| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Polizei Virus auf Toshiba Labtop !Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.08.2013, 01:28
| #16 |
| /// Malware-holic   |  Polizei Virus auf Toshiba Labtop ! THX. es sind 2 Logs zu erstellen, möglichst gleichzeitig posten. 1. Scan mit Combofix
2. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 02:28
| #17 |
 | Polizei Virus auf Toshiba Labtop !Code:
ATTFilter ComboFix 13-08-07.01 - Christoph 08.08.2013 2:37.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1790.561 [GMT 2:00]
ausgeführt von:: c:\users\Christoph\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\users\Christoph\AppData\Roaming\7878.AAE
c:\windows\SysWow64\systeminfo.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-08 bis 2013-08-08 ))))))))))))))))))))))))))))))
.
.
2013-08-08 00:46 . 2013-08-08 00:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-08 00:38 . 2013-08-08 00:21 -------- d-----w- C:\FRST
2013-08-08 00:20 . 2013-08-08 00:21 -------- d-----w- c:\program files\WinRAR
2013-08-06 15:58 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E445B5A-8BCA-4E4D-B8AF-C0C69BD4865F}\mpengine.dll
2013-07-27 20:18 . 2013-07-27 20:18 -------- d-----w- c:\programdata\Plugins
2013-07-27 19:55 . 2013-07-27 19:55 -------- d-----w- c:\programdata\BlazeVideo
2013-07-27 19:55 . 2013-07-27 19:55 -------- d-----w- c:\program files (x86)\BlazeVideo
2013-07-27 19:49 . 2013-07-27 19:49 164736 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2013-07-11 22:03 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 22:02 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 22:01 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-11 22:01 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-11 23:02 . 2010-06-11 10:35 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-05-16 20:36 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 22:17 . 2013-05-15 22:17 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-15 22:17 . 2013-05-15 22:17 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-15 22:17 . 2013-05-15 22:17 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-15 22:17 . 2013-05-15 22:17 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-15 22:17 . 2013-05-15 22:17 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-15 22:17 . 2013-05-15 22:17 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-15 22:17 . 2013-05-15 22:17 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-15 22:17 . 2013-05-15 22:17 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-15 22:17 . 2013-05-15 22:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-15 22:17 . 2013-05-15 22:17 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-15 22:17 . 2013-05-15 22:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-15 22:17 . 2013-05-15 22:17 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-15 22:17 . 2013-05-15 22:17 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-15 22:17 . 2013-05-15 22:17 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-15 22:17 . 2013-05-15 22:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-15 22:17 . 2013-05-15 22:17 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-15 22:17 . 2013-05-15 22:17 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-15 22:17 . 2013-05-15 22:17 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-15 22:17 . 2013-05-15 22:17 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-15 22:17 . 2013-05-15 22:17 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-15 22:17 . 2013-05-15 22:17 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-15 22:17 . 2013-05-15 22:17 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-15 22:17 . 2013-05-15 22:17 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-15 22:17 . 2013-05-15 22:17 441856 ----a-w- c:\windows\system32\html.iec
2013-05-15 22:17 . 2013-05-15 22:17 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-15 22:17 . 2013-05-15 22:17 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-15 22:17 . 2013-05-15 22:17 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-15 22:17 . 2013-05-15 22:17 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-15 22:17 . 2013-05-15 22:17 235008 ----a-w- c:\windows\system32\url.dll
2013-05-15 22:17 . 2013-05-15 22:17 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-15 22:17 . 2013-05-15 22:17 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-15 22:17 . 2013-05-15 22:17 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-15 22:17 . 2013-05-15 22:17 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-15 22:17 . 2013-05-15 22:17 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-15 22:17 . 2013-05-15 22:17 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-15 22:17 . 2013-05-15 22:17 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-15 22:17 . 2013-05-15 22:17 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-15 22:17 . 2013-05-15 22:17 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-15 22:17 . 2013-05-15 22:17 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-15 22:17 . 2013-05-15 22:17 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-15 22:17 . 2013-05-15 22:17 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-15 22:17 . 2013-05-15 22:17 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-15 22:17 . 2013-05-15 22:17 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-15 22:17 . 2013-05-15 22:17 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-15 22:17 . 2013-05-15 22:17 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-15 22:17 . 2013-05-15 22:17 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-15 22:17 . 2013-05-15 22:17 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-15 22:17 . 2013-05-15 22:17 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-15 22:17 . 2013-05-15 22:17 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-15 22:15 . 2013-05-15 22:15 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-15 22:15 . 2013-05-15 22:15 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-15 22:15 . 2013-05-15 22:15 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-15 22:15 . 2013-05-15 22:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-15 22:15 . 2013-05-15 22:15 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-15 22:15 . 2013-05-15 22:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-15 22:15 . 2013-05-15 22:15 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-15 22:15 . 2013-05-15 22:15 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-15 22:15 . 2013-05-15 22:15 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-15 22:15 . 2013-05-15 22:15 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-15 22:15 . 2013-05-15 22:15 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-15 22:15 . 2013-05-15 22:15 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-15 22:15 . 2013-05-15 22:15 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-15 22:15 . 2013-05-15 22:15 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-15 22:15 . 2013-05-15 22:15 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-15 22:15 . 2013-05-15 22:15 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-15 22:15 . 2013-05-15 22:15 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-15 22:15 . 2013-05-15 22:15 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-05-15 22:15 . 2013-05-15 22:15 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-15 22:15 . 2013-05-15 22:15 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-15 22:15 . 2013-05-15 22:15 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-05-15 22:15 . 2013-05-15 22:15 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-15 22:15 . 2013-05-15 22:15 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-15 22:15 . 2013-05-15 22:15 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-05-15 22:15 . 2013-05-15 22:15 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-15 22:15 . 2013-05-15 22:15 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-05-15 22:15 . 2013-05-15 22:15 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-15 22:15 . 2013-05-15 22:15 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-05-15 22:15 . 2013-05-15 22:15 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-05-15 22:15 . 2013-05-15 22:15 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-05-13 05:51 . 2013-06-16 20:56 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-16 20:56 1464320 ----a-w- c:\windows\system32\crypt32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files (x86)\XfireXO\prxtbXfi0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 09:28 1307928 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\XfireXO\prxtbXfi0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-09-08 13:55 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files (x86)\XfireXO\prxtbXfi0.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-09-08 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"="c:\program files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" [2010-03-06 286720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-09 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-09-08 888488]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va003;X6va003;c:\users\CHRIST~1\AppData\Local\Temp\003D727.tmp;c:\users\CHRIST~1\AppData\Local\Temp\003D727.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-29 18:07]
.
