Paging File | 6,08 Gb Available in Paging File | 78,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,04 Gb Total Space | 122,66 Gb Free Space | 82,30% Space Free | Partition Type: NTFS Drive D: | 148,65 Gb Total Space | 140,42 Gb Free Space | 94,46% Space Free | Partition Type: NTFS Drive F: | 7,27 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SELVIR | User Name: Besima | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.02 21:00:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Besima\Downloads\OTL.exe PRC - [2013.03.02 17:26:22 | 001,820,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe PRC - [2013.03.02 16:10:07 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\web'n'walk Manager 1.6.exe PRC - [2013.02.28 09:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2013.02.28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2013.02.28 09:35:59 | 000,136,912 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\afwServ.exe PRC - [2013.02.16 01:33:51 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.09.02 18:25:46 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe PRC - [2010.08.27 17:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe PRC - [2010.08.15 19:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe PRC - [2010.06.03 16:09:00 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.03 12:47:38 | 004,581,280 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe PRC - [2009.07.28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe ========== Modules (No Company Name) ========== MOD - [2013.03.02 17:26:22 | 014,718,320 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll MOD - [2013.03.02 16:10:07 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\web'n'walk Manager 1.6.exe MOD - [2013.02.16 01:34:12 | 003,067,288 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2007.05.15 21:03:26 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\SMSPlugin.dll MOD - [2007.05.15 20:59:28 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\ConfigFilePlugin.dll MOD - [2007.05.09 16:31:22 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\DeviceMgrPlugin.dll MOD - [2007.05.09 15:10:00 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\LocaleMgrPlugin.dll MOD - [2007.05.09 15:08:44 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\NotifyServicePlugin.dll MOD - [2007.05.09 15:03:16 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\NetInfoPlugin.dll MOD - [2007.05.09 15:01:44 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\DialUpPlugin.dll MOD - [2007.05.09 15:00:42 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\DeviceMgrUIPlugin.dll MOD - [2007.04.27 14:53:26 | 000,049,152 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\XCodec.dll MOD - [2007.04.27 14:53:18 | 000,032,768 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\DeviceOperate.dll MOD - [2007.04.27 14:53:12 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\DetectDev.dll MOD - [2007.04.27 14:53:04 | 000,393,216 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\atcomm.dll MOD - [2007.04.04 16:43:48 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\FileManager.dll MOD - [2006.10.30 17:20:54 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\T-Mobile\web'n'walk Manager 1.6\isaputrace.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.10.05 20:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV - [2013.02.28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.02.28 09:35:59 | 000,136,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV - [2013.02.16 01:34:06 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.09.28 12:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.08.27 17:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2010.07.28 22:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.02.05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV - [2010.01.28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2009.10.06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.02 15:47:51 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter) DRV:64bit: - [2013.02.28 09:36:34 | 000,177,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013.02.28 09:36:34 | 000,068,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013.02.28 09:36:33 | 001,025,880 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013.02.28 09:36:33 | 000,377,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013.02.28 09:36:33 | 000,071,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013.02.28 09:36:33 | 000,065,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013.02.28 09:36:32 | 000,263,168 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2) DRV:64bit: - [2013.02.28 09:36:32 | 000,080,888 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013.02.28 09:36:32 | 000,022,664 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:64bit: - [2013.02.28 09:36:31 | 000,127,208 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW) DRV:64bit: - [2013.02.28 09:36:31 | 000,033,472 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2013.02.18 09:41:03 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis) DRV:64bit: - [2010.10.05 21:23:18 | 007,884,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.10.05 20:15:14 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.06.23 16:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.05.12 09:37:32 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.05.12 09:37:32 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.04.28 11:32:20 | 000,932,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV:64bit: - [2010.03.22 10:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter) DRV:64bit: - [2010.03.10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.01.07 09:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.07.30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009.07.14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007.04.20 10:56:24 | 000,112,384 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {38E6203B-6CB8-48BC-9A4B-5DC6D1B46061} IE:64bit: - HKLM\..\SearchScopes\{38E6203B-6CB8-48BC-9A4B-5DC6D1B46061}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {EC8D20F2-DB7E-4E36-9B6A-E5F51AD685E3} IE - HKLM\..\SearchScopes\{EC8D20F2-DB7E-4E36-9B6A-E5F51AD685E3}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1306237676-122710329-1887236546-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com IE - HKU\S-1-5-21-1306237676-122710329-1887236546-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba.msn.com IE - HKU\S-1-5-21-1306237676-122710329-1887236546-1000\..\SearchScopes,DefaultScope = {EC8D20F2-DB7E-4E36-9B6A-E5F51AD685E3} IE - HKU\S-1-5-21-1306237676-122710329-1887236546-1000\..\SearchScopes\{070017BD-45F7-49B0-8190-01F858236BA0}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2 IE - HKU\S-1-5-21-1306237676-122710329-1887236546-1000\..\SearchScopes\{349BC7D1-F894-4498-BDA7-CD306EC0BB0E}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms} IE - HKU\S-1-5-21-1306237676-122710329-1887236546-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1482 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.7 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.02 16:45:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.02 16:36:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.02 16:36:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besima\AppData\Roaming\mozilla\Extensions [2013.03.02 17:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besima\AppData\Roaming\mozilla\Firefox\Profiles\9llfa3a1.default\extensions [2013.03.02 17:10:48 | 000,530,982 | ---- | M] () (No name found) -- C:\Users\Besima\AppData\Roaming\mozilla\firefox\profiles\9llfa3a1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.03.02 17:11:41 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Besima\AppData\Roaming\mozilla\firefox\profiles\9llfa3a1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.03.02 16:36:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.02 16:45:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2013.02.16 01:34:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.02.16 05:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.16 05:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.02.16 05:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.02.16 05:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.16 05:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.02.16 05:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.) O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.) O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1306237676-122710329-1887236546-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F69D4A82-F2EB-4165-BF5B-C6BDC8EDC847}: NameServer = 213.162.69.170 213.162.69.2 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.05.16 18:31:20 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2007.06.25 21:36:04 | 000,000,049 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{d2ab0a4e-8349-11e2-b1c9-88252cba40c9}\Shell - "" = AutoRun O33 - MountPoints2\{d2ab0a4e-8349-11e2-b1c9-88252cba40c9}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.05.16 18:31:20 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d2ab0a52-8349-11e2-b1c9-88252cba40c9}\Shell - "" = AutoRun O33 - MountPoints2\{d2ab0a52-8349-11e2-b1c9-88252cba40c9}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.05.16 18:31:20 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.02 18:14:22 | 000,000,000 | ---D | C] -- C:\Users\Besima\Documents\Updater [2013.03.02 18:12:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF [2013.03.02 18:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared [2013.03.02 18:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2013.03.02 17:30:28 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\Macromedia [2013.03.02 17:26:22 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.02 17:26:22 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.02 17:26:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013.03.02 17:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.03.02 17:11:47 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\Adobe [2013.03.02 17:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.03.02 17:08:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.03.02 17:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.03.02 16:50:57 | 000,263,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys [2013.03.02 16:50:56 | 000,127,208 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys [2013.03.02 16:50:56 | 000,022,664 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2013.03.02 16:50:55 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys [2013.03.02 16:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2013.03.02 16:45:58 | 000,377,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.02 16:45:58 | 000,033,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.02 16:45:56 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.02 16:45:56 | 000,068,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.02 16:45:55 | 001,025,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.02 16:45:54 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.03.02 16:45:54 | 000,080,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.02 16:45:31 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.02 16:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.03.02 16:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.03.02 16:36:54 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Mozilla [2013.03.02 16:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.03.02 16:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.02 16:20:41 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\TOSHIBA_Corporation [2013.03.02 16:17:35 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2013.03.02 16:17:35 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2013.03.02 16:17:31 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\Mozilla [2013.03.02 16:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.03.02 16:11:52 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Adobe [2013.03.02 16:11:34 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.03.02 16:11:34 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2013.03.02 16:11:33 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.03.02 16:11:28 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.03.02 16:11:28 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.03.02 16:11:28 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.03.02 16:11:23 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.03.02 16:11:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.03.02 16:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\web'n'walk Manager 1.6 [2013.03.02 16:10:15 | 000,112,384 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys [2013.03.02 16:10:15 | 000,029,696 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys [2013.03.02 16:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-Mobile [2013.03.02 16:08:44 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Toshiba [2013.03.02 16:07:09 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Nero [2013.03.02 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\ATI [2013.03.02 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\ATI [2013.03.02 16:06:53 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\Toshiba [2013.03.02 16:06:31 | 000,000,000 | R--D | C] -- C:\Users\Besima\Searches [2013.03.02 16:06:31 | 000,000,000 | R--D | C] -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.03.02 16:06:22 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Identities [2013.03.02 16:06:19 | 000,000,000 | R--D | C] -- C:\Users\Besima\Contacts [2013.03.02 16:06:17 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\VirtualStore [2013.03.02 16:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope [2013.03.02 16:03:57 | 000,000,000 | --SD | C] -- C:\Users\Besima\AppData\Roaming\Microsoft [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Videos [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Saved Games [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Pictures [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Music [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Links [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Favorites [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Downloads [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Documents [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\Desktop [2013.03.02 16:03:57 | 000,000,000 | R--D | C] -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Vorlagen [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\AppData\Local\Verlauf [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\AppData\Local\Temporary Internet Files [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Startmenü [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\SendTo [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Recent [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Netzwerkumgebung [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Lokale Einstellungen [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Documents\Eigene Videos [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Documents\Eigene Musik [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Eigene Dateien [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Documents\Eigene Bilder [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Druckumgebung [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Cookies [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\AppData\Local\Anwendungsdaten [2013.03.02 16:03:57 | 000,000,000 | -HSD | C] -- C:\Users\Besima\Anwendungsdaten [2013.03.02 16:03:57 | 000,000,000 | -H-D | C] -- C:\Users\Besima\AppData [2013.03.02 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\Temp [2013.03.02 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Local\Microsoft [2013.03.02 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Media Center Programs [2013.03.02 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Besima\AppData\Roaming\Macromedia [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\Programme [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.03.02 16:03:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.03.02 15:58:58 | 000,000,000 | ---D | C] -- C:\Windows\OemDrv [2013.03.02 15:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.03.02 15:56:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013.03.02 15:54:01 | 000,035,008 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\drivers\PGEffect.sys [2013.03.02 15:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba [2013.03.02 15:52:17 | 001,103,904 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8192se.sys [2013.03.02 15:52:17 | 000,932,384 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8192ce.sys [2013.03.02 15:52:17 | 000,612,352 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl819xp.sys [2013.03.02 15:52:17 | 000,450,048 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8187B.sys [2013.03.02 15:52:17 | 000,442,368 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8187Se.sys [2013.03.02 15:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver [2013.03.02 15:51:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda [2013.03.02 15:51:53 | 007,367,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll [2013.03.02 15:51:53 | 000,422,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtsUStor.dll [2013.03.02 15:51:53 | 000,232,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys [2013.03.02 15:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2013.03.02 15:48:18 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\TSCI.dll [2013.03.02 15:48:18 | 000,024,576 | ---- | C] (Toshiba) -- C:\Windows\SysWow64\THCI.dll [2013.03.02 15:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\xp [2013.03.02 15:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_64 [2013.03.02 15:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_32 [2013.03.02 15:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\vista64 [2013.03.02 15:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\vista32 [2013.03.02 15:48:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Microsoft.VC80.MFC [2013.03.02 15:47:51 | 000,020,592 | ---- | C] (Compal Electronics, INC.) -- C:\Windows\SysNative\drivers\CeKbFilter.sys [2013.03.02 15:47:36 | 000,295,424 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\SysNative\HWS_Ctrl.dll [2013.03.02 15:47:36 | 000,008,192 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\SysNative\TSBWLS.dll [2013.03.02 15:47:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft.VC80.MFC [2013.03.02 15:46:59 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2013.03.02 15:45:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2013.03.02 15:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013.03.02 15:45:08 | 002,618,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2013.03.02 15:45:08 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2013.03.02 15:45:08 | 002,032,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2013.03.02 15:45:08 | 001,213,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2013.03.02 15:45:08 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2013.03.02 15:45:08 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2013.03.02 15:45:08 | 000,476,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2013.03.02 15:45:08 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2013.03.02 15:45:08 | 000,372,328 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2013.03.02 15:45:08 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2013.03.02 15:45:08 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2013.03.02 15:45:08 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2013.03.02 15:45:08 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2013.03.02 15:45:08 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2013.03.02 15:45:08 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2013.03.02 15:45:08 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2013.03.02 15:45:08 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2013.03.02 15:45:08 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2013.03.02 15:45:08 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2013.03.02 15:45:08 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2013.03.02 15:45:08 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2013.03.02 15:45:08 | 000,076,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2013.03.02 15:45:08 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2013.03.02 15:45:08 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2013.03.02 15:45:07 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2013.03.02 15:45:07 | 001,756,160 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2013.03.02 15:45:07 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2013.03.02 15:45:07 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013.03.02 15:45:07 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2013.03.02 15:45:07 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2013.03.02 15:45:07 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2013.03.02 15:45:07 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2013.03.02 15:45:07 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2013.03.02 15:45:07 | 000,334,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2013.03.02 15:45:07 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2013.03.02 15:45:07 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2013.03.02 15:45:07 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2013.03.02 15:45:07 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2013.03.02 15:45:07 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2013.03.02 15:45:07 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2013.03.02 15:45:07 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2013.03.02 15:45:07 | 000,124,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2013.03.02 15:45:07 | 000,124,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2013.03.02 15:45:07 | 000,123,104 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2013.03.02 15:45:07 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2013.03.02 15:45:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2013.03.02 15:45:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013.03.02 15:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013.03.02 15:43:21 | 000,538,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys [2013.03.02 15:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.03.02 15:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.03.02 15:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013.03.02 15:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013.03.02 15:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2013.03.02 15:39:06 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2013.03.02 15:37:01 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013.03.02 15:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013.03.02 15:36:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.03.02 15:36:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.02 15:33:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.02 21:01:20 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.02 21:01:20 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.02 20:59:58 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.02 20:59:58 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.02 20:59:58 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.02 20:59:58 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.02 20:59:58 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.02 20:55:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.02 20:26:49 | 3110,080,512 | -HS- | M] () -- C:\hiberfil.sys [2013.03.02 20:22:57 | 000,266,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.02 18:12:48 | 000,001,388 | ---- | M] () -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013.03.02 17:26:22 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.02 17:26:22 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.02 17:12:19 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.03.02 