2013-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-29 18:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:61313
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{630DBFAB-0E17-4EAF-BEA8-FC4DDD04DA41}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\zk441h3d.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61313
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-SmoothView - xc:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - xc:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - xc:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
AddRemove-IT9130 DriverInstaller_11.9.2.1 - c:\users\CHRIST~1\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\CHRIST~1\AppData\Local\Temp\003D727.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-08 02:59:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-08-08 00:59
.
Vor Suchlauf: 13 Verzeichnis(se), 32.005.672.960 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 31.545.618.432 Bytes frei
.
- - End Of File - - 0BA84AB08AD3496F9232EBA2CA35AD3B
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter 03:20:57.0468 2960 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
03:20:58.0201 2960 ============================================================
03:20:58.0201 2960 Current date / time: 2013/08/08 03:20:58.0201
03:20:58.0201 2960 SystemInfo:
03:20:58.0201 2960
03:20:58.0201 2960 OS Version: 6.1.7601 ServicePack: 1.0
03:20:58.0201 2960 Product type: Workstation
03:20:58.0201 2960 ComputerName: CHRISTOPHS
03:20:58.0201 2960 UserName: Christoph
03:20:58.0201 2960 Windows directory: C:\Windows
03:20:58.0201 2960 System windows directory: C:\Windows
03:20:58.0201 2960 Running under WOW64
03:20:58.0201 2960 Processor architecture: Intel x64
03:20:58.0201 2960 Number of processors: 1
03:20:58.0201 2960 Page size: 0x1000
03:20:58.0201 2960 Boot type: Normal boot
03:20:58.0201 2960 ============================================================
03:21:01.0571 2960 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:21:01.0586 2960 ============================================================
03:21:01.0586 2960 \Device\Harddisk0\DR0:
03:21:01.0586 2960 MBR partitions:
03:21:01.0586 2960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x950C800
03:21:01.0586 2960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x95D5000, BlocksNum 0x9444800
03:21:01.0586 2960 ============================================================
03:21:01.0649 2960 C: <-> \Device\Harddisk0\DR0\Partition1
03:21:01.0711 2960 D: <-> \Device\Harddisk0\DR0\Partition2
03:21:01.0711 2960 ============================================================
03:21:01.0711 2960 Initialize success
03:21:01.0711 2960 ============================================================
03:21:47.0310 3444 ============================================================
03:21:47.0310 3444 Scan started
03:21:47.0310 3444 Mode: Manual; SigCheck; TDLFS;
03:21:47.0310 3444 ============================================================
03:21:55.0032 3444 ================ Scan system memory ========================
03:21:55.0032 3444 System memory - ok
03:21:55.0048 3444 ================ Scan services =============================
03:21:58.0464 3444 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:21:59.0525 3444 1394ohci - ok
03:21:59.0572 3444 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:21:59.0603 3444 ACPI - ok
03:21:59.0681 3444 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:22:00.0149 3444 AcpiPmi - ok
03:22:00.0258 3444 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
03:22:00.0352 3444 adp94xx - ok
03:22:00.0414 3444 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
03:22:00.0632 3444 adpahci - ok
03:22:00.0710 3444 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
03:22:00.0788 3444 adpu320 - ok
03:22:00.0866 3444 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:22:01.0178 3444 AeLookupSvc - ok
03:22:01.0288 3444 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
03:22:01.0553 3444 AFD - ok
03:22:01.0709 3444 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
03:22:02.0177 3444 AgereSoftModem - ok
03:22:02.0239 3444 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
03:22:02.0380 3444 agp440 - ok
03:22:02.0426 3444 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
03:22:02.0645 3444 ALG - ok
03:22:02.0707 3444 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
03:22:02.0770 3444 aliide - ok
03:22:02.0894 3444 [ 98A2774D3F18C107874C8C1163EBE484 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
03:22:03.0191 3444 AMD External Events Utility - ok
03:22:03.0238 3444 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
03:22:03.0300 3444 amdide - ok
03:22:03.0362 3444 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
03:22:03.0643 3444 AmdK8 - ok
03:22:03.0721 3444 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
03:22:03.0815 3444 AmdPPM - ok
03:22:03.0893 3444 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:22:03.0986 3444 amdsata - ok
03:22:04.0033 3444 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
03:22:04.0189 3444 amdsbs - ok
03:22:04.0220 3444 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:22:04.0330 3444 amdxata - ok
03:22:04.0579 3444 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
03:22:04.0642 3444 AntiVirSchedulerService - ok
03:22:04.0751 3444 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
03:22:04.0798 3444 AntiVirService - ok
03:22:04.0954 3444 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
03:22:04.0985 3444 AntiVirWebService - ok
03:22:05.0063 3444 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
03:22:05.0531 3444 AppID - ok
03:22:05.0593 3444 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:22:05.0749 3444 AppIDSvc - ok
03:22:05.0843 3444 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
03:22:05.0999 3444 Appinfo - ok
03:22:06.0077 3444 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
03:22:06.0326 3444 arc - ok
03:22:06.0436 3444 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
03:22:06.0623 3444 arcsas - ok
03:22:06.0685 3444 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:22:06.0872 3444 AsyncMac - ok
03:22:06.0950 3444 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
03:22:06.0982 3444 atapi - ok
03:22:07.0512 3444 [ 173F4C05F87085E9BDA3F7037BC9F40E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
03:22:08.0323 3444 atikmdag - ok
03:22:08.0432 3444 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
03:22:08.0698 3444 AtiPcie - ok
03:22:08.0822 3444 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:22:08.0978 3444 AudioEndpointBuilder - ok
03:22:09.0041 3444 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:22:09.0150 3444 AudioSrv - ok
03:22:09.0337 3444 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
03:22:09.0400 3444 avgntflt - ok
03:22:09.0493 3444 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
03:22:09.0774 3444 avipbb - ok
03:22:09.0852 3444 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
03:22:10.0039 3444 avkmgr - ok
03:22:10.0117 3444 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:22:10.0554 3444 AxInstSV - ok
03:22:10.0632 3444 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
03:22:10.0819 3444 b06bdrv - ok
03:22:10.0960 3444 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:22:11.0084 3444 b57nd60a - ok
03:22:11.0334 3444 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
03:22:11.0381 3444 BBSvc - ok
03:22:11.0474 3444 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
03:22:11.0630 3444 BBUpdate - ok
03:22:11.0677 3444 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:22:11.0864 3444 BDESVC - ok
03:22:11.0974 3444 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:22:12.0098 3444 Beep - ok
03:22:12.0176 3444 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
03:22:12.0364 3444 BFE - ok
03:22:12.0504 3444 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
03:22:12.0676 3444 BITS - ok
03:22:12.0738 3444 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:22:12.0847 3444 blbdrive - ok
03:22:12.0910 3444 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:22:13.0097 3444 bowser - ok
03:22:13.0190 3444 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:22:13.0534 3444 BrFiltLo - ok
03:22:13.0580 3444 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:22:13.0752 3444 BrFiltUp - ok
03:22:13.0783 3444 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
03:22:14.0080 3444 BridgeMP - ok
03:22:14.0142 3444 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
03:22:14.0470 3444 Browser - ok
03:22:14.0548 3444 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:22:14.0704 3444 Brserid - ok
03:22:14.0735 3444 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:22:14.0953 3444 BrSerWdm - ok
03:22:15.0000 3444 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:22:15.0156 3444 BrUsbMdm - ok
03:22:15.0187 3444 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:22:15.0359 3444 BrUsbSer - ok
03:22:15.0406 3444 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
03:22:15.0593 3444 BTHMODEM - ok
03:22:15.0686 3444 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
03:22:16.0248 3444 bthserv - ok
03:22:16.0310 3444 catchme - ok
03:22:16.0373 3444 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:22:16.0482 3444 cdfs - ok
03:22:16.0576 3444 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:22:16.0747 3444 cdrom - ok
03:22:16.0825 3444 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
03:22:16.0997 3444 CertPropSvc - ok
03:22:17.0262 3444 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
03:22:17.0293 3444 cfWiMAXService - ok
03:22:17.0371 3444 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
03:22:17.0574 3444 circlass - ok
03:22:17.0683 3444 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
03:22:17.0730 3444 CLFS - ok
03:22:17.0855 3444 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:22:17.0933 3444 clr_optimization_v2.0.50727_32 - ok
03:22:18.0026 3444 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:22:18.0167 3444 clr_optimization_v2.0.50727_64 - ok
03:22:18.0354 3444 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:22:18.0432 3444 clr_optimization_v4.0.30319_32 - ok
03:22:18.0588 3444 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:22:18.0619 3444 clr_optimization_v4.0.30319_64 - ok
03:22:18.0697 3444 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:22:19.0150 3444 CmBatt - ok
03:22:19.0196 3444 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:22:19.0290 3444 cmdide - ok
03:22:19.0368 3444 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
03:22:19.0524 3444 CNG - ok
03:22:19.0586 3444 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
03:22:19.0633 3444 Compbatt - ok
03:22:19.0696 3444 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
03:22:19.0852 3444 CompositeBus - ok
03:22:19.0883 3444 COMSysApp - ok
03:22:19.0914 3444 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
03:22:19.0930 3444 ConfigFree Gadget Service - ok
03:22:20.0039 3444 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
03:22:20.0054 3444 ConfigFree Service - ok
03:22:20.0086 3444 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
03:22:20.0148 3444 crcdisk - ok
03:22:20.0242 3444 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:22:20.0351 3444 CryptSvc - ok
03:22:20.0413 3444 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:22:20.0522 3444 DcomLaunch - ok
03:22:20.0585 3444 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
03:22:20.0725 3444 defragsvc - ok
03:22:20.0788 3444 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:22:20.0990 3444 DfsC - ok
03:22:21.0068 3444 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
03:22:21.0178 3444 Dhcp - ok
03:22:21.0287 3444 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
03:22:21.0521 3444 discache - ok
03:22:21.0599 3444 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
03:22:21.0724 3444 Disk - ok
03:22:21.0802 3444 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:22:21.0926 3444 Dnscache - ok
03:22:22.0020 3444 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
03:22:22.0160 3444 dot3svc - ok
03:22:22.0238 3444 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
03:22:22.0348 3444 DPS - ok
03:22:22.0426 3444 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:22:22.0582 3444 drmkaud - ok
03:22:22.0784 3444 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:22:22.0894 3444 DXGKrnl - ok
03:22:22.0956 3444 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:22:23.0112 3444 EapHost - ok
03:22:23.0580 3444 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
03:22:23.0892 3444 ebdrv - ok
03:22:23.0955 3444 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
03:22:24.0142 3444 EFS - ok
03:22:24.0329 3444 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:22:24.0610 3444 ehRecvr - ok
03:22:24.0688 3444 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
03:22:24.0828 3444 ehSched - ok
03:22:25.0047 3444 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
03:22:25.0109 3444 elxstor - ok
03:22:25.0218 3444 [ 78D6694F98009400BCACCB5342848A67 ] emAudio C:\Windows\system32\drivers\emAudio64.sys
03:22:25.0327 3444 emAudio - ok
03:22:25.0390 3444 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:22:25.0483 3444 ErrDev - ok
03:22:25.0639 3444 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
03:22:25.0764 3444 EventSystem - ok
03:22:25.0873 3444 [ 23B79B19F49A037EBA4A9A3BB03ED91D ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
03:22:25.0998 3444 ewusbnet - ok
03:22:26.0076 3444 [ E2CBB821C7CAE0EF8B56DE28ED85C740 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
03:22:26.0232 3444 ew_hwusbdev - ok
03:22:26.0295 3444 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
03:22:26.0497 3444 exfat - ok
03:22:26.0544 3444 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:22:26.0700 3444 fastfat - ok
03:22:26.0841 3444 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
03:22:26.0965 3444 Fax - ok
03:22:27.0012 3444 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