16:50:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.03.02 16:47:35 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2013.03.02 16:36:48 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.02 16:22:36 | 000,000,355 | ---- | M] () -- C:\Users\Besima\Desktop\Computer.lnk [2013.03.02 16:10:17 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\web'n'walk Manager 1.6.lnk [2013.03.02 16:03:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.03.02 16:03:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2013.03.02 16:00:18 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite C660_13773-GR_PSC1GE-00L00.MRK [2013.03.02 15:57:13 | 000,000,000 | ---- | M] () -- C:\Windows\NDSTray.INI [2013.03.02 15:51:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2013.03.02 15:47:51 | 000,020,592 | ---- | M] (Compal Electronics, INC.) -- C:\Windows\SysNative\drivers\CeKbFilter.sys [2013.02.28 09:36:34 | 000,177,672 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.02.28 09:36:34 | 000,068,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.02.28 09:36:33 | 001,025,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.02.28 09:36:33 | 000,377,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.02.28 09:36:33 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.02.28 09:36:33 | 000,065,408 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.02.28 09:36:32 | 000,263,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys [2013.02.28 09:36:32 | 000,080,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.02.28 09:36:32 | 000,022,664 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2013.02.28 09:36:31 | 000,127,208 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys [2013.02.28 09:36:31 | 000,033,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.02.28 09:36:07 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013.02.28 09:35:43 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.02.18 09:41:03 | 000,012,368 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.02 18:13:04 | 000,002,092 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk [2013.03.02 18:12:48 | 000,001,388 | ---- | C] () -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013.03.02 18:12:36 | 000,002,074 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk [2013.03.02 18:12:08 | 000,002,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk [2013.03.02 18:12:07 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk [2013.03.02 17:12:19 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.03.02 17:12:18 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.03.02 16:47:35 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2013.03.02 16:45:55 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.02 16:45:55 | 000,065,408 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.02 16:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013.03.02 16:36:48 | 000,001,166 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.03.02 16:36:48 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.02 16:22:36 | 000,000,355 | ---- | C] () -- C:\Users\Besima\Desktop\Computer.lnk [2013.03.02 16:10:17 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\web'n'walk Manager 1.6.lnk [2013.03.02 16:06:34 | 000,001,446 | ---- | C] () -- C:\Users\Besima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.03.02 16:00:18 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\TOSHIBA_Satellite C660_13773-GR_PSC1GE-00L00.MRK [2013.03.02 15:57:13 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2013.03.02 15:57:01 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2013.03.02 15:52:16 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2013.03.02 15:51:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2013.03.02 15:45:10 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat [2013.03.02 15:33:17 | 3110,080,512 | -HS- | C] () -- C:\hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010.07.27 15:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010.07.27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > File 2 Code:
ATTFilter OTL Extras logfile created on: 02.03.2013 21:01:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Besima\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 63,92% Memory free
7,72 Gb Paging File | 6,08 Gb Available in Paging File | 78,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 122,66 Gb Free Space | 82,30% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 140,42 Gb Free Space | 94,46% Space Free | Partition Type: NTFS
Drive F: | 7,27 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SELVIR | User Name: Besima | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1306237676-122710329-1887236546-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C33EF2F-823D-46E1-ADDB-51F5634642EF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7592F6FE-16F6-4F6D-B353-09788BA3E275}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{42AB4AD7-F3E7-4A88-9344-E4E499E8692B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{87F6E3C5-3949-465F-B748-5923D840D655}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{899C88E5-F0C5-4F24-84CF-93F506B1F605}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8EC1F719-19EA-4F79-830D-DABC0A55B84B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{BBA5C148-0C48-49F4-9E1C-AB7EFFA18A9A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{FF1BEF78-D8FA-4DE0-9E88-4B512D1D7EBE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{19087D46-BF7E-9A26-9270-9B36B77898AB}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A92CF2B1-6B11-49CE-66E4-0140C7F5784A}" = ATI Catalyst Install Manager
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"4F214B105BE2C47A7C10086525680BB7DCF7DEEB" = Windows-Treiberpaket - ATI Technologies Inc. (amdkmdap) Display (10/05/2010 8.783.0.0000)
"E8AD071510D6DB50A4A5327191F59F7569D3BB7F" = Windows-Treiberpaket - ATI Technologies Inc. (amdkmdap) Display (10/05/2010 8.783.0.0000)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0ABDFAA5-B009-D501-DF69-149E3616A158}" = CCC Help Hungarian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}" = Nero Multimedia Suite 10 Essentials
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2CA6BDD8-6408-5335-E168-3EC1D11794D2}" = CCC Help German
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{3CDEEF17-0808-6986-A217-5E683487791C}" = CCC Help Chinese Standard
"{3D047C6C-19EE-46E3-C14B-9FA84260DF9B}" = Photo Service - powered by myphotobook
"{3DC44403-BC62-95DF-09B6-7ECA2497D020}" = ccc-core-static
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{423EE102-4E12-F41C-58D0-461D3854B3E8}" = CCC Help Greek
"{4517E23D-4BDF-4274-D13A-0D47422B4880}" = Catalyst Control Center Graphics Previews Vista
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51B4D17E-89A1-6664-19FF-2D0D8B457683}" = CCC Help Japanese
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53CF942D-C13D-4252-A60D-82D8626E03A2}" = CCC Help Dutch
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{59C4A26F-060A-FE5D-8978-18C9CDA17ADD}" = CCC Help Norwegian
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5CED4654-5416-F816-5464-106E21FF2484}" = CCC Help Thai
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6000D586-E066-3044-63BE-854ECC5DBC57}" = Catalyst Control Center InstallProxy
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6BDD00D7-DBE1-EB7C-4EFF-79FDD5AB9471}" = CCC Help English
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{743280B5-F04D-909D-27FC-50074576A3C7}" = CCC Help Spanish
"{754B5075-86CF-499D-BB3A-C8716821153F}" = Catalyst Control Center Localization All
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AC3D68A-39E1-421D-8E7E-7071A6C6EFD0}" = Catalyst Control Center - Branding
"{7FCAD144-6740-77DC-E056-403362752EBB}" = CCC Help Italian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D4E90A0-8E0B-B6DF-8F8D-57365E4BC567}" = Catalyst Control Center Graphics Previews Common
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EB0C95A-4532-F1F5-F9EE-1D2A065F7AFF}" = CCC Help Chinese Traditional
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{946D0475-A801-D3CE-5EF9-3058DB11228F}" = CCC Help Turkish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9E80531C-FB38-F137-1A95-373581ACD4A0}" = CCC Help Russian
"{A19926A5-5057-E1D4-37AB-C11673A691E9}" = CCC Help Swedish
"{A7059FE7-EC11-DE4F-7343-DA8668DD1BDE}" = CCC Help Korean
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BC3AB0D7-5F53-3767-433C-1FBB8909FF83}" = CCC Help Polish
"{BD474DC3-3728-160E-0B81-7C3D14D01A8D}" = CCC Help Finnish
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5F45A2E-7D97-CE35-C35B-946062A4EED5}" = CCC Help Portuguese
"{C6D3FE2A-D248-FA78-CFF3-9A5EA7FA23C2}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF76F70B-342A-117C-E909-F1C08D2E8743}" = CCC Help Danish
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0FAA369-B0E3-48B8-9447-4873103B0012}" = TOSHIBA ConfigFree
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF52988E-45D6-F3AC-A7A6-2A3C1708EFC4}" = CCC Help Czech
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"avast" = avast! Internet Security
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TOSHIBA Game Console" = WildTangent ORB Game Console
"web'n'walk Manager 1.6" = web'n'walk Manager 1.6
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WT088682" = Bejeweled 2 Deluxe
"WT088696" = Chuzzle Deluxe
"WT088759" = Polar Bowler
"WT089367" = Farm Mania 2
"WT089378" = Jewel Quest II
"WT089380" = Penguins!
"WT089381" = Slingo Supreme
"WT089388" = Zuma Deluxe
"WT089395" = Plants vs. Zombies - Game of the Year
"WT089404" = Fishdom
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.03.2013 11:13:15 | Computer Name = Besima-TOSH | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Bing® Bar" konnte nicht heruntergefahren
werden.
Error - 02.03.2013 11:20:19 | Computer Name = Besima-TOSH | Source = McLogEvent | ID = 5004
Description =
Error - 02.03.2013 11:20:19 | Computer Name = Besima-TOSH | Source = McLogEvent | ID = 5022
Description =
Error - 02.03.2013 11:20:19 | Computer Name = Besima-TOSH | Source = McLogEvent | ID = 5004
Description =
Error - 02.03.2013 11:20:19 | Computer Name = Besima-TOSH | Source = McLogEvent | ID = 5022
Description =
Error - 02.03.2013 11:43:12 | Computer Name = Besima-TOSH | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\Microsoft.VC80.MFC\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.03.2013 11:43:12 | Computer Name = Besima-TOSH | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\Microsoft.VC80.MFC\MFC80.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
< End of report >
|
|
02.03.2013, 21:10
| #8 |
| | Mehrere Unbekannte Kontos und Viren Bitteschön (Hier war ein Doppelpost) sry. Geändert von User11 (02.03.2013 um 21:18 Uhr) |
|
03.03.2013, 18:19
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mehrere Unbekannte Kontos und Viren Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus. Anleitung MBAR: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.03.2013, 21:18
| #10 |
| | Mehrere Unbekannte Kontos und Viren GMER als Anhang MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org
Database version: v2013.02.04.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Besima :: SELVIR [administrator]
03.03.2013 21:02:53
mbar-log-2013-03-03 (21-02-53).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28706
Time elapsed: 19 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
03.03.2013, 21:38
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mehrere Unbekannte Kontos und Viren aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.03.2013, 22:32
| #12 |
| | Mehrere Unbekannte Kontos und Viren Achtung Mobiles Internet war eingeschaltet. aswMBR Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-03 22:23:41
-----------------------------
22:23:41.914 OS Version: Windows x64 6.1.7601 Service Pack 1
22:23:41.914 Number of processors: 4 586 0x2505
22:23:41.914 ComputerName: SELVIR UserName: Besima
22:23:42.819 Initialize success
22:23:43.349 AVAST engine defs: 13030300
22:24:08.715 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:24:08.715 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
22:24:08.730 Disk 0 MBR read successfully