03:22:27.0106 3444 fdc - ok
03:22:27.0199 3444 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:22:27.0324 3444 fdPHost - ok
03:22:27.0355 3444 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:22:27.0465 3444 FDResPub - ok
03:22:27.0496 3444 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:22:27.0558 3444 FileInfo - ok
03:22:27.0605 3444 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:22:27.0761 3444 Filetrace - ok
03:22:27.0792 3444 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
03:22:27.0917 3444 flpydisk - ok
03:22:28.0057 3444 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:22:28.0198 3444 FltMgr - ok
03:22:28.0369 3444 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
03:22:28.0510 3444 FontCache - ok
03:22:28.0619 3444 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:22:28.0806 3444 FontCache3.0.0.0 - ok
03:22:28.0884 3444 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:22:28.0962 3444 FsDepends - ok
03:22:29.0056 3444 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
03:22:29.0103 3444 fssfltr - ok
03:22:29.0383 3444 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
03:22:29.0524 3444 fsssvc - ok
03:22:29.0602 3444 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:22:29.0649 3444 Fs_Rec - ok
03:22:29.0773 3444 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:22:29.0914 3444 fvevol - ok
03:22:29.0976 3444 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
03:22:30.0023 3444 gagp30kx - ok
03:22:30.0210 3444 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
03:22:30.0351 3444 GameConsoleService - ok
03:22:30.0553 3444 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
03:22:30.0709 3444 gpsvc - ok
03:22:30.0928 3444 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:22:30.0959 3444 gupdate - ok
03:22:31.0021 3444 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:22:31.0053 3444 gupdatem - ok
03:22:31.0131 3444 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:22:31.0271 3444 hcw85cir - ok
03:22:31.0396 3444 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:22:31.0536 3444 HdAudAddService - ok
03:22:31.0583 3444 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
03:22:31.0661 3444 HDAudBus - ok
03:22:31.0723 3444 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
03:22:31.0786 3444 HidBatt - ok
03:22:31.0817 3444 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
03:22:31.0895 3444 HidBth - ok
03:22:31.0926 3444 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
03:22:31.0973 3444 HidIr - ok
03:22:32.0020 3444 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
03:22:32.0098 3444 hidserv - ok
03:22:32.0191 3444 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
03:22:32.0254 3444 HidUsb - ok
03:22:32.0316 3444 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:22:32.0488 3444 hkmsvc - ok
03:22:32.0581 3444 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:22:32.0737 3444 HomeGroupListener - ok
03:22:32.0831 3444 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:22:32.0971 3444 HomeGroupProvider - ok
03:22:33.0034 3444 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:22:33.0112 3444 HpSAMD - ok
03:22:33.0299 3444 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:22:33.0502 3444 HTTP - ok
03:22:33.0580 3444 [ 08B1A06A55F068A17A51BA26618CF50F ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
03:22:33.0705 3444 huawei_enumerator - ok
03:22:33.0751 3444 [ 6E5CD3984742A922D0C183C7E82C3C94 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
03:22:33.0907 3444 hwdatacard - ok
03:22:34.0001 3444 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:22:34.0032 3444 hwpolicy - ok
03:22:34.0126 3444 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
03:22:34.0204 3444 i8042prt - ok
03:22:34.0266 3444 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:22:34.0375 3444 iaStorV - ok
03:22:34.0641 3444 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:22:34.0828 3444 idsvc - ok
03:22:34.0875 3444 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
03:22:34.0953 3444 iirsp - ok
03:22:35.0046 3444 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
03:22:35.0218 3444 IKEEXT - ok
03:22:35.0592 3444 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
03:22:35.0889 3444 IntcAzAudAddService - ok
03:22:35.0982 3444 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
03:22:36.0091 3444 intelide - ok
03:22:36.0169 3444 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:22:36.0263 3444 intelppm - ok
03:22:36.0325 3444 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:22:36.0466 3444 IPBusEnum - ok
03:22:36.0559 3444 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:22:36.0762 3444 IpFilterDriver - ok
03:22:36.0871 3444 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:22:37.0012 3444 iphlpsvc - ok
03:22:37.0090 3444 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:22:37.0215 3444 IPMIDRV - ok
03:22:37.0261 3444 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:22:37.0417 3444 IPNAT - ok
03:22:37.0464 3444 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:22:37.0745 3444 IRENUM - ok
03:22:37.0776 3444 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:22:37.0854 3444 isapnp - ok
03:22:37.0932 3444 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:22:38.0026 3444 iScsiPrt - ok
03:22:38.0135 3444 [ 7CA3EFCC3BB3E9F2722D71947989B0B2 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
03:22:38.0275 3444 IT9135BDA - ok
03:22:38.0322 3444 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
03:22:38.0369 3444 kbdclass - ok
03:22:38.0416 3444 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
03:22:38.0556 3444 kbdhid - ok
03:22:38.0603 3444 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
03:22:38.0634 3444 KeyIso - ok
03:22:38.0681 3444 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:22:38.0759 3444 KSecDD - ok
03:22:38.0868 3444 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:22:38.0946 3444 KSecPkg - ok
03:22:39.0024 3444 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:22:39.0180 3444 ksthunk - ok
03:22:39.0336 3444 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
03:22:39.0523 3444 KtmRm - ok
03:22:39.0633 3444 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
03:22:39.0773 3444 LanmanServer - ok
03:22:39.0835 3444 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:22:39.0960 3444 LanmanWorkstation - ok
03:22:40.0069 3444 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:22:40.0147 3444 lltdio - ok
03:22:40.0241 3444 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:22:40.0413 3444 lltdsvc - ok
03:22:40.0459 3444 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:22:40.0569 3444 lmhosts - ok
03:22:40.0647 3444 [ 16679269303613C4CE7C8FF03413410F ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
03:22:40.0693 3444 LPCFilter - ok
03:22:40.0803 3444 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
03:22:40.0865 3444 LSI_FC - ok
03:22:40.0912 3444 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