22:24:08.730 Disk 0 MBR scan
22:24:08.746 Disk 0 Windows 7 default MBR code
22:24:08.762 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
22:24:08.762 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
22:24:08.793 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
22:24:08.824 Disk 0 scanning C:\Windows\system32\drivers
22:24:19.884 Service scanning
22:24:48.729 Modules scanning
22:24:48.729 Disk 0 trace - called modules:
22:24:48.760 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:24:48.760 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006a12060]
22:24:48.776 3 CLASSPNP.SYS[fffff88001b8243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049c9050]
22:24:49.493 AVAST engine scan C:\Windows
22:24:50.960 AVAST engine scan C:\Windows\system32
22:26:50.035 AVAST engine scan C:\Windows\system32\drivers
22:26:58.724 AVAST engine scan C:\Users\Besima
22:27:34.339 AVAST engine scan C:\ProgramData
22:28:04.478 Scan finished successfully
22:28:18.034 Disk 0 MBR has been saved successfully to "C:\Users\Besima\Desktop\MBR.dat"
22:28:18.034 The log file has been saved successfully to "C:\Users\Besima\Desktop\aswMBR.txt"
TDSSKiller Code:
ATTFilter 22:28:52.0991 2532 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:28:54.0583 2532 ============================================================
22:28:54.0583 2532 Current date / time: 2013/03/03 22:28:54.0583
22:28:54.0583 2532 SystemInfo:
22:28:54.0583 2532
22:28:54.0583 2532 OS Version: 6.1.7601 ServicePack: 1.0
22:28:54.0583 2532 Product type: Workstation
22:28:54.0583 2532 ComputerName: SELVIR
22:28:54.0583 2532 UserName: Besima
22:28:54.0583 2532 Windows directory: C:\Windows
22:28:54.0583 2532 System windows directory: C:\Windows
22:28:54.0583 2532 Running under WOW64
22:28:54.0583 2532 Processor architecture: Intel x64
22:28:54.0583 2532 Number of processors: 4
22:28:54.0583 2532 Page size: 0x1000
22:28:54.0583 2532 Boot type: Normal boot
22:28:54.0583 2532 ============================================================
22:28:55.0051 2532 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:28:55.0051 2532 ============================================================
22:28:55.0051 2532 \Device\Harddisk0\DR0:
22:28:55.0051 2532 MBR partitions:
22:28:55.0051 2532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
22:28:55.0051 2532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
22:28:55.0051 2532 ============================================================
22:28:55.0097 2532 C: <-> \Device\Harddisk0\DR0\Partition1
22:28:55.0129 2532 D: <-> \Device\Harddisk0\DR0\Partition2
22:28:55.0129 2532 ============================================================
22:28:55.0129 2532 Initialize success
22:28:55.0129 2532 ============================================================
22:29:00.0214 4436 ============================================================
22:29:00.0214 4436 Scan started
22:29:00.0214 4436 Mode: Manual; SigCheck; TDLFS;
22:29:00.0214 4436 ============================================================
22:29:00.0479 4436 ================ Scan system memory ========================
22:29:00.0479 4436 System memory - ok
22:29:00.0479 4436 ================ Scan services =============================
22:29:00.0885 4436 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:29:00.0979 4436 1394ohci - ok
22:29:01.0010 4436 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:29:01.0025 4436 ACPI - ok
22:29:01.0057 4436 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:29:01.0103 4436 AcpiPmi - ok
22:29:01.0259 4436 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:29:01.0291 4436 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
22:29:01.0291 4436 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
22:29:01.0369 4436 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:29:01.0384 4436 AdobeARMservice - ok
22:29:01.0727 4436 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:29:01.0727 4436 AdobeFlashPlayerUpdateSvc - ok
22:29:01.0790 4436 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:29:01.0805 4436 adp94xx - ok
22:29:01.0821 4436 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:29:01.0837 4436 adpahci - ok
22:29:01.0852 4436 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:29:01.0868 4436 adpu320 - ok
22:29:01.0883 4436 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:29:01.0946 4436 AeLookupSvc - ok
22:29:02.0008 4436 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:29:02.0039 4436 AFD - ok
22:29:02.0071 4436 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:29:02.0086 4436 agp440 - ok
22:29:02.0133 4436 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:29:02.0164 4436 ALG - ok
22:29:02.0227 4436 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:29:02.0227 4436 aliide - ok
22:29:02.0258 4436 [ F581CE4A97766833FBBC8581734E2BBF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:29:02.0305 4436 AMD External Events Utility - ok
22:29:02.0320 4436 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:29:02.0336 4436 amdide - ok
22:29:02.0367 4436 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:29:02.0383 4436 AmdK8 - ok
22:29:02.0539 4436 [ 91890B3670C129E2B3466D2AFAE05EAC ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:29:02.0726 4436 amdkmdag - ok
22:29:02.0757 4436 [ CC5B75D4A24E7493408510D061DF51AA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:29:02.0773 4436 amdkmdap - ok
22:29:02.0788 4436 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:29:02.0819 4436 AmdPPM - ok
22:29:02.0866 4436 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:29:02.0882 4436 amdsata - ok
22:29:02.0913 4436 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:29:02.0929 4436 amdsbs - ok
22:29:02.0944 4436 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:29:02.0960 4436 amdxata - ok
22:29:03.0022 4436 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:29:03.0053 4436 AppID - ok
22:29:03.0085 4436 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:29:03.0131 4436 AppIDSvc - ok
22:29:03.0178 4436 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:29:03.0225 4436 Appinfo - ok
22:29:03.0241 4436 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:29:03.0256 4436 arc - ok
22:29:03.0256 4436 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:29:03.0272 4436 arcsas - ok
22:29:03.0303 4436 [ 4CA8E3A70263C3029935551204586701 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:29:03.0412 4436 aswFsBlk - ok
22:29:03.0459 4436 [ 954EEE312171266F3EE687A5A58D9B1A ] aswFW C:\Windows\system32\drivers\aswFW.sys
22:29:03.0475 4436 aswFW - ok
22:29:03.0506 4436 [ FA5820B2A57D098EE2DFDBF77A924A4D ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
22:29:03.0506 4436 aswKbd - ok
22:29:03.0553 4436 [ CF6A24076F978BF9C1FE61EE8595DB66 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:29:03.0568 4436 aswMonFlt - ok
22:29:03.0584 4436 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
22:29:03.0584 4436 aswNdis - ok
22:29:03.0615 4436 [ 4DDE3F5E1C59684DE52DE5FB348B24BC ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
22:29:03.0631 4436 aswNdis2 - ok
22:29:03.0631 4436 [ 24EB5B96B8D215BAC4FC280D39B73049 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:29:03.0646 4436 aswRdr - ok
22:29:03.0662 4436 [ 76A2BD420185B468B6DE89AED1EEAE40 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:29:03.0677 4436 aswRvrt - ok
22:29:03.0709 4436 [ 5EB2FC36BD4639097A2F9BB68C825604 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:29:03.0740 4436 aswSnx - ok
22:29:03.0755 4436 [ AB1403AF5CC781D5148096216DA3A2A3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:29:03.0771 4436 aswSP - ok
22:29:03.0802 4436 [ 6A2D4BB9DDAA7D74839936403BB31F06 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:29:03.0802 4436 aswTdi - ok
22:29:03.0818 4436 [ 0A83FFF1AEF6113EF8DCBB32D5014AB1 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:29:03.0833 4436 aswVmm - ok
22:29:03.0865 4436 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:29:03.0911 4436 AsyncMac - ok
22:29:03.0974 4436 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:29:03.0989 4436 atapi - ok
22:29:04.0083 4436 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:29:04.0145 4436 AudioEndpointBuilder - ok
22:29:04.0145 4436 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:29:04.0192 4436 AudioSrv - ok
22:29:04.0286 4436 [ AEF6E1DE647339C4990586D1DE427BBB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:29:04.0301 4436 avast! Antivirus - ok
22:29:04.0364 4436 [ 4CCAA10F16C4F360D582A431E390EEFC ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
22:29:04.0364 4436 avast! Firewall - ok
22:29:04.0426 4436 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:29:04.0473 4436 AxInstSV - ok
22:29:04.0504 4436 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:29:04.0535 4436 b06bdrv - ok
22:29:04.0551 4436 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:29:04.0598 4436 b57nd60a - ok
22:29:04.0676 4436 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:29:04.0691 4436 BDESVC - ok
22:29:04.0691 4436 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:29:04.0738 4436 Beep - ok
22:29:04.0816 4436 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:29:04.0879 4436 BFE - ok
22:29:04.0910 4436 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:29:04.0972 4436 BITS - ok
22:29:05.0019 4436 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:29:05.0035 4436 blbdrive - ok
22:29:05.0097 4436 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:29:05.0113 4436 bowser - ok
22:29:05.0128 4436 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:29:05.0159 4436 BrFiltLo - ok
22:29:05.0159 4436 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:29:05.0175 4436 BrFiltUp - ok
22:29:05.0206 4436 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:29:05.0237 4436 Browser - ok
22:29:05.0269 4436 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:29:05.0300 4436 Brserid - ok
22:29:05.0300 4436 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:29:05.0331 4436 BrSerWdm - ok
22:29:05.0347 4436 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:29:05.0378 4436 BrUsbMdm - ok
22:29:05.0378 4436 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:29:05.0393 4436 BrUsbSer - ok
22:29:05.0393 4436 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:29:05.0409 4436 BTHMODEM - ok
22:29:05.0456 4436 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:29:05.0518 4436 bthserv - ok
22:29:05.0534 4436 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:29:05.0581 4436 cdfs - ok
22:29:05.0643 4436 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:29:05.0674 4436 cdrom - ok
22:29:05.0721 4436 [ 7E83E47BD1FF93E11CD69F1AD65A9581 ] CeKbFilter C:\Windows\system32\DRIVERS\CeKbFilter.sys
22:29:05.0737 4436 CeKbFilter - ok
22:29:05.0783 4436 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:29:05.0846 4436 CertPropSvc - ok
22:29:05.0955 4436 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
22:29:05.0971 4436 cfWiMAXService - ok
22:29:06.0002 4436 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:29:06.0033 4436 circlass - ok
22:29:06.0080 4436 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:29:06.0095 4436 CLFS - ok
22:29:06.0251 4436 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:29:06.0251 4436 clr_optimization_v2.0.50727_32 - ok
22:29:06.0329 4436 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:29:06.0345 4436 clr_optimization_v2.0.50727_64 - ok
22:29:06.0563 4436 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:29:06.0563 4436 clr_optimization_v4.0.30319_32 - ok
22:29:06.0782 4436 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:29:06.0797 4436 clr_optimization_v4.0.30319_64 - ok
22:29:06.0844 4436 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:29:06.0875 4436 CmBatt - ok
22:29:06.0891 4436 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:29:06.0907 4436 cmdide - ok
22:29:06.0953 4436 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:29:07.0000 4436 CNG - ok
22:29:07.0047 4436 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:29:07.0063 4436 Compbatt - ok
22:29:07.0094 4436 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:29:07.0125 4436 CompositeBus - ok
22:29:07.0141 4436 COMSysApp - ok
22:29:07.0172 4436 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
22:29:07.0172 4436 ConfigFree Service - ok
22:29:07.0203 4436 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:29:07.0203 4436 crcdisk - ok
22:29:07.0250 4436 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:29:07.0281 4436 CryptSvc - ok
22:29:07.0343 4436 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:29:07.0390 4436 DcomLaunch - ok
22:29:07.0421 4436 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:29:07.0484 4436 defragsvc - ok
22:29:07.0531 4436 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:29:07.0577 4436 DfsC - ok
22:29:07.0655 4436 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:29:07.0671 4436 Dhcp - ok
22:29:07.0687 4436 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:29:07.0733 4436 discache - ok
22:29:07.0749 4436 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:29:07.0765 4436 Disk - ok
22:29:07.0796 4436 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:29:07.0843 4436 Dnscache - ok
22:29:07.0874 4436 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:29:07.0936 4436 dot3svc - ok
22:29:07.0983 4436 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:29:08.0030 4436 DPS - ok
22:29:08.0077 4436 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:29:08.0092 4436 drmkaud - ok
22:29:08.0139 4436 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:29:08.0170 4436 DXGKrnl - ok
22:29:08.0201 4436 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:29:08.0264 4436 EapHost - ok
22:29:08.0342 4436 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:29:08.0435 4436 ebdrv - ok
22:29:08.0451 4436 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:29:08.0482 4436 EFS - ok
22:29:08.0607 4436 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:29:08.0638 4436 ehRecvr - ok
22:29:08.0654 4436 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:29:08.0685 4436 ehSched - ok
22:29:08.0732 4436 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:29:08.0747 4436 elxstor - ok
22:29:08.0763 4436 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:29:08.0794 4436 ErrDev - ok
22:29:08.0841 4436 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:29:08.0903 4436 EventSystem - ok
22:29:08.0935 4436 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:29:08.0981 4436 exfat - ok
22:29:08.0997 4436 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:29:09.0059 4436 fastfat - ok
22:29:09.0091 4436 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:29:09.0122 4436 Fax - ok
22:29:09.0137 4436 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:29:09.0169 4436 fdc - ok
22:29:09.0200 4436 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:29:09.0247 4436 fdPHost - ok
22:29:09.0262 4436 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:29:09.0309 4436 FDResPub - ok
22:29:09.0340 4436 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:29:09.0356 4436 FileInfo - ok
22:29:09.0356 4436 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:29:09.0434 4436 Filetrace - ok
22:29:09.0449 4436 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:29:09.0465 4436 flpydisk - ok
22:29:09.0512 4436 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:29:09.0527 4436 FltMgr - ok
22:29:09.0590 4436 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:29:09.0652 4436 FontCache - ok
22:29:09.0699 4436 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:29:09.0715 4436 FontCache3.0.0.0 - ok
22:29:09.0746 4436 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:29:09.0746 4436 FsDepends - ok
22:29:09.0793 4436 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:29:09.0808 4436 Fs_Rec - ok
22:29:09.0886 4436 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:29:09.0902 4436 fvevol - ok
22:29:09.0933 4436 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:29:09.0949 4436 gagp30kx - ok
22:29:10.0011 4436 [ 1FDA0DF739234C4023851A282DD28704 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
22:29:10.0027 4436 GameConsoleService - ok
22:29:10.0073 4436 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:29:10.0136 4436 gpsvc - ok
22:29:10.0151 4436 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:29:10.0198 4436 hcw85cir - ok
22:29:10.0276 4436 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:29:10.0292 4436 HdAudAddService - ok
22:29:10.0323 4436 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:29:10.0370 4436 HDAudBus - ok
22:29:10.0385 4436 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:29:10.0385 4436 HECIx64 - ok
22:29:10.0417 4436 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:29:10.0432 4436 HidBatt - ok
22:29:10.0432 4436 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:29:10.0463 4436 HidBth - ok
22:29:10.0479 4436 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:29:10.0510 4436 HidIr - ok
22:29:10.0510 4436 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:29:10.0573 4436 hidserv - ok
22:29:10.0635 4436 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:29:10.0651 4436 HidUsb - ok
22:29:10.0682 4436 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:29:10.0744 4436 hkmsvc - ok
22:29:10.0807 4436 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:29:10.0838 4436 HomeGroupListener - ok
22:29:10.0869 4436 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:29:10.0900 4436 HomeGroupProvider - ok
22:29:10.0947 4436 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:29:10.0963 4436 HpSAMD - ok
22:29:11.0025 4436 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:29:11.0087 4436 HTTP - ok
22:29:11.0150 4436 [ 1701E3B3C1386219094D5C9017EF857B ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:29:11.0165 4436 hwdatacard - ok
22:29:11.0197 4436 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:29:11.0212 4436 hwpolicy - ok
22:29:11.0243 4436 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:29:11.0259 4436 i8042prt - ok
22:29:11.0306 4436 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:29:11.0321 4436 iaStor - ok
22:29:11.0353 4436 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:29:11.0384 4436 iaStorV - ok
22:29:11.0477 4436 [ 4DE2EE2A5186D74BABC4E7F60D2AE989 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
22:29:11.0524 4436 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
22:29:11.0524 4436 IconMan_R - detected UnsignedFile.Multi.Generic (1)
22:29:11.0602 4436 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:29:11.0618 4436 idsvc - ok
22:29:11.0665 4436 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:29:11.0665 4436 iirsp - ok
22:29:11.0727 4436 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:29:11.0789 4436 IKEEXT - ok
22:29:11.0883 4436 [ E8017F1662D9142F45CEAB694D013C00 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:29:11.0930 4436 IntcAzAudAddService - ok
22:29:11.0961 4436 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:29:11.0977 4436 intelide - ok
22:29:12.0023 4436 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:29:12.0039 4436 intelppm - ok
22:29:12.0055 4436 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:29:12.0101 4436 IPBusEnum - ok
22:29:12.0133 4436 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:29:12.0179 4436 IpFilterDriver - ok
22:29:12.0242 4436 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:29:12.0257 4436 iphlpsvc - ok
22:29:12.0289 4436 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:29:12.0335 4436 IPMIDRV - ok
22:29:12.0367 4436 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:29:12.0413 4436 IPNAT - ok
22:29:12.0429 4436 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:29:12.0445 4436 IRENUM - ok
22:29:12.0476 4436 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:29:12.0491 4436 isapnp - ok
22:29:12.0523 4436 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:29:12.0538 4436 iScsiPrt - ok
22:29:12.0569 4436 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:29:12.0569 4436 kbdclass - ok
22:29:12.0601 4436 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:29:12.0616 4436 kbdhid - ok
22:29:12.0647 4436 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:29:12.0663 4436 KeyIso - ok
22:29:12.0694 4436 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:29:12.0710 4436 KSecDD - ok
22:29:12.0725 4436 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:29:12.0741 4436 KSecPkg - ok
22:29:12.0788 4436 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:29:12.0835 4436 ksthunk - ok
22:29:12.0850 4436 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:29:12.0897 4436 KtmRm - ok
22:29:12.0959 4436 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:29:13.0022 4436 LanmanServer - ok
22:29:13.0069 4436 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:29:13.0131 4436 LanmanWorkstation - ok
22:29:13.0147 4436 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:29:13.0193 4436 lltdio - ok
22:29:13.0240 4436 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:29:13.0287 4436 lltdsvc - ok
22:29:13.0287 4436 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:29:13.0334 4436 lmhosts - ok
22:29:13.0381 4436 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:29:13.0396 4436 LMS - ok
22:29:13.0459 4436 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
22:29:13.0459 4436 LPCFilter - ok
22:29:13.0490 4436 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:29:13.0505 4436 LSI_FC - ok
22:29:13.0521 4436 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:29:13.0537 4436 LSI_SAS - ok
22:29:13.0537 4436 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:29:13.0552 4436 LSI_SAS2 - ok
22:29:13.0568 4436 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:29:13.0583 4436 LSI_SCSI - ok
22:29:13.0583 4436 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:29:13.0646 4436 luafv - ok
22:29:13.0677 4436 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:29:13.0708 4436 Mcx2Svc - ok
22:29:13.0724 4436 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:29:13.0724 4436 megasas - ok
22:29:13.0755 4436 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:29:13.0771 4436 MegaSR - ok
22:29:13.0786 4436 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:29:13.0833 4436 MMCSS - ok
22:29:13.0833 4436 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:29:13.0880 4436 Modem - ok
22:29:13.0895 4436 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:29:13.0927 4436 monitor - ok
22:29:13.0973 4436 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:29:13.0989 4436 mouclass - ok
22:29:14.0005 4436 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:29:14.0036 4436 mouhid - ok
22:29:14.0067 4436 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:29:14.0083 4436 mountmgr - ok
22:29:14.0161 4436 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:29:14.0161 4436 MozillaMaintenance - ok
22:29:14.0192 4436 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:29:14.0207 4436 mpio - ok
22:29:14.0239 4436 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:29:14.0285 4436 mpsdrv - ok
22:29:14.0332 4436 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:29:14.0379 4436 MpsSvc - ok
22:29:14.0457 4436 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:29:14.0488 4436 MRxDAV - ok
22:29:14.0519 4436 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:29:14.0551 4436 mrxsmb - ok
22:29:14.0566 4436 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:29:14.0582 4436 mrxsmb10 - ok
22:29:14.0613 4436 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:29:14.0629 4436 mrxsmb20 - ok
22:29:14.0644 4436 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:29:14.0660 4436 msahci - ok
22:29:14.0691 4436 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:29:14.0707 4436 msdsm - ok
22:29:14.0722 4436 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:29:14.0753 4436 MSDTC - ok
22:29:14.0785 4436 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:29:14.0831 4436 Msfs - ok
22:29:14.0831 4436 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:29:14.0894 4436 mshidkmdf - ok
22:29:14.0909 4436 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:29:14.0925 4436 msisadrv - ok
22:29:14.0956 4436 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:29:15.0003 4436 MSiSCSI - ok