03:22:40.0974 3444 LSI_SAS - ok
03:22:41.0021 3444 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:22:41.0099 3444 LSI_SAS2 - ok
03:22:41.0130 3444 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:22:41.0271 3444 LSI_SCSI - ok
03:22:41.0317 3444 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
03:22:41.0520 3444 luafv - ok
03:22:41.0583 3444 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:22:41.0692 3444 Mcx2Svc - ok
03:22:41.0739 3444 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
03:22:41.0801 3444 megasas - ok
03:22:41.0910 3444 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
03:22:41.0973 3444 MegaSR - ok
03:22:42.0035 3444 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
03:22:42.0207 3444 MMCSS - ok
03:22:42.0269 3444 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:22:42.0394 3444 Modem - ok
03:22:42.0487 3444 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:22:42.0534 3444 monitor - ok
03:22:42.0628 3444 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
03:22:42.0675 3444 mouclass - ok
03:22:42.0768 3444 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:22:42.0831 3444 mouhid - ok
03:22:42.0909 3444 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:22:42.0971 3444 mountmgr - ok
03:22:43.0252 3444 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:22:43.0345 3444 MozillaMaintenance - ok
03:22:43.0470 3444 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
03:22:43.0564 3444 mpio - ok
03:22:43.0626 3444 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:22:43.0751 3444 mpsdrv - ok
03:22:43.0938 3444 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:22:44.0063 3444 MpsSvc - ok
03:22:44.0110 3444 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:22:44.0203 3444 MRxDAV - ok
03:22:44.0297 3444 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:22:44.0422 3444 mrxsmb - ok
03:22:44.0531 3444 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:22:44.0609 3444 mrxsmb10 - ok
03:22:44.0656 3444 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:22:44.0734 3444 mrxsmb20 - ok
03:22:44.0812 3444 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
03:22:44.0874 3444 msahci - ok
03:22:44.0952 3444 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:22:45.0046 3444 msdsm - ok
03:22:45.0093 3444 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
03:22:45.0249 3444 MSDTC - ok
03:22:45.0342 3444 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:22:45.0451 3444 Msfs - ok
03:22:45.0498 3444 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:22:45.0607 3444 mshidkmdf - ok
03:22:45.0639 3444 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:22:45.0654 3444 msisadrv - ok
03:22:45.0748 3444 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:22:45.0841 3444 MSiSCSI - ok
03:22:45.0857 3444 msiserver - ok
03:22:45.0919 3444 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:22:45.0997 3444 MSKSSRV - ok
03:22:46.0060 3444 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:22:46.0138 3444 MSPCLOCK - ok
03:22:46.0153 3444 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:22:46.0247 3444 MSPQM - ok
03:22:46.0356 3444 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:22:46.0419 3444 MsRPC - ok
03:22:46.0497 3444 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
03:22:46.0528 3444 mssmbios - ok
03:22:46.0590 3444 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:22:46.0809 3444 MSTEE - ok
03:22:46.0855 3444 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:22:47.0027 3444 MTConfig - ok
03:22:47.0074 3444 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:22:47.0199 3444 Mup - ok
03:22:47.0308 3444 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
03:22:47.0417 3444 napagent - ok
03:22:47.0573 3444 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:22:47.0901 3444 NativeWifiP - ok
03:22:48.0072 3444 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:22:48.0150 3444 NDIS - ok
03:22:48.0228 3444 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:22:48.0478 3444 NdisCap - ok
03:22:48.0540 3444 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:22:48.0681 3444 NdisTapi - ok
03:22:48.0759 3444 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:22:48.0977 3444 Ndisuio - ok
03:22:49.0055 3444 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:22:49.0195 3444 NdisWan - ok
03:22:49.0227 3444 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:22:49.0367 3444 NDProxy - ok
03:22:49.0429 3444 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:22:49.0632 3444 NetBIOS - ok
03:22:49.0679 3444 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:22:49.0835 3444 NetBT - ok
03:22:49.0851 3444 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
03:22:49.0913 3444 Netlogon - ok
03:22:50.0022 3444 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
03:22:50.0163 3444 Netman - ok
03:22:50.0209 3444 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
03:22:50.0319 3444 netprofm - ok
03:22:50.0365 3444 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:22:50.0412 3444 NetTcpPortSharing - ok
03:22:50.0475 3444 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
03:22:50.0568 3444 nfrd960 - ok
03:22:50.0615 3444 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:22:50.0709 3444 NlaSvc - ok
03:22:50.0771 3444 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:22:50.0943 3444 Npfs - ok
03:22:50.0989 3444 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:22:51.0083 3444 nsi - ok
03:22:51.0099 3444 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:22:51.0270 3444 nsiproxy - ok
03:22:51.0379 3444 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:22:51.0489 3444 Ntfs - ok
03:22:51.0535 3444 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
03:22:51.0738 3444 Null - ok
03:22:51.0801 3444 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:22:51.0863 3444 nvraid - ok
03:22:51.0894 3444 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:22:51.0941 3444 nvstor - ok
03:22:52.0003 3444 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:22:52.0050 3444 nv_agp - ok
03:22:52.0191 3444 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
03:22:52.0253 3444 odserv - ok
03:22:52.0300 3444 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:22:52.0440 3444 ohci1394 - ok
03:22:52.0503 3444 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:22:52.0565 3444 ose - ok
03:22:52.0643 3444 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:22:52.0768 3444 p2pimsvc - ok
03:22:52.0846 3444 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:22:52.0955 3444 p2psvc - ok
03:22:53.0002 3444 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
03:22:53.0049 3444 Parport - ok
03:22:53.0095 3444 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:22:53.0173 3444 partmgr - ok
03:22:53.0220 3444 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:22:53.0314 3444 PcaSvc - ok
03:22:53.0361 3444 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
03:22:53.0376 3444 pci - ok