22:29:15.0019 4436 msiserver - ok
22:29:15.0034 4436 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:29:15.0065 4436 MSKSSRV - ok
22:29:15.0081 4436 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:29:15.0112 4436 MSPCLOCK - ok
22:29:15.0128 4436 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:29:15.0175 4436 MSPQM - ok
22:29:15.0221 4436 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:29:15.0237 4436 MsRPC - ok
22:29:15.0268 4436 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:29:15.0284 4436 mssmbios - ok
22:29:15.0284 4436 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:29:15.0331 4436 MSTEE - ok
22:29:15.0346 4436 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:29:15.0362 4436 MTConfig - ok
22:29:15.0362 4436 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:29:15.0377 4436 Mup - ok
22:29:15.0424 4436 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:29:15.0487 4436 napagent - ok
22:29:15.0549 4436 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:29:15.0580 4436 NativeWifiP - ok
22:29:15.0643 4436 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
22:29:15.0658 4436 NAUpdate - ok
22:29:15.0705 4436 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:29:15.0736 4436 NDIS - ok
22:29:15.0767 4436 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:29:15.0799 4436 NdisCap - ok
22:29:15.0845 4436 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:29:15.0877 4436 NdisTapi - ok
22:29:15.0908 4436 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:29:15.0970 4436 Ndisuio - ok
22:29:16.0017 4436 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:29:16.0064 4436 NdisWan - ok
22:29:16.0079 4436 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:29:16.0142 4436 NDProxy - ok
22:29:16.0173 4436 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:29:16.0220 4436 NetBIOS - ok
22:29:16.0235 4436 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:29:16.0282 4436 NetBT - ok
22:29:16.0298 4436 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:29:16.0313 4436 Netlogon - ok
22:29:16.0345 4436 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:29:16.0391 4436 Netman - ok
22:29:16.0407 4436 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:29:16.0485 4436 netprofm - ok
22:29:16.0501 4436 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:29:16.0516 4436 NetTcpPortSharing - ok
22:29:16.0547 4436 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:29:16.0547 4436 nfrd960 - ok
22:29:16.0594 4436 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:29:16.0625 4436 NlaSvc - ok
22:29:16.0625 4436 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:29:16.0672 4436 Npfs - ok
22:29:16.0688 4436 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:29:16.0750 4436 nsi - ok
22:29:16.0750 4436 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:29:16.0813 4436 nsiproxy - ok
22:29:16.0844 4436 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:29:16.0891 4436 Ntfs - ok
22:29:16.0922 4436 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:29:16.0969 4436 Null - ok
22:29:17.0015 4436 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:29:17.0015 4436 nvraid - ok
22:29:17.0031 4436 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:29:17.0047 4436 nvstor - ok
22:29:17.0093 4436 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:29:17.0109 4436 nv_agp - ok
22:29:17.0125 4436 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:29:17.0140 4436 ohci1394 - ok
22:29:17.0171 4436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:29:17.0203 4436 p2pimsvc - ok
22:29:17.0234 4436 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:29:17.0249 4436 p2psvc - ok
22:29:17.0265 4436 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:29:17.0281 4436 Parport - ok
22:29:17.0312 4436 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:29:17.0327 4436 partmgr - ok
22:29:17.0359 4436 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:29:17.0390 4436 PcaSvc - ok
22:29:17.0421 4436 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:29:17.0437 4436 pci - ok
22:29:17.0468 4436 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:29:17.0468 4436 pciide - ok
22:29:17.0499 4436 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:29:17.0515 4436 pcmcia - ok
22:29:17.0515 4436 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:29:17.0530 4436 pcw - ok
22:29:17.0546 4436 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:29:17.0624 4436 PEAUTH - ok
22:29:17.0827 4436 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:29:17.0858 4436 PerfHost - ok
22:29:17.0905 4436 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
22:29:17.0920 4436 PGEffect - ok
22:29:17.0983 4436 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:29:18.0076 4436 pla - ok
22:29:18.0123 4436 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:29:18.0139 4436 PlugPlay - ok
22:29:18.0154 4436 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:29:18.0170 4436 PNRPAutoReg - ok
22:29:18.0170 4436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:29:18.0185 4436 PNRPsvc - ok
22:29:18.0232 4436 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:29:18.0295 4436 PolicyAgent - ok
22:29:18.0310 4436 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:29:18.0357 4436 Power - ok
22:29:18.0404 4436 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:29:18.0466 4436 PptpMiniport - ok
22:29:18.0482 4436 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:29:18.0497 4436 Processor - ok
22:29:18.0529 4436 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:29:18.0544 4436 ProfSvc - ok
22:29:18.0575 4436 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:29:18.0575 4436 ProtectedStorage - ok
22:29:18.0622 4436 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:29:18.0669 4436 Psched - ok
22:29:18.0716 4436 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:29:18.0763 4436 ql2300 - ok
22:29:18.0763 4436 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:29:18.0778 4436 ql40xx - ok
22:29:18.0809 4436 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:29:18.0825 4436 QWAVE - ok
22:29:18.0841 4436 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:29:18.0887 4436 QWAVEdrv - ok
22:29:18.0887 4436 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:29:18.0934 4436 RasAcd - ok
22:29:18.0981 4436 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:29:19.0012 4436 RasAgileVpn - ok
22:29:19.0028 4436 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:29:19.0090 4436 RasAuto - ok
22:29:19.0137 4436 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:29:19.0199 4436 Rasl2tp - ok
22:29:19.0246 4436 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:29:19.0309 4436 RasMan - ok
22:29:19.0340 4436 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:29:19.0371 4436 RasPppoe - ok
22:29:19.0387 4436 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:29:19.0433 4436 RasSstp - ok
22:29:19.0480 4436 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:29:19.0527 4436 rdbss - ok
22:29:19.0543 4436 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:29:19.0574 4436 rdpbus - ok
22:29:19.0589 4436 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:29:19.0621 4436 RDPCDD - ok
22:29:19.0636 4436 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:29:19.0683 4436 RDPENCDD - ok
22:29:19.0699 4436 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:29:19.0730 4436 RDPREFMP - ok
22:29:19.0761 4436 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:29:19.0792 4436 RDPWD - ok
22:29:19.0839 4436 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:29:19.0855 4436 rdyboost - ok
22:29:19.0886 4436 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:29:19.0933 4436 RemoteAccess - ok
22:29:19.0964 4436 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:29:20.0011 4436 RemoteRegistry - ok
22:29:20.0026 4436 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:29:20.0073 4436 RpcEptMapper - ok
22:29:20.0104 4436 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:29:20.0135 4436 RpcLocator - ok
22:29:20.0151 4436 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:29:20.0198 4436 RpcSs - ok
22:29:20.0229 4436 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:29:20.0276 4436 rspndr - ok
22:29:20.0354 4436 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:29:20.0369 4436 RSUSBSTOR - ok
22:29:20.0416 4436 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:29:20.0432 4436 RTL8167 - ok
22:29:20.0494 4436 [ FFC748D848740D1BC8F330A8879C2674 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
22:29:20.0510 4436 RTL8192Ce - ok
22:29:20.0525 4436 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:29:20.0541 4436 SamSs - ok
22:29:20.0572 4436 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:29:20.0588 4436 sbp2port - ok
22:29:20.0619 4436 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:29:20.0681 4436 SCardSvr - ok
22:29:20.0728 4436 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:29:20.0791 4436 scfilter - ok
22:29:20.0837 4436 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:29:20.0915 4436 Schedule - ok
22:29:20.0947 4436 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:29:20.0993 4436 SCPolicySvc - ok
22:29:21.0025 4436 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:29:21.0040 4436 SDRSVC - ok
22:29:21.0071 4436 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:29:21.0118 4436 secdrv - ok
22:29:21.0149 4436 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:29:21.0196 4436 seclogon - ok
22:29:21.0227 4436 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:29:21.0274 4436 SENS - ok
22:29:21.0305 4436 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:29:21.0337 4436 SensrSvc - ok
22:29:21.0352 4436 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:29:21.0368 4436 Serenum - ok
22:29:21.0383 4436 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:29:21.0399 4436 Serial - ok
22:29:21.0430 4436 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:29:21.0461 4436 sermouse - ok
22:29:21.0493 4436 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:29:21.0539 4436 SessionEnv - ok
22:29:21.0571 4436 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:29:21.0586 4436 sffdisk - ok
22:29:21.0602 4436 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:29:21.0633 4436 sffp_mmc - ok
22:29:21.0649 4436 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:29:21.0680 4436 sffp_sd - ok
22:29:21.0695 4436 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:29:21.0727 4436 sfloppy - ok
22:29:21.0758 4436 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:29:21.0820 4436 SharedAccess - ok
22:29:21.0867 4436 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:29:21.0914 4436 ShellHWDetection - ok
22:29:21.0945 4436 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:29:21.0961 4436 SiSRaid2 - ok
22:29:21.0961 4436 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:29:21.0976 4436 SiSRaid4 - ok
22:29:21.0992 4436 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:29:22.0054 4436 Smb - ok
22:29:22.0101 4436 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:29:22.0132 4436 SNMPTRAP - ok
22:29:22.0132 4436 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:29:22.0148 4436 spldr - ok
22:29:22.0210 4436 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:29:22.0226 4436 Spooler - ok
22:29:22.0335 4436 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:29:22.0460 4436 sppsvc - ok
22:29:22.0491 4436 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:29:22.0538 4436 sppuinotify - ok
22:29:22.0585 4436 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:29:22.0600 4436 srv - ok
22:29:22.0616 4436 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:29:22.0663 4436 srv2 - ok
22:29:22.0694 4436 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:29:22.0725 4436 srvnet - ok
22:29:22.0756 4436 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:29:22.0803 4436 SSDPSRV - ok
22:29:22.0819 4436 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:29:22.0865 4436 SstpSvc - ok
22:29:22.0881 4436 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:29:22.0897 4436 stexstor - ok
22:29:22.0943 4436 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:29:22.0975 4436 stisvc - ok
22:29:23.0006 4436 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:29:23.0021 4436 swenum - ok
22:29:23.0053 4436 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:29:23.0099 4436 swprv - ok
22:29:23.0162 4436 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:29:23.0177 4436 SynTP - ok
22:29:23.0240 4436 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:29:23.0287 4436 SysMain - ok
22:29:23.0333 4436 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:29:23.0349 4436 TabletInputService - ok
22:29:23.0365 4436 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:29:23.0427 4436 TapiSrv - ok
22:29:23.0443 4436 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:29:23.0505 4436 TBS - ok
22:29:23.0567 4436 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:29:23.0599 4436 Tcpip - ok
22:29:23.0645 4436 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:29:23.0692 4436 TCPIP6 - ok
22:29:23.0723 4436 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:29:23.0770 4436 tcpipreg - ok
22:29:23.0833 4436 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:29:23.0833 4436 tdcmdpst - ok
22:29:23.0864 4436 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:29:23.0879 4436 TDPIPE - ok
22:29:23.0911 4436 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:29:23.0926 4436 TDTCP - ok
22:29:23.0973 4436 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:29:24.0004 4436 tdx - ok
22:29:24.0035 4436 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:29:24.0051 4436 TermDD - ok
22:29:24.0098 4436 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:29:24.0160 4436 TermService - ok
22:29:24.0191 4436 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:29:24.0223 4436 Themes - ok
22:29:24.0238 4436 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:29:24.0269 4436 THREADORDER - ok
22:29:24.0347 4436 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:29:24.0379 4436 TMachInfo - ok
22:29:24.0410 4436 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
22:29:24.0425 4436 TODDSrv - ok
22:29:24.0488 4436 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
22:29:24.0503 4436 TosCoSrv - ok
22:29:24.0566 4436 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
22:29:24.0581 4436 TOSHIBA HDD SSD Alert Service - ok
22:29:24.0613 4436 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:29:24.0644 4436 TrkWks - ok
22:29:24.0706 4436 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:29:24.0769 4436 TrustedInstaller - ok
22:29:24.0815 4436 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:29:24.0847 4436 tssecsrv - ok
22:29:24.0909 4436 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:29:24.0925 4436 TsUsbFlt - ok
22:29:24.0971 4436 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:29:25.0034 4436 tunnel - ok
22:29:25.0049 4436 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:29:25.0065 4436 TVALZ - ok
22:29:25.0096 4436 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:29:25.0096 4436 uagp35 - ok
22:29:25.0127 4436 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:29:25.0174 4436 udfs - ok
22:29:25.0205 4436 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:29:25.0237 4436 UI0Detect - ok
22:29:25.0252 4436 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:29:25.0268 4436 uliagpkx - ok
22:29:25.0315 4436 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:29:25.0346 4436 umbus - ok
22:29:25.0377 4436 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:29:25.0393 4436 UmPass - ok
22:29:25.0471 4436 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:29:25.0533 4436 UNS - ok
22:29:25.0564 4436 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:29:25.0611 4436 upnphost - ok
22:29:25.0658 4436 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:29:25.0689 4436 usbccgp - ok
22:29:25.0705 4436 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:29:25.0720 4436 usbcir - ok
22:29:25.0814 4436 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:29:25.0829 4436 usbehci - ok
22:29:25.0892 4436 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:29:25.0923 4436 usbhub - ok
22:29:25.0954 4436 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:29:25.0970 4436 usbohci - ok
22:29:25.0985 4436 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:29:26.0017 4436 usbprint - ok
22:29:26.0048 4436 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:29:26.0079 4436 USBSTOR - ok
22:29:26.0095 4436 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:29:26.0126 4436 usbuhci - ok
22:29:26.0173 4436 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:29:26.0188 4436 usbvideo - ok
22:29:26.0219 4436 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:29:26.0266 4436 UxSms - ok
22:29:26.0282 4436 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:29:26.0297 4436 VaultSvc - ok
22:29:26.0313 4436 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:29:26.0329 4436 vdrvroot - ok
22:29:26.0375 4436 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:29:26.0438 4436 vds - ok
22:29:26.0469 4436 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:29:26.0485 4436 vga - ok
22:29:26.0485 4436 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:29:26.0531 4436 VgaSave - ok
22:29:26.0578 4436 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:29:26.0594 4436 vhdmp - ok
22:29:26.0625 4436 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:29:26.0625 4436 viaide - ok
22:29:26.0656 4436 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:29:26.0672 4436 volmgr - ok
22:29:26.0719 4436 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:29:26.0734 4436 volmgrx - ok
22:29:26.0750 4436 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:29:26.0781 4436 volsnap - ok
22:29:26.0812 4436 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:29:26.0828 4436 vsmraid - ok
22:29:26.0906 4436 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:29:26.0984 4436 VSS - ok
22:29:26.0999 4436 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:29:27.0015 4436 vwifibus - ok
22:29:27.0015 4436 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:29:27.0062 4436 vwififlt - ok
22:29:27.0093 4436 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:29:27.0140 4436 W32Time - ok
22:29:27.0155 4436 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:29:27.0187 4436 WacomPen - ok
22:29:27.0249 4436 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:29:27.0296 4436 WANARP - ok
22:29:27.0296 4436 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:29:27.0343 4436 Wanarpv6 - ok
22:29:27.0421 4436 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:29:27.0452 4436 WatAdminSvc - ok
22:29:27.0530 4436 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:29:27.0561 4436 wbengine - ok
22:29:27.0592 4436 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:29:27.0608 4436 WbioSrvc - ok
22:29:27.0655 4436 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:29:27.0670 4436 wcncsvc - ok
22:29:27.0701 4436 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:29:27.0717 4436 WcsPlugInService - ok
22:29:27.0748 4436 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:29:27.0748 4436 Wd - ok
22:29:27.0795 4436 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:29:27.0826 4436 Wdf01000 - ok
22:29:27.0857 4436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:29:27.0889 4436 WdiServiceHost - ok
22:29:27.0889 4436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:29:27.0920 4436 WdiSystemHost - ok
22:29:27.0967 4436 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:29:27.0998 4436 WebClient - ok
22:29:28.0013 4436 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:29:28.0076 4436 Wecsvc - ok
22:29:28.0107 4436 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:29:28.0154 4436 wercplsupport - ok
22:29:28.0185 4436 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:29:28.0232 4436 WerSvc - ok
22:29:28.0247 4436 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:29:28.0294 4436 WfpLwf - ok
22:29:28.0294 4436 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:29:28.0310 4436 WIMMount - ok
22:29:28.0310 4436 WinDefend - ok
22:29:28.0325 4436 WinHttpAutoProxySvc - ok
22:29:28.0466 4436 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:29:28.0513 4436 Winmgmt - ok
22:29:28.0591 4436 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:29:28.0669 4436 WinRM - ok
22:29:28.0715 4436 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:29:28.0762 4436 Wlansvc - ok
22:29:28.0809 4436 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:29:28.0825 4436 wlcrasvc - ok
22:29:28.0934 4436 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:29:28.0981 4436 wlidsvc - ok
22:29:29.0012 4436 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:29:29.0043 4436 WmiAcpi - ok
22:29:29.0074 4436 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:29:29.0105 4436 wmiApSrv - ok
22:29:29.0137 4436 WMPNetworkSvc - ok
22:29:29.0168 4436 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:29:29.0183 4436 WPCSvc - ok
22:29:29.0215 4436 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:29:29.0230 4436 WPDBusEnum - ok
22:29:29.0261 4436 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:29:29.0308 4436 ws2ifsl - ok
22:29:29.0324 4436 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:29:29.0355 4436 wscsvc - ok
22:29:29.0355 4436 WSearch - ok
22:29:29.0433 4436 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:29:29.0495 4436 wuauserv - ok
22:29:29.0542 4436 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:29:29.0573 4436 WudfPf - ok
22:29:29.0605 4436 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:29:29.0620 4436 WUDFRd - ok
22:29:29.0636 4436 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:29:29.0667 4436 wudfsvc - ok
22:29:29.0683 4436 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:29:29.0698 4436 WwanSvc - ok
22:29:29.0714 4436 ================ Scan global ===============================
22:29:29.0729 4436 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:29:29.0776 4436 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:29:29.0776 4436 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:29:29.0807 4436 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:29:29.0839 4436 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:29:29.0854 4436 [Global] - ok
22:29:29.0854 4436 ================ Scan MBR ==================================
22:29:29.0870 4436 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:29:30.0197 4436 \Device\Harddisk0\DR0 - ok
22:29:30.0197 4436 ================ Scan VBR ==================================
22:29:30.0229 4436 [ C564AC643971FE33E8D9C9096EEE698D ] \Device\Harddisk0\DR0\Partition1
22:29:30.0229 4436 \Device\Harddisk0\DR0\Partition1 - ok
22:29:30.0260 4436 [ 5E930CB43151D283C04E40C1DB2D5B20 ] \Device\Harddisk0\DR0\Partition2
22:29:30.0260 4436 \Device\Harddisk0\DR0\Partition2 - ok
22:29:30.0260 4436 ============================================================
22:29:30.0260 4436 Scan finished
22:29:30.0260 4436 ============================================================
22:29:30.0275 3976 Detected object count: 2
22:29:30.0275 3976 Actual detected object count: 2
22:29:39.0604 3976 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:39.0604 3976 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:39.0604 3976 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:39.0604 3976 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:30:10.0617 4020 Deinitialize success
|
|
04.03.2013, 09:07
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mehrere Unbekannte Kontos und Viren Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.03.2013, 20:25
| #14 |
| | Mehrere Unbekannte Kontos und Viren Hat angezeigt das Avast an war, obwohl ich alle Schutzmodule von Avast deaktiviert habe. Code:
ATTFilter ComboFix 13-03-04.01 - Besima 04.03.2013 20:11:23.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3955.3005 [GMT 1:00]
ausgeführt von:: c:\users\Besima\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-04 bis 2013-03-04 ))))))))))))))))))))))))))))))
.