03:22:53.0423 3444 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
03:22:53.0454 3444 pciide - ok
03:22:53.0532 3444 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
03:22:53.0579 3444 pcmcia - ok
03:22:53.0610 3444 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:22:53.0626 3444 pcw - ok
03:22:53.0673 3444 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:22:53.0891 3444 PEAUTH - ok
03:22:54.0016 3444 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:22:54.0234 3444 PerfHost - ok
03:22:54.0297 3444 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
03:22:54.0406 3444 PGEffect - ok
03:22:54.0531 3444 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
03:22:54.0702 3444 pla - ok
03:22:54.0765 3444 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:22:54.0905 3444 PlugPlay - ok
03:22:54.0936 3444 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:22:55.0061 3444 PNRPAutoReg - ok
03:22:55.0092 3444 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:22:55.0123 3444 PNRPsvc - ok
03:22:55.0170 3444 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:22:55.0373 3444 PolicyAgent - ok
03:22:55.0435 3444 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
03:22:55.0529 3444 Power - ok
03:22:55.0591 3444 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:22:55.0716 3444 PptpMiniport - ok
03:22:55.0747 3444 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
03:22:55.0919 3444 Processor - ok
03:22:56.0013 3444 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
03:22:56.0106 3444 ProfSvc - ok
03:22:56.0122 3444 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:22:56.0153 3444 ProtectedStorage - ok
03:22:56.0247 3444 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:22:56.0340 3444 Psched - ok
03:22:56.0403 3444 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
03:22:56.0621 3444 ql2300 - ok
03:22:56.0683 3444 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
03:22:56.0761 3444 ql40xx - ok
03:22:56.0871 3444 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
03:22:57.0042 3444 QWAVE - ok
03:22:57.0073 3444 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:22:57.0198 3444 QWAVEdrv - ok
03:22:57.0229 3444 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:22:57.0385 3444 RasAcd - ok
03:22:57.0479 3444 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:22:57.0744 3444 RasAgileVpn - ok
03:22:57.0807 3444 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
03:22:58.0041 3444 RasAuto - ok
03:22:58.0181 3444 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:22:58.0384 3444 Rasl2tp - ok
03:22:58.0446 3444 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
03:22:58.0602 3444 RasMan - ok
03:22:58.0665 3444 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:22:58.0805 3444 RasPppoe - ok
03:22:58.0836 3444 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:22:58.0961 3444 RasSstp - ok
03:22:58.0992 3444 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:22:59.0335 3444 rdbss - ok
03:22:59.0382 3444 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:22:59.0569 3444 rdpbus - ok
03:22:59.0616 3444 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:22:59.0788 3444 RDPCDD - ok
03:22:59.0835 3444 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:22:59.0975 3444 RDPENCDD - ok
03:23:00.0022 3444 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:23:00.0131 3444 RDPREFMP - ok
03:23:00.0178 3444 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:23:00.0318 3444 RDPWD - ok
03:23:00.0365 3444 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:23:00.0427 3444 rdyboost - ok
03:23:00.0474 3444 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:23:00.0708 3444 RemoteAccess - ok
03:23:00.0755 3444 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:23:00.0911 3444 RemoteRegistry - ok
03:23:00.0942 3444 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:23:01.0036 3444 RpcEptMapper - ok
03:23:01.0083 3444 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
03:23:01.0145 3444 RpcLocator - ok
03:23:01.0207 3444 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
03:23:01.0254 3444 RpcSs - ok
03:23:01.0317 3444 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:23:01.0457 3444 rspndr - ok
03:23:01.0504 3444 RSUSBSTOR - ok
03:23:01.0551 3444 [ 483C537E69FA97C77F7FE0E2E1C1F102 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
03:23:01.0629 3444 RTHDMIAzAudService - ok
03:23:01.0675 3444 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
03:23:01.0831 3444 RTL8167 - ok
03:23:01.0878 3444 [ 089AA94966A6E8F054D4AC734533BE28 ] RTL8187Se C:\Windows\system32\DRIVERS\RTL8187Se.sys
03:23:02.0019 3444 RTL8187Se - ok
03:23:02.0097 3444 RtsUIR - ok
03:23:02.0128 3444 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
03:23:02.0159 3444 SamSs - ok
03:23:02.0221 3444 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:23:02.0253 3444 sbp2port - ok
03:23:02.0315 3444 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:23:02.0455 3444 SCardSvr - ok
03:23:02.0502 3444 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:23:02.0705 3444 scfilter - ok
03:23:02.0861 3444 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
03:23:02.0986 3444 Schedule - ok
03:23:03.0033 3444 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:23:03.0126 3444 SCPolicySvc - ok
03:23:03.0173 3444 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:23:03.0516 3444 SDRSVC - ok
03:23:03.0594 3444 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:23:03.0735 3444 secdrv - ok
03:23:03.0797 3444 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
03:23:03.0922 3444 seclogon - ok
03:23:03.0969 3444 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
03:23:04.0093 3444 SENS - ok
03:23:04.0156 3444 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:23:04.0249 3444 SensrSvc - ok
03:23:04.0281 3444 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:23:04.0390 3444 Serenum - ok
03:23:04.0437 3444 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:23:04.0530 3444 Serial - ok
03:23:04.0593 3444 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
03:23:04.0686 3444 sermouse - ok
03:23:04.0764 3444 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
03:23:04.0920 3444 SessionEnv - ok
03:23:04.0983 3444 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:23:05.0092 3444 sffdisk - ok
03:23:05.0139 3444 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:23:05.0435 3444 sffp_mmc - ok
03:23:05.0482 3444 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:23:05.0591 3444 sffp_sd - ok
03:23:05.0653 3444 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
03:23:05.0778 3444 sfloppy - ok
03:23:05.0887 3444 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:23:06.0012 3444 SharedAccess - ok
03:23:06.0059 3444 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:23:06.0153 3444 ShellHWDetection - ok
03:23:06.0199 3444 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:23:06.0262 3444 SiSRaid2 - ok
03:23:06.0277 3444 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
03:23:06.0293 3444 SiSRaid4 - ok