.
2013-03-04 19:17 . 2013-03-04 19:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-03 20:16 . 2013-03-03 20:16 -------- d-----w- c:\program files (x86)\7-Zip
2013-03-03 19:19 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-03-03 19:19 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-03-03 19:19 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-03-03 19:15 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-03-03 19:03 . 2013-03-03 19:03 -------- d-----w- c:\programdata\Malwarebytes
2013-03-03 00:07 . 2013-03-03 00:07 -------- d-----w- c:\windows\system32\SPReview
2013-03-03 00:06 . 2013-03-03 00:06 -------- d-----w- c:\windows\system32\EventProviders
2013-03-02 23:44 . 2010-11-20 12:17 373248 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-03-02 23:43 . 2010-11-20 13:27 258560 ----a-w- c:\windows\system32\WebClnt.dll
2013-03-02 23:42 . 2010-11-20 13:33 63360 ----a-w- c:\windows\system32\drivers\termdd.sys
2013-03-02 23:41 . 2010-11-20 13:27 414720 ----a-w- c:\windows\system32\wlanmsm.dll
2013-03-02 23:40 . 2010-11-20 13:07 3584 ----a-w- c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2013-03-02 23:40 . 2010-11-20 13:00 2560 ----a-w- c:\windows\system32\drivers\de-DE\rdpwd.sys.mui
2013-03-02 23:40 . 2010-11-20 13:07 2560 ----a-w- c:\windows\system32\drivers\de-DE\disk.sys.mui
2013-03-02 23:40 . 2010-11-20 13:12 7168 ----a-w- c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2013-03-02 23:40 . 2010-11-20 13:00 4608 ----a-w- c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2013-03-02 23:40 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2013-03-02 23:40 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2013-03-02 23:40 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2013-03-02 23:40 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2013-03-02 23:40 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2013-03-02 23:40 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2013-03-02 23:39 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-03-02 23:39 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-03-02 23:39 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-03-02 23:14 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2013-03-02 23:14 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2013-03-02 23:14 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-03-02 23:14 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-03-02 23:14 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-03-02 23:14 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2013-03-02 23:14 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-03-02 23:14 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-03-02 23:14 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2013-03-02 23:14 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2013-03-02 23:14 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-03-02 23:13 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-03-02 23:13 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-03-02 23:13 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-03-02 23:13 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-03-02 23:13 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-03-02 23:13 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-03-02 23:13 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-03-02 23:06 . 2013-03-02 23:06 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-03-02 22:55 . 2013-03-02 22:55 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-03-02 22:55 . 2013-03-02 22:55 -------- d-----w- c:\windows\SysWow64\Wat
2013-03-02 22:55 . 2013-03-02 22:55 -------- d-----w- c:\windows\system32\Wat
2013-03-02 22:54 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2013-03-02 22:54 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2013-03-02 22:54 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-03-02 22:48 . 2013-03-02 22:48 -------- d-----w- c:\program files\CCleaner
2013-03-02 21:49 . 2013-02-04 21:49 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-03-02 21:42 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-03-02 21:42 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-03-02 21:42 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-03-02 21:42 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-03-02 21:33 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-03-02 21:25 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-03-02 21:25 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-03-02 21:25 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-03-02 21:25 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-03-02 21:25 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-03-02 21:25 . 2013-02-19 02:57 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B3AB9D6-4C61-4A67-A099-6B774918A909}\mpengine.dll
2013-03-02 21:25 . 2013-01-17 00:28 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-03-02 21:20 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-03-02 21:19 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-03-02 21:19 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-03-02 21:19 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-03-02 21:19 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-03-02 21:19 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-03-02 21:19 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-03-02 21:19 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-03-02 21:17 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2013-03-02 21:16 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2013-03-02 21:15 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2013-03-02 21:13 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2013-03-02 21:13 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2013-03-02 21:13 . 2010-11-20 13:25 296960 ----a-w- c:\windows\system32\rstrui.exe
2013-03-02 21:11 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-03-02 21:11 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-03-02 21:11 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2013-03-02 21:11 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2013-03-02 21:11 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2013-03-02 21:11 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2013-03-02 17:12 . 2013-03-02 17:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2013-03-02 16:26 . 2013-03-02 22:42 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-02 16:26 . 2013-03-02 22:42 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-02 16:26 . 2013-03-02 16:26 -------- d-----w- c:\windows\system32\Macromed
2013-03-02 16:12 . 2013-03-02 17:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-03-02 16:08 . 2013-03-02 16:08 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-02 16:08 . 2013-03-02 16:08 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-02 15:50 . 2013-02-28 08:36 263168 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-03-02 15:50 . 2013-02-28 08:36 22664 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-03-02 15:50 . 2013-02-28 08:36 127208 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-03-02 15:50 . 2013-02-18 08:41 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-03-02 15:45 . 2013-02-28 08:36 377992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-02 15:45 . 2013-02-28 08:36 33472 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-02 15:45 . 2013-02-28 08:36 68992 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-02 15:45 . 2013-02-28 08:36 71064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-02 15:45 . 2013-02-28 08:36 177672 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-02 15:45 . 2013-02-28 08:36 65408 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-02 15:45 . 2013-02-28 08:36 1025880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-02 15:45 . 2013-02-28 08:36 80888 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-02 15:45 . 2013-02-28 08:35 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-02 15:45 . 2013-02-28 08:36 41664 ----a-w- c:\windows\avastSS.scr
2013-03-02 15:45 . 2013-03-02 15:45 -------- d-----w- c:\program files\AVAST Software
2013-03-02 15:44 . 2013-03-02 15:45 -------- d-----w- c:\programdata\AVAST Software
2013-03-02 15:36 . 2013-03-02 15:36 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-03-02 15:17 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-03-02 15:17 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-03-02 15:17 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-03-02 15:11 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-03-02 15:11 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-03-02 15:11 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-03-02 15:11 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-03-02 15:11 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-03-02 15:11 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-03-02 15:11 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-03-02 15:11 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-03-02 15:11 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-03-02 15:10 . 2007-04-20 09:56 29696 ----a-r- c:\windows\system32\drivers\ewdcsc.sys
2013-03-02 15:10 . 2007-04-20 09:56 112384 ----a-r- c:\windows\system32\drivers\ewusbmdm.sys
2013-03-02 15:10 . 2013-03-02 15:10 -------- d-----w- c:\program files (x86)\T-Mobile
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-03 00:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-03 00:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-01-04 04:43 . 2013-03-02 21:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-05 98304]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-03-03 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-15 34160]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-01-07 232992]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-02-18 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-02-28 263168]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-05 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-02-28 136912]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-27 1811456]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys [2013-03-02 20592]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-04-28 932384]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-02 22:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-28 2120808]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://toshiba.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - c:\users\Besima\AppData\Roaming\Mozilla\Firefox\Profiles\9llfa3a1.default\
FF - ExtSQL: 2013-03-02 16:45; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-03-02 17:10; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Besima\AppData\Roaming\Mozilla\Firefox\Profiles\9llfa3a1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-03-02 17:11; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Besima\AppData\Roaming\Mozilla\Firefox\Profiles\9llfa3a1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-03-02 21:40; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Besima\AppData\Roaming\Mozilla\Firefox\Profiles\9llfa3a1.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-04 20:19:54
ComboFix-quarantined-files.txt 2013-03-04 19:19
.
Vor Suchlauf: 7 Verzeichnis(se), 122.863.706.112 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 122.641.354.752 Bytes frei
.
- - End Of File - - B26313F2B17C53435E8BAE66B54F07D6
|
|
04.03.2013, 21:01
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mehrere Unbekannte Kontos und Viren JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Mehrere Unbekannte Kontos und Viren |
| avast, benutzerkonten, computer, deaktiviert, frage, fragen, installiert, konto, lan, malwarebytes, namen, neu, notebook, problem, profis, rootkit, schädlinge, sicherheit, suche, systemwiederherstellung, unbekannte, unbekannte kontos, unbekannten, verbindung, viren, xbox |
WARNUNG an die MITLESER: 
Linear-Darstellung