03:23:06.0324 3444 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:23:06.0465 3444 Smb - ok
03:23:06.0511 3444 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:23:06.0636 3444 SNMPTRAP - ok
03:23:06.0667 3444 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:23:06.0730 3444 spldr - ok
03:23:06.0777 3444 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
03:23:06.0870 3444 Spooler - ok
03:23:07.0011 3444 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
03:23:07.0198 3444 sppsvc - ok
03:23:07.0245 3444 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:23:07.0354 3444 sppuinotify - ok
03:23:07.0447 3444 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
03:23:07.0541 3444 srv - ok
03:23:07.0635 3444 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:23:07.0759 3444 srv2 - ok
03:23:07.0822 3444 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:23:07.0947 3444 srvnet - ok
03:23:08.0009 3444 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:23:08.0165 3444 SSDPSRV - ok
03:23:08.0181 3444 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:23:08.0321 3444 SstpSvc - ok
03:23:08.0368 3444 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
03:23:08.0399 3444 stexstor - ok
03:23:08.0446 3444 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
03:23:08.0524 3444 stisvc - ok
03:23:08.0571 3444 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
03:23:08.0680 3444 swenum - ok
03:23:08.0742 3444 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
03:23:08.0914 3444 swprv - ok
03:23:09.0101 3444 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
03:23:09.0273 3444 SynTP - ok
03:23:09.0429 3444 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
03:23:09.0631 3444 SysMain - ok
03:23:09.0678 3444 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:23:09.0756 3444 TabletInputService - ok
03:23:09.0850 3444 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
03:23:09.0975 3444 TapiSrv - ok
03:23:10.0021 3444 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
03:23:10.0162 3444 TBS - ok
03:23:10.0380 3444 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:23:10.0708 3444 Tcpip - ok
03:23:10.0942 3444 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:23:11.0035 3444 TCPIP6 - ok
03:23:11.0160 3444 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:23:11.0301 3444 tcpipreg - ok
03:23:11.0441 3444 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
03:23:11.0503 3444 tdcmdpst - ok
03:23:11.0581 3444 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:23:11.0675 3444 TDPIPE - ok
03:23:11.0737 3444 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:23:11.0800 3444 TDTCP - ok
03:23:11.0862 3444 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:23:12.0003 3444 tdx - ok
03:23:12.0081 3444 [ 63B4F544664DC5154FDA4213E2AF09D0 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
03:23:12.0127 3444 TemproMonitoringService - ok
03:23:12.0174 3444 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
03:23:12.0237 3444 TermDD - ok
03:23:12.0424 3444 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
03:23:12.0689 3444 TermService - ok
03:23:12.0751 3444 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
03:23:12.0814 3444 Themes - ok
03:23:12.0845 3444 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
03:23:12.0939 3444 THREADORDER - ok
03:23:13.0126 3444 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
03:23:13.0219 3444 TMachInfo - ok
03:23:13.0329 3444 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
03:23:13.0360 3444 TODDSrv - ok
03:23:13.0531 3444 [ 4DB8C79BCEA76063B83B13410366A1F7 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
03:23:13.0563 3444 TosCoSrv - ok
03:23:13.0687 3444 [ DD58E1250F604CBBADDA04575E5E2376 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
03:23:13.0734 3444 TOSHIBA HDD SSD Alert Service - ok
03:23:13.0812 3444 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
03:23:13.0890 3444 tos_sps64 - ok
03:23:13.0953 3444 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
03:23:14.0015 3444 TrkWks - ok
03:23:14.0124 3444 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:23:14.0218 3444 TrustedInstaller - ok
03:23:14.0280 3444 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:23:14.0436 3444 tssecsrv - ok
03:23:14.0561 3444 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:23:14.0686 3444 TsUsbFlt - ok
03:23:14.0795 3444 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:23:14.0889 3444 tunnel - ok
03:23:14.0982 3444 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
03:23:15.0029 3444 TVALZ - ok
03:23:15.0091 3444 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
03:23:15.0107 3444 uagp35 - ok
03:23:15.0154 3444 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:23:15.0325 3444 udfs - ok
03:23:15.0403 3444 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:23:15.0591 3444 UI0Detect - ok
03:23:15.0684 3444 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:23:15.0825 3444 uliagpkx - ok
03:23:15.0903 3444 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
03:23:15.0981 3444 umbus - ok
03:23:16.0043 3444 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
03:23:16.0121 3444 UmPass - ok
03:23:16.0261 3444 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
03:23:16.0417 3444 upnphost - ok
03:23:16.0605 3444 [ E68ADC602CD39B28AE844131A3D3762C ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
03:23:16.0714 3444 USB28xxBGA - ok
03:23:16.0761 3444 [ 859A05F09F7D5CAD8B77D4563CE53E51 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
03:23:16.0823 3444 USB28xxOEM - ok
03:23:16.0885 3444 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:23:16.0979 3444 usbccgp - ok
03:23:16.0995 3444 USBCCID - ok
03:23:17.0073 3444 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:23:17.0135 3444 usbcir - ok
03:23:17.0182 3444 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
03:23:17.0244 3444 usbehci - ok
03:23:17.0322 3444 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:23:17.0400 3444 usbhub - ok
03:23:17.0447 3444 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
03:23:17.0494 3444 usbohci - ok
03:23:17.0541 3444 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:23:17.0619 3444 usbprint - ok
03:23:17.0681 3444 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:23:17.0775 3444 USBSTOR - ok
03:23:17.0821 3444 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:23:17.0884 3444 usbuhci - ok
03:23:17.0977 3444 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
03:23:18.0071 3444 usbvideo - ok
03:23:18.0118 3444 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
03:23:18.0243 3444 UxSms - ok
03:23:18.0274 3444 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
03:23:18.0305 3444 VaultSvc - ok
03:23:18.0383 3444 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:23:18.0445 3444 vdrvroot - ok
03:23:18.0555 3444 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
03:23:18.0695 3444 vds - ok
03:23:18.0804 3444 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:23:18.0945 3444 vga - ok
03:23:18.0991 3444 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
03:23:19.0101 3444 VgaSave - ok
03:23:19.0210 3444 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:23:19.0335 3444 vhdmp - ok
03:23:19.0381 3444 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
03:23:19.0491 3444 viaide - ok
03:23:19.0522 3444 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:23:19.0662 3444 volmgr - ok
03:23:19.0756 3444 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:23:19.0881 3444 volmgrx - ok
03:23:20.0005 3444 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:23:20.0146 3444 volsnap - ok
03:23:20.0317 3444 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
03:23:20.0489 3444 vsmraid - ok
03:23:20.0926 3444 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
03:23:21.0316 3444 VSS - ok
03:23:21.0378 3444 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:23:21.0628 3444 vwifibus - ok
03:23:21.0659 3444 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:23:21.0815 3444 vwififlt - ok
03:23:22.0112 3444 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
03:23:22.0439 3444 vwifimp - ok
03:23:22.0595 3444 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
03:23:22.0845 3444 W32Time - ok
03:23:22.0907 3444 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
03:23:22.0970 3444 WacomPen - ok
03:23:23.0048 3444 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:23:23.0141 3444 WANARP - ok
03:23:23.0188 3444 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:23:23.0282 3444 Wanarpv6 - ok
03:23:23.0438 3444 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
03:23:23.0578 3444 WatAdminSvc - ok
03:23:23.0718 3444 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
03:23:23.0890 3444 wbengine - ok
03:23:23.0968 3444 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:23:24.0046 3444 WbioSrvc - ok
03:23:24.0155 3444 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:23:24.0264 3444 wcncsvc - ok
03:23:24.0311 3444 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:23:24.0374 3444 WcsPlugInService - ok
03:23:24.0452 3444 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
03:23:24.0498 3444 Wd - ok
03:23:24.0670 3444 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:23:24.0764 3444 Wdf01000 - ok
03:23:24.0857 3444 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:23:25.0013 3444 WdiServiceHost - ok
03:23:25.0044 3444 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:23:25.0107 3444 WdiSystemHost - ok
03:23:25.0154 3444 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
03:23:25.0263 3444 WebClient - ok
03:23:25.0325 3444 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:23:25.0466 3444 Wecsvc - ok
03:23:25.0512 3444 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:23:25.0637 3444 wercplsupport - ok
03:23:25.0700 3444 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:23:25.0824 3444 WerSvc - ok
03:23:25.0887 3444 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:23:25.0980 3444 WfpLwf - ok
03:23:26.0027 3444 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:23:26.0043 3444 WIMMount - ok
03:23:26.0090 3444 WinDefend - ok
03:23:26.0121 3444 WinHttpAutoProxySvc - ok
03:23:26.0277 3444 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:23:26.0386 3444 Winmgmt - ok
03:23:26.0558 3444 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
03:23:26.0760 3444 WinRM - ok
03:23:26.0854 3444 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:23:26.0932 3444 WinUsb - ok
03:23:27.0119 3444 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
03:23:27.0213 3444 Wlansvc - ok
03:23:27.0275 3444 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
03:23:27.0322 3444 wlcrasvc - ok
03:23:27.0650 3444 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:23:27.0821 3444 wlidsvc - ok
03:23:27.0884 3444 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
03:23:27.0962 3444 WmiAcpi - ok
03:23:28.0102 3444 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:23:28.0242 3444 wmiApSrv - ok
03:23:28.0320 3444 WMPNetworkSvc - ok
03:23:28.0367 3444 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:23:28.0586 3444 WPCSvc - ok
03:23:28.0648 3444 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:23:28.0788 3444 WPDBusEnum - ok
03:23:28.0882 3444 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:23:29.0132 3444 ws2ifsl - ok
03:23:29.0241 3444 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
03:23:29.0506 3444 wscsvc - ok
03:23:29.0522 3444 WSearch - ok
03:23:29.0927 3444 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
03:23:30.0130 3444 wuauserv - ok
03:23:30.0208 3444 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:23:30.0395 3444 WudfPf - ok
03:23:30.0489 3444 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:23:30.0801 3444 WUDFRd - ok
03:23:30.0863 3444 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:23:30.0941 3444 wudfsvc - ok
03:23:31.0004 3444 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
03:23:31.0082 3444 WwanSvc - ok
03:23:31.0331 3444 X6va003 - ok
03:23:31.0534 3444 ================ Scan global ===============================
03:23:31.0643 3444 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:23:31.0815 3444 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
03:23:31.0862 3444 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
03:23:31.0908 3444 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:23:32.0111 3444 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:23:32.0142 3444 [Global] - ok
03:23:32.0142 3444 ================ Scan MBR ==================================
03:23:32.0205 3444 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:23:32.0844 3444 \Device\Harddisk0\DR0 - ok
03:23:32.0860 3444 ================ Scan VBR ==================================
03:23:32.0891 3444 [ 1D9AA3103A69C54E528DA854736DD6A7 ] \Device\Harddisk0\DR0\Partition1
03:23:32.0891 3444 \Device\Harddisk0\DR0\Partition1 - ok
03:23:32.0922 3444 [ 7E0F73CDEDE1FBE897B75A757561878D ] \Device\Harddisk0\DR0\Partition2
03:23:32.0954 3444 \Device\Harddisk0\DR0\Partition2 - ok
03:23:32.0954 3444 ============================================================
03:23:32.0954 3444 Scan finished
03:23:32.0954 3444 ============================================================
03:23:33.0000 0592 Detected object count: 0
03:23:33.0000 0592 Actual detected object count: 0
03:25:56.0931 3540 Deinitialize success
|
|
08.08.2013, 12:47
| #18 |
| /// Malware-holic | Polizei Virus auf Toshiba Labtop ! Hi,
__________________die folgenen Schritte mit dem Besitzer abarbeiten. Es folgt gleich eine Anleitung zu FRST, und eine Zusatzinfo für die Additionals.txt. mir würde es erst mal reichen, wenn ihr diese Zusatzinfo abarbeitet und mir postet. Empfehlungen fürs Deinstallieren Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
| Themen zu Polizei Virus auf Toshiba Labtop ! |
| anleitung, bios, hilfe, kollege, kriege, labtop, leitung, polizei, polizei virus, problem, programm, toshiba, virus |
WARNUNG an die MITLESER: 
Linear-Darstellung
